Vikas on Security

Download, Study and Compare/Contrast NIST Risk Management guidelines discussed in Special Publications 800-30, -37, -39 and -53 You will be working individually. You will download and skim several NIST Special Publications, extracting key concepts: NIST Special Publication 800-30 Risk Management Guide for Information Technology Systems Technology Systems NIST Special Publication 800-37 Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach NIST Special Publication 800-39 Managing Information Security Risk Organization, Mission, and Information System View NIST Special Publication 800-53 Recommended Security Controls for FederalInformation Systems and Organizations In an 800-1200 word paper, provide a high level summary of the NIST documents, identify key points and assess the value as a practical tool for making IT decisions. Compare this model to one other assigned this term. How helpful do you think the NIST s...

Q1 Research the situation. Provide insights into the new IA risk incurred by having everyone’s banking and other financial services credentials. (500 words or less) The new business idea plans to access personal financial information of clients from various online sources and present in a useful manner fo use by the clients. This is a form of web scraping where the application would access client information from multiple accounts and present analysed content to the user. Due to personal information being accessed by the company a number of IA risks arise. These risks exist at both the individual client and the organisation level. The risks at the  individual level  are  : - Chances of leaking information increase as an additional entity is given financial details Identity theft as a single entity has all the personal and financial information  The organisation may sell client information to other third parties. Lax computer security mea...

The Company: Klew Loess & Associates New Idea: AgregGREAT! Ñ    HackMeCo financial subsidiary. Ó    Original Business Plan: Medicare Fraud Prevention Ñ    New Idea: AgregGREAT! Ó    Customers give us all of their financial portal login information (banks, brokerages, credit unions, credit reporting agencies), we login for them, get their information and present it in a useful way Ó    Profit! Some Assumptions Ñ    There are no laws preventing the new idea Ñ    AgregGREAT! Has been discussed generally among management & is gaining some traction internally Ñ    The projected numbers for AgregGREAT! are 4x current revenues in 2 years Ó    Depends on a completely new customer base, not all from USA Ó    Depends on perception of reliability (marketing) Questions from Business Development Team Ñ    We’ll be logging into financial portals and ...