I trust that you are having a great research experience. Some of you have reached out to me concerned about the length of the final paper. Your research paper should have a minimum of 50 and 60 pages of content. That means the cover page, table and figures page and reference pages are not included.
I will strongly encourage you to use the university writing services to ensure that your paper has proper gramma and flow of content. I am also attaching the final paper grading rubric for your reference. As you write your final paper and integrate the already graded, ensure that there is harmony of content from the Introduction, literature review and the four iterations.
Take time to read your paper against the rubric. I have highlighted yellow important rows which you should target.
THERE IS NO SECOND CHANCE ONCE YOU SUBMIT THE PAPER.
Running head: CYBER SECURITY
CYBER SECURITY 6
Iteration 1: Understanding Cyber security
Cyber Security Framework
Table of contents
Iteration 1: Understanding cyber security
Plan. Planning is a crucial activity in the research process, as it entails the preliminaries to the research activities. In action research, planning is an action conducted at every iteration, and this is because each iteration is a set of activities distinct from other iteration. There are a good number of activities that the researcher needs to undertake before undertaking the actual events of the action research. The anticipated tasks, their outcomes and resources needed, as well as people involved are as discussed below:
i. Researching the topic of cyber security. The first task to be undertaken will be to conduct some research on the topic of cyber security with an intention of offering an insight or understanding of the topic. The resources to be used include computer, the internet, books and stationery. Pertaining to the people involved, that will involve myself alone. The activity is expected to take two days. The result of this activity will be gathering information of what cyber security is.
ii. The second activity is to conduct some analysis of the information or data collected. The analysis will use some resources that include stationery and computer. Once again, only I will be involved in this activity. The analysis will be done with the aim of extracting the relevant content pertaining to explaining the concept of cyber security and related concepts.
iii. Lastly, preparing a brief report pertaining to the entire endeavour and lessons and outcomes obtained will follow. After all information has been made clear, a report will then be presented. The expected outcome of this activity is a well written report outlining all that was done and the outcomes of the various actions.
Act. Planning comes before the actual action can be taken. In action research, every iteration has an action phase where the researcher undertakes to follow the guideline or plan developed previously to achieve the goals and outcomes predetermined in the planning phase.
Among the activities that I conducted herein include researching on the concept of cyber security. Researching this concept made me to seek information from various sources, the key among them being books and academic papers. These were among the resources allocated during the planning phase. Other resources or sources of information include databases and website or the internet. The main aim of the iteration is to give a clear overview of the concept and also related concepts. As such, I used various strategies during the research process, and this included use of keywords when searching for the specific contend from the internet.
Another activity I undertook was recording the data obtained from these sources. Data recording was simply in the form of notes taken during the research. This was followed by data analysis where the researcher used content analysis to obtain the information from the various sources. Any content relating to the cyber security and related concepts was extracted from these sources. Lastly, I undertook to define and offer some more information pertaining to cyber security. Being the final activity in this iteration phase, I discussed various aspects of the cyber security concept and related this information to the main theme of the action research – that is, designing and implementing a cyber-security framework. This phase ushered in the next phase in this iteration where the lessons derived from this phase and the planning phase are highlighted and explanations offered where necessary.
Observe. The third phase of each iteration is the observation phase. The observation phase of an action research simply entails the analysis of the situations of the iteration in question. In other words, the researcher undertakes to extract some lessons from the previous iterations. Each action in the iterations is expected to bear some to bear some outcomes as had been predetermined during the planning phase. This is why the researcher, in the observation phase, takes note of all that went on in the iteration. The first iteration was a rigorous with so much to observe.
The researcher observed that there was adequate literature pertaining to the issue of cyber security. Researchers and practitioners have extensively documented the various issues regarding the topic and this only meant that the researcher could easily access data and gain an understanding of the cyber security. Secondly, there are several models of the cyber security framework that have been designed previously to address cyber security threats. This is an indication that the researcher would only be replicating the previous models only that the framework to be designed and implemented would be customized. This is because the researcher understands the problem at hand and develops a solution to the specific problem, rather than a general solution to general problems. The previous models be used not only as reference points, but also as controls to ensure the researcher designs and develops a viable solution. Lastly, there are several concepts closely related to the cyber security concept that would require to be clarified in order to draw clear lines between them. There are chances that these concepts would be confused with the concept under investigation.
Reflect. The final phase of each of the iterations is the reflection phase, whereby the researcher ponders the happenings of the iteration and establishing the relationships between the various phenomena. This is a careful analysis of the happenings of the iteration determining why things happened as they did and what effect they had on the outcome or other things. This is where the researcher makes various judgments pertaining to various issues.
Entirely, the iteration can be said to have been a success, and this is because the desired outcome was obtained after a careful performance of the various goal-oriented activities. Even though it is a wide concept that could take many days and a lot of resources to cover fully, he researcher was able to gain an understanding of the concept with the resources and timeframes allocated for this iteration. The planning went on well, and this is the major reason for the iteration success. Some things may not have gone too well, and this includes a comprehensive discussion of the concept and related concepts. This did not happen owing to the fact that the resources and time needed for that would have been too much. This is also a process that could be improved.
Among the challenges included time and resources, as their limitation also caused a limitation of the scope of the iteration. Given adequate time and resources, a comprehensive review of the topic would have been possible, and this could have implied a better framework could be developed. This is also a risk factor in that the shallow discussions exposes the researcher to the risk of developing an inferior framework that would not overcome the problems it is intended to.
Running head: CYBER SECURITY FRAMEWORK
CYBER SECURITY FRAMEWORK 11
Cyber Security Framework
Table of contents
List of Figures
Figure 2: Cyber security 8
The ICTs have been observed to evolve rapidly and their usages also expanding rapidly. Currently, the internet and mobile services have become embedded in the people’s daily lives all over the world (th ITU Global Symposium for Regulators, 2009). While this is the case, it has also emerged that that the risks in the ICTs have also evolved and increased in both magnitude and complexity, and this has become a key headaches for the ICT administrators in the various organizations. It is a fact that the organizations cannot do away with the information communication technologies because of the many benefits that are derived from these, and the only option is to focus more on improving the security of the systems. The issue of cyber security is not new, and it has attracted heated debates from various stakeholders and governments. Cybercrime and cyber terrorism are a major threats not only to the organizations, but also to governments (Daya, 2008). So, what is being done about this situation?
There are various definitions of the term cyber security. In some cases, there are various concepts that are used together or in place of the term cyber security, for example, Critical Information Infrastructure Protection (CIIP). Other related concepts include critical infrastructure, critical information infrastructure, and non-critical infrastructure. The definition differs from country to country. A simple definition of the concept of cyber security is the protection of the information and the systems that the organizations or governments rely on every day (State of Alabama IS Division, n.d.). Other definitions offered by Fischer (Fischer, 2016) include the following:
· The set of activities, as well as measures aimed at protecting – from disruption, attacks, and other threats – computer networks, computers, hardware and software components, and the information they contain and communicate among other components of cyberspace.
· The state of being protected from the threats mentioned above.
· The broader discipline of implementing and implementing the activities mentioned above.
There are also concepts that are often mistaken to be the same as cyber security, and these include information sharing, privacy, intelligence gathering, and surveillance. Another concept often related, but not identical, to the concept of cyber security is information security. This concept is defined under federal law (44 U.S.C § 3552(b)(3)) as:
“Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide-
truction, and includes ensuring information nonrepudiation and authenticity;
(B) Confidentiality, which means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information; and
(C) Availability, which means ensuring timely and reliable access to and use of information.
It is a fact that the incidences cyber security attacks are on the increase, as Balasubramanian (n.d.) gives several examples of the recent cyber-attacks that have been executed successfully and caused huge losses to the victim organizations. Among them include the case of European financial Services Company that lost $ 7 billion (Balasubramanian, n.d.). Among the most common threats to the cyber security include the following (Zaharia, 2016):
· Cyber criminals – these are the greatest threat to the cyber security who hack and access organizations’ finances and loots them. The FBI have a list of 19 individuals each of whom has caused consumer losses ranging from $ 350 000 to $ 100 million.
· Computer viruses – currently, the most expensive virus is called MyDoom, and this has caused financial damages amounting to $ 38.5 billion. This was first spotted in 2004, and has since become the fastest-spreading email worm in history.
· Social media – the social media has become the hackers’ new target. The various cyber-attacks targeted at the social media include like-jacking, link-jacking, phishing and social spam.
· Human error – all humans do make mistakes, and human error has also been established as a key cyber security threat. Statistics gathered by IBM have established that about 95 % of the security incidents can be attributed to the human error (Howarth, 2014).
· Computers’ vulnerability to exploit kits.
· Inside jobs
· Social engineering
· Government-created malware
Cyber security is basically the responsibility of each and every person in the society (Crucial Research, 2014). This is because the threats affect the entire society, and this is has been evidenced by the various incidences of personal accounts hacked and funds stolen. Cyber security is very important for various reasons, among these being the fears that the threats endanger the global economy (Gabel, 2015).
The purpose of this action research is to implement a cyber-security framework untended for protecting the organizations information infrastructure and systems. Being an action research, the researcher will involve various groups of people including organizational executives and government officials, as well as IT experts in order to accomplish this implementation. The action research will highly rely on the input from the various stakeholders and also acceptance by the government and the organizations.
Figure 2: Cyber security (adapted from https://www.cesg.gov.uk/articles/infographics-cesg)
The action research will have four iterations, and these are as discussed in the paragraphs that follow.
Iteration 1: Understanding cyber security. The first iteration will involve gaining more insight into the concept of cyber security and the various measures already taken to improve the cyber security situation. The iteration will also establish the current trends in the cyber security in order to fully define the problem and design the cyber security framework.
Iteration 2: Design the cyber security framework. The second iteration will entail designing the cyber security framework, keeping in mind that here are existing frameworks that still have failed to offer the ultimate cyber security.
Iteration 3: Implementing the cyber security framework. The third iteration involves the implementation of the cyber security framework that has been designed previously. The implementation will be done taking into account the fact that each organization of government has different cyber security needs. Issues of customization will also be addressed during the third iteration.
Iteration 3: Monitoring. The last iteration will entail monitoring the implementation process and taking the relevant corrective actions. Changes and modifications will also be done to the initial implementation plan in order to cover for the deviations from the plans.
Iteration flow diagram
The diagram below illustrates the iteration flows of this action research.
Iteration 1: Understanding cyber security
Iteration 2: Designing cyber security framework
Iteration 3: Implementing cyber security framework
Iteration 4: Monitoring
Figure 3: Iteration Flow Diagram
Each of the above iteration will have four phases – plan, act, observe, and reflect. The planning phase involves laying out the course of action for the iteration among other things. The action phase entails actual undertaking the various activities for the iteration. Observe phase will entail taking note of the happenings of the iteration, while the reflection phase intends to explain various things that happen within the iteration.
References Balasubramanian, V. (n.d.). Combating Cyber Security Threats. Threat, Threat Everywhere; Cyber-Criminals on the Prowl, 1-10. Retrieved from https://download.manageengine.com/products/passwordmanagerpro/combating-cyber-security-threats.pdf Crucial Research. (2014). People’s Role in Cyber Security: Academics’ Perspective. Crucial Research, 1-8. Retrieved from https://www.crucial.com.au/pdf/Peoples_Role_in_Cyber_Security.pdf Daya, B. (2008). Network Security: History, Importance, and Future. 1-33. Retrieved from http://web.mit.edu/~bdaya/www/Network%20Security.pdf Fischer, E. (2016). Cybersecurity Issues and Challenges: In Brief. Congressional Research Service, 1-12. Gabel, D. (2015, July 01). Cyber risk: Why cyber security is important. Retrieved from Whitecase.com: http://www.whitecase.com/publications/insight/cyber-risk-why-cyber-security-important Howarth, F. (2014, Sept 2). The Role of Human Error in Successful Security Attacks. Retrieved from Securityintelligence.com: https://securityintelligence.com/the-role-of-human-error-in-successful-security-attacks/ State of Alabama IS Division. (n.d.). Cyber Security is our Shared Responsibility. 1-2. Retrieved from http://cybersecurity.alabama.gov/Documents/security/WhyCyberSecurityisImportant.pdf th ITU Global Symposium for Regulators. (2009). Cybersecurity: The Role and Responsibilities of an Effective Regulator. Draft Background Paper, 1-40. Zaharia, A. (2016, May 12). 10 Alarming Cyber Security Facts that Threaten Your Data [Updated]. Retrieved from Heimdalsecurity.com: https://heimdalsecurity.com/blog/10-surprising-cyber-security-facts-that-may-affect-your-online-safety/
Running head: Cyber Security Competition Framework
Cyber Security Competition Framework 2
Cyber Security Competition Framework
IST 8101- Field Experience/Internship
Contents Cyber Security Competition Framework 3 Methodology 5 Action Research 5 History of Action Research 5 The steps that have been suggested for action research include: 7 The planning phase 7 The action phase 7 The observation phase 7 The reflection phase 7 References 9
Innovation is the main issue that drives economic growth as well as job creation. Cyber security encompasses the protection of an organization’s intellectual property as well as business information that is in digital form of different types of abuse and misuse, which is a growing management issue. The desire to protect intellectual property through trademarks, patents as well as copyrights is vital to the objective of ensuring that an organization can pursue innovation. Thus the ability by an organization top protects their information technology platform from the diverse security threats that could hamper their success is by implementing an effective cyber security competition platform (Andrijcic & Horowitz, 2006). The competition from other players in the industry is the main issue that leads to the increase in the threat of there being theft of an organization productivity base.
Through the framework, it will be possible for an organization to possess risk-based compilation guidelines that are going to make it possible for them to identify, implement and consequently improve their cyber security practices (Tisdale, 2015). Although the framework does not introduce new concept or standards, it serves to leverage as well as integrate diverse cyber security practices that have been developed by the organization as the international standardization organization and the NIST. The framework refers to the compilation of the practices as the “CORE” which encompasses five continuous as well as concurrent functions (Von Solms & Van Niekerk, 2013). These promote the identification, protection, detection, response as well as recovery, which present a strategic view of an organization’s lifecycle in the management of their cyber security risk.
The threat that is posed to business and their operations due to the diverse cyber security threats has seen an increase in the number as well as the form of attacks. The threats that these businesses are also facing change with issues as disgruntled employees releasing sensitive company information taking an organization’s intellectual property to the competitors as well as taking part in online fraud being on the increase. Other organizations have had to ensure that the losses they have suffered as a result of the cyber security threats and breach to their technology infrastructure do not become public (Tisdale, 2015). Other business organizations have been compelled to pay ransom to the cyber criminals as well as to get a description of the vulnerabilities that an attack has exposed.
There is the general trend whereby value is migrating online, and that digital data is becoming increasingly pervasive. The implication of this drift is that institutions are experiencing more online attacks. There is also an increase in the number of people who are accessing the corporate networks via mobile devices they use in their personal lives which increase cyber security threats.
The plan, in this case, is to implement a cyber security competition framework that addresses all the threats that an organization faces. There will be the implementation of a framework to be addressed at the most senior levels of the organization. Addressing these threats will revolve around the protection of the organization’s most vital business assets instead of merely focusing on the technological vulnerabilities as the use of the multilayer programs for the classification of corporate data (Andrijcic & Horowitz, 2006). Further, a framework will be targeted at the protection of an organization’s data instead of on the perimeter through the reorientation of an organization’s security architecture from the devices as well as locations to roles and data. There will be an additional introduction of a paradigm that refreshes the cube security strategies employed by an organization and ensure that they deal with the fast-evolving business needs as well as threats.
Action research encompasses the systematic collection of information whose core rationale is the contribution to social change. It entails the learning that is realized through doing, and in this assertion, a group of people identifies a certain problem within their setting or organization, implement strategies that are meant to resolve the problem. Further, the group that is involved in the implementation of the solution evaluates how successful their efforts have been and if they have not been satisfied, they try the implementation again. The issues addressed above lead to the definition of action research, which is believed to revolve around the desire to contribute to practical concerns of the individuals in the problematic situation and at the same time promote the advancement of the goals of science (Stringer, 2007). It is thus clear that there is an element of dual commitment depicted in the use of action research in studying a system as well as collaborating with the members of that system to change the situation they find to be problematic.
The origin of action research is connected with Kurt Lewin. Lewin proposed that action research falls under the classification of research that is needed for social practice and is best attributed as one meant to social management or engineering. The approach that is proposed by Lewin is that of steps, with each step encompassing a circle of planning, action along with fact findings concerning the implication of the action. In the mid-1940s, Lewin developed a theory of action research, saying that it is a proceeding spiral of steps, with each of the steps encompassing the planning, action as well as evaluation of the result of the action (Collis & Hussey, 2003). According to Lewin, the initial step of action research encompasses the careful assessment of the idea in light of the available means. If there is the success in this planning period, there is the emergence of two items that encompass the overall plan on how to realize the objective and the second attribute being the decision relating to the first step.
In the 1960s, action research faced a decline in its effectiveness owing to the association that it had with radical political activism. There was the development of doubts relating to the rigor of AR as well as the training that had been acquired by the individuals using it (Brydon-Miller, Greenwood & Maguire, 2003). It, however, is evident that AR has attained considerable foothold within the areas of community-based as well as participatory AR as well as a type of practice that is oriented towards the improvement of the educative encounters.
Action research has a wide assortment of uses in the scientific field mainly about the advancements that promote the realization of the diverse objectives stipulated in the scientific study. In this assessment, AR is vital to the development of reflective scientific practitioners who are instrumental to the progress of the scientific field, when individual scientists commit themselves to fostering continuous growth and development of the scientific field (Collis & Hussey, 2003). When each of the research is assessed through the empirical investigation into the issues that are causing, the challenges realized in the field and helped in the development of solutions. Further, the use of action research in the scientific investigations aids in the development of a professional culture that promotes their focus in mapping out the solution to the challenges in the field. It follows that the fact that all scientist are committed to realizing the same objective contributes to the sharing of a similar vision of a culture of commitment to coming with solutions to the IT challenges.
The initial AR phase is the planning and encompasses the assessment of the solution and implementing a plan of how the main issues identified are going to be resolved. The main issue in this phase is the development of a plan and procedures that are going to be included in developing the solution.
The second phase of AR is the action phase and will revolve around the introduction of the procedures and solutions that have been established in the planning phase. The action shall include the methodical execution of all the steps as enumerated in the planning phase.
The third AR phase is the observation phase and includes the evaluation of the execution of the solutions and procedures. The main reason behind this phase is the assessment of whether the solutions that are being implemented are addressed the issue under focus and making the necessary changes.
The last phase of AR is a reflection of what was successful in the execution of the solution and what was not successful. There additionally is the assessment of the elements that could be improved during the subsequent execution to ensure that the solutions are successful.
Diagram 1: Action research cycle source (Collis & Hussey, 2003).
The implementation of the cyber security competition program through the employment of action research offers the assurance that the solutions framework is going to be a success as it will be a product of iterative research, ensuring that solutions are better after every cycle.
Andrijcic, E., & Horowitz, B. (2006). A Macro‐Economic Framework for Evaluation of Cyber Security Risks Related to Protection of Intellectual Property. Risk Analysis, 26(4), 907-923.
Brydon-Miller, M., Greenwood, D., & Maguire, P. (2003). Why action research?. Action research, 1(1), 9-28.
Collis, J. & Hussey, R. (2003). “Business Research. A Practical Guide for Undergraduate and Graduate Students” 2nd edition, Palgrave Macmillan
Stringer, E. T. (2007). Action Research: A handbook for practitioners 3e, Newbury Park, ca.: Sage. 304 pages. Sets commu
We are a professional custom writing website. If you have searched a question and bumped into our website just know you are in the right place to get help in your coursework.
Yes. We have posted over our previous orders to display our experience. Since we have done this question before, we can also do it for you. To make sure we do it perfectly, please fill our Order Form. Filling the order form correctly will assist our team in referencing, specifications and future communication.
2. Fill in your paper’s requirements in the "PAPER INFORMATION" section and click “PRICE CALCULATION” at the bottom to calculate your order price.
3. Fill in your paper’s academic level, deadline and the required number of pages from the drop-down menus.
4. Click “FINAL STEP” to enter your registration details and get an account with us for record keeping and then, click on “PROCEED TO CHECKOUT” at the bottom of the page.
5. From there, the payment sections will show, follow the guided payment process and your order will be available for our writing team to work on it.
Why Hire Safehomework.com writers to do your paper?