Professional Documents
Culture Documents
Approaches To Information Security Implementation
Approaches To Information Security Implementation
Approaches To Information Security Implementation
Overview:
Objective:
At the end of the lesson, the students should be able to;
Identify the different approaches to Information Security implementation
Explain the information security mechanism
Explain the Disaster recovery
In order to determine the safety of data from potential violations and cyber-attacks, the
implementation of the security model has an important phase to be carried out. In order to ensure
the integrity of the security model can be designed using two methods:
1. Bottom-Up Approach:
The company’s security model is applied by system administrators or people who are working in
network security or as cyber-engineers. The main idea behind this approach is for individuals
working in this field of information systems to use their knowledge and experience in cyber security
to guarantee the design of a highly secure information security model.
This is a method of establishing security policies and/or practices that begins as a grassroots effort in
which systems administrators attempt to improve the security of their systems.
Key Advantages –
An individual’s technical expertise in their field ensures that every system vulnerability is
addressed and that the security model is able to counter any potential threats possible.
Disadvantage –
Due to the lack of cooperation between senior managers and relevant directives, it is often not
suitable for the requirements and strategies of the organization.
2. Top-Down Approach:
This type of approach is initialized and initiated by the executives of the organization. It is a
methodology of establishing security policies and/or practices that is initiated by upper
management.
It is more likely to succeed. That strategy usually provides strong support from top management by
committing resources, a consistent preparation and execution mechanism and opportunities to
affect corporate culture.
Module 2 1|Page
Information Assurance and Security 1
Security management issues have been handled by organizations in various ways. Traditionally,
companies adopted a bottom-up approach, where the process is initiated by operational
employees and their results are subsequently propagated to upper management as per the
proposed policies. Since management has no information about the threat, the effects, the idea of
resources, possible returns and the security method, this approach has occasionally created a
sudden and violent collapse.
On the contrary, the top-down approach is a highly successful reverse view of the whole issue.
Management understands the gravity and starts the process, which is subsequently collected
systematically from cyber engineers and operating personnel.
The terms Cyber Security and Information Security are often used interchangeably. As they both
are responsible for the security and protecting the computer system from threats and information
breaches and often Cybersecurity and information security are so closely linked that they may seem
synonymous and unfortunately, they are used synonymously.
If we talk about data security it’s all about securing the data from malicious users and threats.
Module 2 2|Page
Information Assurance and Security 1
Cybersecurity deals with the Information security deals with the protection
Threat danger in cyberspace. of data from any form of threat.
Defense Acts as first line of defense. Comes into play when security is breached.
Module 2 3|Page
Information Assurance and Security 1
unauthorized activity has taken place, or whether any attempt has been made to perform
such activity.
Confidentiality
The confidentiality service protects sensitive information from unauthorized disclosure.
Data integrity
The data integrity service detects whether there has been unauthorized modification of data.
Disaster Recovery
An event can be categorized as a disaster when an organization is unable to mitigate the impact of an
incident while it is occurring and the level of damage or destruction is so severe that the organization
is unable to recover quickly. The difference between an incident and a disaster may be subtle; the
contingency planning team must make the distinction between the two, which may not be possible
until an attack occurs. Often an event that is initially classified as an incident is later determined to be
a disaster. When this happens, the organization must change its response and secure its most
valuable assets to preserve their value for the long term, even at the risk of more short-term
disruption.
Disaster recovery (DR) planning is the process of preparing an organization to handle a disaster and
recover from it, whether the disaster is natural or man-made. The key emphasis of a DR plan is to
reestablish operations at the primary site, the location at which the organization performs its business.
The goal of the plan is to make things whole, or as they were before the disaster
The DR plan provides detailed guidance in the event of a disaster. It is organized by the type or
nature of the disaster, and it specifies recovery procedures during and after each type of disaster. It
also provides details about the roles and responsibilities of the people involved in the DR effort, and it
identifies the personnel and agencies that must be notified. The DR plan must be tested using the
same testing mechanisms. At a minimum, the DR plan must be reviewed periodically during a walk-
through or talk-through. The DR group consists of a planning team and a response team.
• Priorities must be clearly established. The first priority is always the preservation of human life. The
protection of data and systems immediately falls to the wayside if the disaster threatens the lives,
health, or welfare of the organization’s employees or community. Only after all employees and
neighbors have been safeguarded can the disaster recovery team attend to protecting other assets.
• Roles and responsibilities must be clearly delineated. All members of the DR response team should
be aware of their expected actions during a disaster. Some people are responsible for coordinating
with local authorities, such as fire, police, and medical staff. Others are responsible for the evacuation
of personnel, if required. Still others are tasked simply to pack up and leave.
• Someone must initiate the alert roster and notify key personnel, including the fire, police, or medical
authorities mentioned earlier, as well as insurance agencies, disaster teams like the Red Cross, and
management teams.
• Someone must be tasked with documenting the disaster. As with an IR reaction, someone must
begin recording what happened to serve as a basis for later determining why and how the event
occurred.
• If possible, attempts must be made to mitigate the impact of the disaster on the organization’s
operations. If everyone is safe and all needed authorities have been notified, some employees can be
tasked with the evacuation of physical assets. Some can be responsible for making sure all systems
are securely shut down to prevent further loss of data.
Module 2 4|Page