critique the post below-just half page,c

critique the post below-just half page,c.

I’m trying to study for my Science course and I need some help to understand this question.

Cyberattacks are rapidly evolving, and attackers are utilizing more innovative and sophisticated techniques to penetrate organizations’ information systems. In recent years, ransomware attacks have cost both state and federal entities millions of dollars to recoup digital assets and regain control of their operations. According to Soare, in 2019, “two-thirds of ransomware attacks targeted state and local governments, 55% of U.S businesses would pay hackers to recover their stolen data in ransomware attacks, over 500 U.S schools were infected by ransomware, and the average ransomware payout increased to $500,000.” Planning for a cyberattack is a critical step for organizations like Red Clay Renovations. In an effort to reduce cost from a cyberattack and mitigate risk to the company resources, Red Clay must implement the “minimizing exposure strategy,” of the company infrastructure.

The “minimizing exposure strategy,” covers planning, programming, and budgeting that will enable Red Clay to significantly reduce cost from a cyberattack. According to Davis et al., (2016), this strategy focuses on “reducing the linkages between a system and the rest of the world (including the access of insiders to elements of the system), and reducing the information and computational processes (e.g., software programs and executables) that are accessible via the system.” When the attack surface of a company IT infrastructure is minimized, the possibilities of a cybersecurity attack gaining fruition is highly reduced to a more manageable level. More specifically, minimizing exposure to the number of systems in use, reducing access points, reducing network computation, and sensitive data will create less exposure of the company resources that can be exploited by hackers and preserve the integrity of the company assets.

The “planning, programming, and budgeting” involves the allocation of resources, implementing hardware and software cybersecurity tools to counter attacks, and addressing the current and future cyber threat that the company will encounter. These three phases of the minimize exposure strategy can enable Red Clay to remain financially stable from a large scale cyber attack and facilitate with the company budget for investing in cybersecurity defense. There are many additional factors that must be taken when aligning the company’s cybersecurity needs for business performance and risk deterrence. Each phase of the “minimize exposure” has their own unique function as outlined below:

Planning: This phase addresses the need for a complete inventory of all the systems occupying the company network based on the services they provide. Non-mission-critical systems, along with legacy systems, can be discontinued in an effort to minimize exposure from a cyber threat. Furthermore, the company must plan for all new and evolving cyber threats and the systems that will become vulnerable to such threats. According to Nettitued (2018), when planning for cybersecurity to minimize exposure, “it is vital to comprehend the security state of the business. Start by reviewing IT assets, which should include hardware, software, network configurations, policies, security controls, and preceding audit outcomes.” Moreover, Red Clay must plan to minimize exposure to sensitive PII data by implementing cybersecurity controls to prevent malicious traffic entering the company networks and keep classified and confidential data away from the internet through the use of DMZs and firewalls. The substance of planning is an analytical assessment of the company’s security objectives and implementing a direct course of action to achieve those objectives.

Programming: This phase, within the minimize exposure strategy, requires that cybersecurity is at the highest priority of the company overall security objectives. This can be accomplished by creating a cyber defense program for the company that oversees the allocation of cybersecurity resources. In addition, programming is the action of converting plans based on specific needs of the company in a timely fashion. It consists of creating detailed requirements of actions and policies that must be implemented to minimize exposure to cyberattacks.

Budgeting: This phase requires a robust estimation of the cost of cybersecurity products and services to enable the company to reach their security objectives. Budgeting also requires the company to allocate funds for cybersecurity consulting for each of the departments within the company. Red Clay can capitalize on funding through stakeholder investments and bidding on third-part vendors for price competition. The company executives must develop a cybersecurity budget based on the cybersecurity needs of the company and the current threat environment.

In closing, to effectively reduce the cost of cybersecurity for risk mitigation, Red Clay must have an understanding of what systems, processes, peoples, and technologies are playing a contributing factor in the company strategy for “minimizing exposure.” Conversely, the planning, programming, and budgeting phases of this strategy will enable the company to meet the challenges of the rapidly growing cybersecurity landscape. By minimizing the use of non-critical technologies and processes, the company will drastically improve their cybersecurity posture and create an overall cost-efficient IT operating environment. Additionally, this strategy will significantly reduce Red Clay’s financial cost of responding to a daunting cyberattack.

critique the post below-just half page,c

"Looking for a Similar Assignment? Order now and Get a Discount!