CMGT 582 Security threats, security risks – Assignment Solution
Reflect on the following in a minimum of 350 words each. 1. Safeguarding Against Security Threats A reflection is meant to illustrate your understanding of the material and how it affects your ideas and possible practice in the future. Individuals and organizations today face a variety of security threats. To protect themselves from these threats, they usually take certain protective measures—commonly known as safeguards.
- Select and research three common security threats (e.g., ransomware, phishing) and identify at least two safeguards that can mitigate the risks of each threat. Explain when the safeguards are effective and when they are not. Lastly, describe any disadvantages of the safeguards from the perspectives of the IT manager, as well as from employees at the organization.
- What protections do European citizens have through the GDPR?
- What are the advantages and disadvantages of the GDPR? Consider the perspectives of consumers as well as businesses.
- Did the GDPR have a global impact? How did it impact US companies?
- What information do companies collect on US citizens, including location information, search history, and social media posts? Think about what someone would know about you if they could see your entire search history.
- Explain the concept of digital rights management (DRM). Why do organizations use DRM technology to protect intellectual capital? What is a typical DRM application that can be used to manage access to digital content? What are the ethical and legal implications of DRM? What are the overall advantages and disadvantages of DRM?
- As an IT manager, describe how you would use organizational policies, federal, state, and local laws, and ethics to guide how to set up your IT architecture, IT policies, and communications with employees. Express how each of those items will influence your decision-making. When necessary, cite specific policies, laws, or ethical frameworks.
- Describe the steps that an organization takes in order to manage information security threats risks and build a risk matrix. What is involved in each step of this process? Use a specific organization in your response.
- Explain the differences between the systems development life cycle (SDLC) and the security life cycle. Include both management and non-management IT security positions that perform security life cycle steps and briefly describe their roles.