Assessment Of Risk And Security Solutions For Information Technology System

Benefits and Disadvantages of Information Technology Platform

The technology of information technology has been ever evolving since the last decade. This evolving nature of the technology has forced many benefits for the users of the platform of the information technology for the purpose of communication and server maintenance. With the benefits, that the users enjoy the disadvantage of using the I formation technology comes in disguise in terms of security and privacy of the data that are store in the data base of the computing system that makes use of the platform of information technology (Scully, 2014). A hefty amount of information is stored in the cumber space in today’s society. This is because people across the globe can easily gain access to the data that are stored in the cyberspace. Before the 20th century gathering information about a particular topic was very difficult as the data were not present in the universal  platform of the cyberspace. People used to g through books and magazine and the history books in order to gain authenticated and authorized data about the servers that the user wants to gain knowledge regarding a particular topic. In today’s society the required information can be gained without performing any kind of tedious job by just accessing the platform of information technology for the searching of the data. People can also storing of data that are private in nature. The major issue of the cyber space lies to the point that the platform that the cyberspace proved is not much robust in nature. This ensures the fact that the imposters can gain access to the data that are stored in the cyberspace without any proper kind of authentication processing of the data. The data that are stored in the platform of the information technology ensures the fact that there are many barriers to the unauthenticated access to the data. Despite this barriers it fails to stop the imposters to gain access  to  the data which are stored in the database of the cyberspace (Szwed and Skrzy?ski, 2014). This acts to the cyber crime that is caused by the cyber criminal to gain the personalized data in order to earn profit from the data. Another motive that strongly affects the imposters to gain unauthenticated access to the data of genuine clients is that the imposters can track the users of the account and stalk the genuine user and harm eh client who has been using the data base that is dependent on the platform of the information technology. This report will discuss about the assessment of risk in case of information technology security. This report will also discuss about the security solutions of the information technology system. This report will further provide a review of the mechanism that is undergone for the organization of the information technology security. This report will further delve unto the fact of essentiality of the organizational security in order to keep the data of the organization protected that is stored in the platform of the Information technology (Oltsik, 2014).

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

Cyber Crime and Imposters

This aspect of using the computing system by the imposter that are not authorized to them acts as the major threat to the client in the terms f security. This aspect takes into consideration the fact that the cyber criminal gets the access of the computing system that the genuine client has been using in order to gain the access to the data that the client has been performing the task.  The cyber criminal gains the data regarding the desired project from the computing system of the genuine client. On gaining this unauthorized access the imposter modulate the data that are stored in the computing system leading to the fact that the genuine client fails to deliver the project on which the client was performing with accuracy (Fennelly, 2016). This leads to eh decreasing of the efficiency of the client. Another motive of the imposter is that the cyber criminal gains the access to the data and the transfer the data to his own computing system. This ensures the fact that the imposer can now act on behalf of the genuine client in an unauthenticated manner and destroy the goodwill of the client. The imposter can also make money from the data that they collect from the computing system of the clients who has been using the platform of the data base of the information technology.

The imposters who has been gaining access to the computing system of the client has the initial motive of gaining access to the data. The data that are stored in the computing system are copied from the computing system of the genuine client. This aspect takes into consideration the fact that  imposters who are trying to gain  the access of the computing system gets the access to the computing system taking into consideration the fact that the firewall r the security measures that are used in networking system are not up to the mark or the software that is being used is not the latest version available n the market. This fact ensures that the data that are stored in the computing system  can be copied by the imposters and made use of the data in unauthenticated way. This also ensures that on getting the access to the data, the imposters can also modulate the same data in order to create a conflict among the clients and the data storage organization. The aspect also leads to the cause that the data that are stored in the computing system are copied from that computing system which leads to the fact that the imposter acts as the original owner of the data (Barkley, 2016). The imposter can also dictate the terms to the authenticated owner of the data and blackmail the client for paying huge amount of money to refrain the data from the imposters.

Security Solutions for Information Technology System

The major concern in the case of cyber attack is that the destruction of the data that are stored in the database cyberspace. The data that are stored in the cyberspace are the liability of the  users as the accounting information of the genuine clients are stored in the processing of the database of the cyberspace. The imposters make use of methods that are illegal to gain access to the assets of the client in order to destroy the possessions of the clients. The security of the assets are at stake due to the factor that the lack of robustness of the infrastructure of the database that frames the cyberspace. The assets that are present in the database of the infrastructure of the cyberspace are not as robust as the infrastructure should have been which leads to the fact that the assets of the clients are not very well protected and the security of the physical assets of the clients is at stake due to the increasing potentials of the imposters (Van Tilborg, and Jajodia, 2014).

The best way to make the computing system robust s by combining the business organization  against the cyber crimes that has been happening in corporate sector of the industry. This is done by the means of the outsourcing the information technology framework among the companies that are collaborated to sustain the cyber attack that possess threat to the database of the organization. The data that are stored in the database of the organization after the installation of the robust framework frame work as it helped the database to gain the robustness of the cyberspace of the company.    

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

The data that are stored in the infrastructure of the database are not always well secured which leads to the fact that the imposters can gain access to the data and modulate the same. In order to get rid of this problem the major technological terminology that is taken into consideration is the processing of keeping a back up for the data (Aston, 2017). This takes into consideration the fact that the backup methodology helps in the fact of restoring the data that gets lost in the cyber attack that is possessed by the cyber criminals. The fact that the backup keeps the record of the data that might get lost in the working of the data  processing.      

The testing procedure that of the security of the database of the cyberspace is the most important fact of the data security aspect of the organization. This aspect takes into consideration the fact that the proper testing of the framework of the database takes into consideration the fact that the proper testing of the database requires the proper testing of the robustness of the database (Wang, Yu, 2016). This will ensure the fact that the data that is stored in the database of the platform of information technology is tested to its limits in order to prevent the imposters to gain the unauthenticated access to the system.

Testing and Maintenance of the Database

The auditing of the task plays a major role in the processing of the expenses that will be required for the maintenance of the security of the database (Perlman, Kaufman and Speciner, 2016). This audit expenses that are made includes the expense of outsourcing of the infrastructure of the database. This auditing is performed in order to perform the processing of the data that are stored in eh database of the organization.

The ma feature acts to be the object orientation of the database. The database that is being used for the performing the data storage of the organization takes into consideration the platform that is built with the help of the object oriented programming language which helps in the proper functioning of the data base of the organization (Mearsheimer, 2016). This feature ensures the efficiency of the database is maintained with proper advancement of the infrastructural progress in the data string of the organization. The organization takes into consideration the fact that the data base that are built with the help of the object based programming language is more efficient in nature. This acts to be the major reason for the database to serve the proficiency of the organization who has been deploying the strategy.

NAT is abbreviated as the Network Address Translation. The main function f NAT is to translate the IP address of the computing system to the IP address that is completely associated with the IP address of the local networking system (Wang, Y., Fakhry, R. and Anderl, R., 2017).  The router to connect the computers with the local internet connection uses the IP address that is generated by the local networking system.  The router is not only connected to the computing systems but also connected to the DSL modems that are associated with the networking system. The dial-up modem also acts as one of the most fundamental appliance that is connected to the router of the system. in case of the other networking systems trying to access the data from the networking system that us connected to the computing system with a particular IP address the IP address indicates the trial of the accessing of the networking system. The extra level of security is added t the networking system with the help of the installation of the firewall.    

DMZ is abbreviated as Demilitarized Zone. This layer acts as the medieval layer between the computing network and the intranet layer of the public networking system. This channel sensors the act that the data that is transferred is transact-ted safely. The host of the DMZ can be either a single host or a dual host operating system. The main purpose of the DMZ is to ensure the fact that the access to the intranet networking from the external sites are prohibited in order access of the external interference in the networking of the system. This is done by separating the networking system of the intranet from the host LAN in order to maintain the security of the database (Ahson and Ilyas, 2017).

Object Orientation and NAT as Important Features

FWs are abbreviated as Free Web Space of the framework of the organization. This will ensure the fact that the website hosting is free and the advertisements are supported in the free webs pacing of the subscribed website. This  ensures the fact that the web hosting does not make the complete usage of the advertisement that are being attached to the web hosting in order to maintain the proficiency of the web hosting service.

RAID is broadly classified in five broad categories namely: –

  • RAID 0: The main purpose of RAID 0 is to strip data across two or more drivers. The parity is not supported in this form of the compliance. The major advantage is that this form provides good read and write acceptance but does not  support the data redundancy.
  • RAID 0+1: the main purpose  of RAID 1 is to mirror data from two or more drivers. The main advantage of the RAID 1 is that it supports multiple porting of the data which leads to the enhancement of the security of the data base (Mearsheimer, 2016).
  • RAID 1+0: Is a mirrored set in a striped set. RAID 0+1 creates a striped set from a series of mirrored drives. The main advantage of this networking system is that all the ports are in use which accepts the fact that the efficiency of the data security increases.
  • RAID 3: the main functioning is to strip the byte-level with a dedicated parity disk. This acts to be a unique feature in this system. The major disadvantage of this system is that the parity disk is the minor bottleneck and must be written every single time the data is updated.
  • RAID 4: the main function is the stripping of the data using the measure of the block-level stripping attribute. This kind of system has a dedicated parity disk. The major advantage of this system is that the access of the data is improved with the block-level stripping (Line and Moe, 2015)
  • .

Standby is a mode that acts as the procedural functioning of the computing system. This mode keeps the computing system readily available for the functioning of the networking system. The system can be used whenever required when the system is in standby mode by rescuing the access to the networking system (Crampton, 2015). The shortcomings are maintained due to the fact that the computing system is ever active in this mode. A system may be on standby in case of failure, shortage or other similar events. Examples of standby include standby power, standby machine, standby server, standby mode, standby component, standby database and standby equipment.       

In case of Dual LAN the computer system is connected within the network which provides the internet from the server. The main function of Dual LAN is that the server connection that is made across the network and the computing system are capable of transferring data in both the direction. This enables the sharing of the data in a much efficient way.

The major advantage of the using the Asset management in the processing if ted at security is that the data that is used in this aspect increases the efficiency if the functioning of the operation of the product which ensures the fact that functioning of the data centers are performed with utmost proficiency (Benson and Rahman, 2015). This aspect of Asset Management also helps the organization to improve the productivity of the IT staffing of the product. The major reason of the asset management is to enable the proactive layer of protection over the loss of IT assets. This strategy also ensures the fact that the data that are stored in this platform are much secured and the data acts as the primary asset to the organization. The cost of the data restoration acts as the major reason of the usage of the asset management technology.    

Image differentiation has been acting as technology to safeguard the data of the organization form the imposters. This technology uses the face processing technology to allow access to the database of the organization. This ensures the fact that only the genuine client as the processor can access the data that is stored in the database will initially scan the face of the client and compare with the image that has been stored in the database of the system. In as the image matches with the reference image the data base allows the individual to get access to the database.. in case of mismatch the data system is blocked.

SAN Services is abbreviated as the Storage Area Networking Service. This technology is used for performing the business with higher flexibilities in the database of the system. The raw storage of the data is used for the succession of the data storing capabilities. This specific function helps the service in storing the data across a network of a computing system (Berger, 2014).

Data replication is a process of copying the entire data from on location of the database to another location of the database. This technology is mainly used for the updating of the database of the multi national organizations, who find it difficult to maintain a database in a stretch.

Data virtualization acts as the process that ensures the data aggregation from different source of the system. This technology then develops the factor of the information stocking. This process helps in gaining a stock of the data. This factor ensures the prospect of the virtual view of the information (Mearsheimer, 2016). This processing ensures that the front end solutions that enhances the virtualization of the application. The dashboards and the portals of the organization also enjoy the feature of virtualization, which increases the proficiency of the organization.

Secure Transport protocol provides the communication security as the client and the application, which enhances the communication of the internet processing. This factor enables the privacy of the documentation to be protected from the cyber criminals with the help of the Secure Socket Layer (SSL).

MPLS is abbreviated as the Multi Protocol Label Switching. This switching protocol enhances the traffic routing mechanism. This methodology helps in the processing of the telecom network. This aspect helps the data that is related to the customer to stay separated from the data that are used for the specification of customer data related to the direct packet related to the pre-determined path of the networking system (Van Tilborg, and Jajodia, 2014). The security of the Multi Protocol Level Sourcing has been acting as the major concern for the processing of the flaws. The security of the path determines the mis configuration in the infrastructure of the system. This mis configuration after getting analyzed is configured correctly as per the need of the desired requirement.

Remote access method instills the quality of the getting access to the networking system f the computers within a distance that lies under the range of the remote accessibility network zone. This technology finds its usage in the field of the telecommuters, corporate sector for performing the task efficiently. The secondary usage of the system is due to the processing of the corporation networking.

The installation of the UNIX does not run in the aspect of the privacy detection technique. Logging of the facilities and the expenses are progressed in the terminology of the disk storage capabilities (Van Tilborg, and Jajodia, 2014). The processing time of the project will ensure the fact that the cost that is associated with the processing time is regulated with the audit trial method.

Honeypot acts as the trap for the imposters who intend on performing cyber crimes in the duration of performing the cyber crime. The main theme of this projection is that this platform acts as the computing system which behaves as a real time computing system but the computing system in hand is a close networking system which is closely monitored by the cyber security department in order to get hold of the cyber criminal.

C4.5 is embarked as one of the best algorithm for the functioning of the data mining. C4.5 is the algorithm that is used for the purpose of data mining with the processing of the classifier. The classifier acts as a tool that helps in the formation of the decision tree. The supposed database ensures the fact that the data that are accessed during the processing of the VO2 max (Szwed and Skrzy?ski, 2014).

Network Change management is a disciplinary act that enhances the processing of the information technology (Perlman, Kaufman and Speciner, 2016). This methodology ensures the fact that fact that the research that is performed by the IDC and Gartner. Network Change Management acts as the credential replacement for the functionality of the automate changes that are performed in the purposing of the  automate change that takes place in the functionality of the system. Another advantage of Network Change System is that it reduces networking downtime of the process. The Network Change Process takes into consideration the fact that having a backup of the data that are collected system acts as an advantage.

Audit Control is defined as the accounting of the of the process that is involved in the functioning of the process. this process ensures the assurance of the achievement that helps in the effective operation of the project which will increase the efficiency of the functioning. The financial reporting and  the regulations related to the auditing of the policies include the audit Control Processing (Fennelly, 2016).

The disaster recovery plan is a process that ensures the fact that it helps the organization to prevent the organization from the disaster that might approach the organization. This plan helps the processing of finding the threats that are approaching the organization and hence helps the organization to take into count the fact that might help the organization to get rid of the threat that is being possessed.

Due to the lack of robustness in the platform of database, the data that are stored in the framework of the database is not secured (Wang, Y., Fakhry, R. and Anderl, R., 2017). This aspect takes into consideration the fact that the data that is stored in the database of the infrastructure of the organization ensures the fact that security of the data that sis tired is at stake. This causes the loss of data from the data base if the organization. The important data that are considered to be turbulent for the functioning of the organization is stored with more security which enables the fact that the potential loss of data is prevented.

The hardware and the software of the organization acts as the major issue which acts as te channel between the database and the external user (Benson and Rahman, 2015). This channel also acts the main medium of cyber attack. The attack is progressed with the featuring of the data, which is intended to access by the cyber criminals in order to gain the data prosecution methodology. This access .acts t be the harmful and unauthenticated access by the imposters which leads to stealing of the important data that are stored in the computing system.

The occurrence of the thefts in the processing of the data storage ensues the fact that the data storage in the data in the data base has increased immensely since the last decade. This implies the fact that with the advantages that the organizations enjoy the organizations faces  the threat of being accessed in an unauthenticated manner. This ensures the fact that the data that is stored in the database of the organization. The database of the organization suffers due to the fact that the infrastructure lacks the robustness (Berger, 2014). This lack of robustness has increased the probability of being accessed by the imposters have increased to a great extent of about 23%. This increase in the processing of the cyber crime indicates the fact that the security of the data is at stake. To decrease the probability of this unauthenticated access to the data, the infrastructure of the database must be made more robust.

The responsibility of the employees are to keep the software that are being used updated to prevent the unauthenticated access of the data. This updating of the software that is performed by the employees of the organization ensures the act that the data stored in the organization stays protected from the data stealing or accessing by the imposters (Fennelly, 2016).

ISO is a national standard  that is used for the standardized processing of the worldwide federation. ISO 3001 acts to be the major concern for the processing of the data that is stored in the database. The ISO 3001 is the main fact that helps in the factorization of the member body that ensures the progress in the data security from the data base of the computing system if the organization

Biometrics

The biometrics have largely gained its popularization in the processing of the multinational companies. The biometrics helps in the processing of the data that acquires the data that is related to the employee of the office. The data that are collected from the employee of the office is stored in the database if the biometric system. In case of the functioning of the biometric, the biometric stores the identity of the individual in the database of the biometric (Crampton, 2015). This ensures the fact that after comparing the data that is entered by the employee is compared with the data that is stored in the biometric data base. In case the data that is entered by the employee matches with the data that is stored in the database of the biometric system the employee is allowed the permission to continue with the dealings that he has been performing.

The usage of the swipe card enables  the fact that the encrypted code that is present in the card acts as the identity of the employee. The employee needs to swipe the card that is provided to the employee by the government (Conheady and Leverett, 2014). This encrypted code is compared by the system. In case of the encrypted code is previously stored in the system the employee is granted the permission.

Theft prevention is processed with the help of the biometric system and the card swipe technique. This techniques are  deployed n the organization. This factor leads to the security of the organization as any unauthorized person cannot enter the office premises without the proper authentication.

Responsibility Assignment Matrix (RAM) using the RACI Format

Task/Person

Activity

hjhj

Program manager

Project manager

Team lead

Test manager

Project manager

Deployment manager

Solution Architect

Triage code

R

C

C

R

Assign defects

A

C

R

Fix code

C

R

C

A

R

Scan code

A

C

Code:

Stands For:

This Person Is:

R

Responsible

Responsible for performing the task or creating the document

A

Accountable

Accountable and has sign-off authority for the task, such as the project manager,  sponsor, technical lead

C

Consult

Providing expertise, advice and support to the person responsible for the task or document and others

I

Inform

Informed of task progress or results, usually by the person responsible

The access to the systems of the organization deals with the fact of the gaining access to the computing systems that are used in the processing of the functioning of the organization. This ensures the fact that the procedural unauthenticated access to the computing systems which has a lot of data stored which are used for the proceeding of the project. on getting the access t the computing system of the organization the imposter can delete the important files that are stored in the computing system leading to the fact that the proceeding of the project is put to halt leading to the lack of progress in the project that the client was performing. This factor leads to the decrease in the efficiency of the project (Perlman, Kaufman and Speciner, 2016).

The access to the internet that is used for the processing of the finding the data that are tp be used in the processing of the completion of the project acts to be one of the major security problem. This problem tends to be the major reason behind the piracy of data that are done due to the unauthenticated access to the data of the task. The imposters tend to track surfing of the data that the employee is performing (Fennelly, 2016). This enables the imposters to gain the knowledge regarding the progress of the project.

The access to the e mail of the employees of the organization leads to the fact that the imposter acts on behalf of the employee and creates conflicts regarding the processing of the email. The imposter performs conflictive jobs from the email of the employee (Benson and Rahman, 2015). This acts as a problem for the employee of the organization. The imposter also takes into consideration the fact that the acts that the employee is performing and track the whereabouts of the employees of the organization.

The Internet browser that are used by  the employees of the organization takes into consideration the fact that the imposters can easily track the search results of the employees of the organization. This leads to the fact that that data that the imposters collects after the evaluation of the surfing results. This ensures the fact that the imposter can use the data gained from the surfing against the employee of the organization.

The software that is used for the functioning of the processing that is done in the organization must be updated to its latest versions in order to gain the robustness of the computing system. despite the installed versions of the firewall the imposters finds the loop hole through which they get the unauthorized access to the computing system and gain the data , which they do not have the permission to access (Wang, Y., Fakhry, R. and Anderl, R., 2017). The only way out to stay protected from the cyber criminals are updating the software.     

The major concern for the employees regarding the unauthenticated access of the data is the access of the data by the third party. This ensures the fact that the data that is present in the database of the organization can be accessed by the 3rd party. This access tends t harm the employee as well as the organization.

The business continuity plan helps to ensure the fact processing of the business during the facing of the hazard. The emergency and the disaster regarding the physical distortion leads to the decreasing of the efficiency of the organization but BCP helps the fact in continuation of the business management of the organization.

The security policy of ISO/IEC:2005 Information technology deals with the following enhancements regarding the security issue: –

  • Organization of information security
  • Asset management
  • Human resources security
  • Physical and environmental security
  • Communications and operations management (Line and Moe, 2015)
  • Access control
  • Information systems acquisition
  • Development and maintenance (Wang, Fakhry and Anderl, 2017)
  • Information security incident management
  • Business continuity management
  • Compliance

The employees who are not well aware of the issues that are caused by the trafficking of the data are needed to be educated regarding the difficulties that are caused due to the unauthorized access to the data. The knowledge f setting strong password is provided to the co employee’s of the organization. The fact that the updating of the software helps the prevention of the cyber attack will also be provided to the employees (Herath and Herath, 2014).

Enterprise risk management has been acting beneficial for managing risk as it identifies the threats that are to approach the organization. This ensures the fact that preventions are taken to avoid the risks that are going to be faced by the organization. The enterprise risk management also helps in identifying the methodologies that must be used in order to prevent the risks of the organization (Rajnai, Z. and Rubóczki, E., 2015). The methodologies that are undertaken are generally adapted from the ISO 3001 standards.

  • The security tools that must be implemented in order to keep the data of the organization secured includes the organization must take into consideration the fact that employees of the organization must possess an individual profile in order to access the official portal. This account creating factor will act like a virtual biometric device. This will filter the entrance of the user in the official portal of an organization. Unauthorized members cannot enter the portfolio without proper recognition (Goldstein and Frank, 2016).
  • Auto update feature must be turned on for the purpose of the security of the software as the only way to protect the database of the imposters is by keeping the software of the database updated to its latest version.
  • Monitoring the resource access also acts to be beneficial for the organization as the source indicates the origin of the database that will include the origin of the cyber attack in case of any mishap.
  • The information technology department of the organization must perform the testing of the penetration regularly in order to perform efficient functioning of the task.

Conclusion

Therefore, from the above discussion it can be concluded that the security of the data that are in use acts to be a major source of concern for the for the information technology departments of the multinational organizations. This ensures the fact that the organizations have been undertaking a lot of security measures for the processing of the prevention of cyber crime. With the increase in usage of the digital communication processing of the major disadvantage have been the security issue of the digital platform. Data replication and the virtualization has been acting to be the most threatened risk that the organization is facing for using the digital platform.  

References

Goldstein, A. and Frank, U., 2016. Components of a multi-perspective modeling method for designing and managing IT security systems. Information Systems and e-Business Management, 14(1), pp.101-140.

Hof, H.J., 2015. User-centric IT security-how to design usable security mechanisms. arXiv preprint arXiv:1506.07167.

Line, M.B. and Moe, N.B., 2015, May. Understanding collaborative challenges in it security preparedness exercises. In IFIP International Information Security Conference (pp. 311-324). Springer, Cham.

Simi?-Draws, D., Neumann, S., Kahlert, A., Richter, P., Grimm, R., Volkamer, M. and Roßnagel, A., 2015. Holistic and law compatible IT security evaluation: Integration of common criteria, ISO 27001/IT-Grundschutz and KORA. In Transportation Systems and Engineering: Concepts, Methodologies, Tools, and Applications (pp. 927-946). IGI Global.

Herath, H.S. and Herath, T.C., 2014. IT security auditing: A performance evaluation decision model. Decision Support Systems, 57, pp.54-63.

Wang, Y., Fakhry, R. and Anderl, R., 2017. Combined secure process and data model for IT-Security in Industrie 4.0. In Proceedings of the International MultiConference of Engineers and Computer Scientists 2017 (pp. 846-852).

Kimwele, M.W., 2014. Information technology (IT) security in small and medium enterprises (SMEs). In Information Systems for Small and Medium-sized Enterprises (pp. 47-64). Springer, Berlin, Heidelberg.

Conheady, S. and Leverett, E., 2014. Social engineering in IT security: Tools, tactics, and techniques. McGraw-Hill Education.

Conheady, S. and Leverett, E., 2014. Social engineering in IT security: Tools, tactics, and techniques. McGraw-Hill Education.

Harbach, M., Fahl, S. and Smith, M., 2014, July. Who’s Afraid of Which Bad Wolf? A Survey of IT Security Risk Awareness. In Computer Security Foundations Symposium (CSF), 2014 IEEE 27th (pp. 97-110). IEEE.

Hänsch, N. and Benenson, Z., 2014, September. Specifying IT security awareness. In Database and Expert Systems Applications (DEXA), 2014 25th International Workshop on(pp. 326-330). IEEE.

Fennelly, L., 2016. Effective physical security. Butterworth-Heinemann.

Heathcote, G. and Otto, D. eds., 2014. Rethinking peacekeeping, gender equality and collective security. Springer.

Heathcote, G. and Otto, D. eds., 2014. Rethinking peacekeeping, gender equality and collective security. Springer.

Rajnai, Z. and Rubóczki, E., 2015. Moving towards cloud security. interdisciplinary description of complex systems, 13(1), pp.9-14

Scully, T., 2014. The cyber security threat stops in the boardroom. Journal of business continuity & emergency planning, 7(2), pp.138-148.

Yu, T., Sekar, V., Seshan, S., Agarwal, Y. and Xu, C., 2015, November. Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the Internet-of-Things. In Proceedings of the 14th ACM Workshop on Hot Topics in Networks (p. 5). ACM.

Bailey, D.V., Dürmuth, M. and Paar, C., 2014. “Typing” passwords with voice recognition: How to authenticate to Google Glass. In Proc. of the Symposium on Usable Privacy and Security.

Perlman, R., Kaufman, C. and Speciner, M., 2016. Network security: private communication in a public world. Pearson Education India.

Szwed, P. and Skrzy?ski, P., 2014. A new lightweight method for security risk assessment based on fuzzy cognitive maps. International Journal of Applied Mathematics and Computer Science, 24(1), pp.213-225.

Benson, K. and Rahman, S., 2015. Security Risks in Mechanical Engineering Industries. arXiv preprint arXiv:1512.01730.

Benson, K. and Rahman, S., 2015. Security Risks in Mechanical Engineering Industries. arXiv preprint arXiv:1512.01730.

Rittinghouse, J.W. and Ransome, J.F., 2016. Cloud computing: implementation, management, and security. CRC press.

Kotz, D., Fu, K., Gunter, C. and Rubin, A., 2015. Security for mobile and cloud frontiers in healthcare. Communications of the ACM, 58(8), pp.21-23.

Line, M.B., Tondel, I.A. and Jaatun, M.G., 2014, May. Information security incident management: Planning for failure. In IT Security Incident Management & IT Forensics (IMF), 2014 Eighth International Conference on (pp. 47-61). IEEE.

Omeje, K., 2017. High stakes and stakeholders: Oil conflict and security in Nigeria. Routledge.

Van Tilborg, H.C. and Jajodia, S. eds., 2014. Encyclopedia of cryptography and security. Springer Science & Business Media.

. The internet of things: A ciso and network security perspective. ESG White Paper.

AlHogail, A., 2015. Design and validation of information security culture framework. Computers in Human Behavior, 49, pp.567-575.

Berger, T.U., 2014. Norms, Identity, and National Security. Security Studies: A Reader.

Mearsheimer, J., 2016. Defining a new security architecture for Europe that brings Russia in from the cold. Military Review, 96(3), pp.27-31.

Ahson, S.A. and Ilyas, M., 2017. RFID handbook: applications, technology, security, and privacy. CRC press.

Crampton, J.W., 2015. Collect it all: National security, big data and governance. GeoJournal, 80(4), pp.519-531.

Crampton, J.W., 2015. Collect it all: National security, big data and governance. GeoJournal, 80(4), pp.519-531.