USA: +1(669)289-8683 
Sign in
Select one of these articles for your assignment. I attached all the articles below for you to choose your one article. After you are done let me know which article you chose that way I can provide the other two articles for you to use as references to support your summary/thesis/claim statement.
Article Choices:
Chapman, B., Erdozaim, M. S., & Powell, D. (2017). Going public: early disclosure of food risks for the benefit of public health. Journal of Environmental Health, 79(7), 8+.
Etchegary, H., Bishop, L., Street, C., Aubrey-Bassler, K., Humphries, D., Vat, L. E., & Barrett, B. (2017). Engaging patients in health research: identifying research priorities through community town halls. BMC Health Services Research, 17(1).
Michaelis, T. L., & Markham, S. K. (2017, March-April). Innovation training: making innovation a core competency: a study of large companies shows that, although managers see human capital as central to innovation success, most aren’t providing innovation training. Research-Technology Management, 60(2), 36+.
Miller, K. L. (2017, March). What we talk about when we talk about “reasonable cybersecurity”: a proactive and adaptive approach. The Computer & Internet Lawyer, 34(3), 1+.
Read the article using your chosen model of note taking. ( I choose the bullet form note taking).
Using the identified article, provide the following information:
· A title page in APA format
· A 1-2 page summary-includes the APA reference for the article chosen.
· An abstract for the article
· A Thesis/Claim statement
· Identify 2 additional current articles (1 must be from the School Library Database) that could be used to support the Thesis/Claim statement included in the summary.
· Remember: Sources cannot be more than 5 years old (no older than 2013).
· Provide the APA reference for each article
Set up the assignment as follows:
I. Title Page
II. 1-2 page Summary
III. Abstract
IV. Thesis Claim Statement
V. Article reference
Review the grading rubric.
RUBIC: The assessment provides written responses for all of the identified elements of the assessment in the assigned format. The summary clearly reflects the article chosen and is in the author’s own words. The thesis stamen/claim statement s formatted correctly and is aligned to the article and summary. The additional articles referenced are aligned to the thesis/claim statement. The analysis of the topic includes breadth and depth, is aligned to the unit topic, relates to the course content and analysis of the original article is evident throughout the assessment. The assessment is well written and well-organized demonstrating excellence in scholarly writing. Mechanics (spelling and punctuation) and grammar are excellent. The assessment is set-up following the assessment instructions. The essay demonstrates has a title page, in-text citations of sources, and references, in APA Format.
2018 IT security predictions–attacks, investment areas and cybersecurity strategies
CPI Financial.
(Dec. 5, 2017): News:
From Global Issues in Context.
Copyright:
COPYRIGHT 2017 SyndiGate Media Inc.
http://www.cpifinancial.net
Full Text:
It’s that time of year again when we look back at what has
motivated the market for IT security solutions in the last year, in order to
develop our plans for the next year. With so many public exploits, and data
breaches, writes Morey Haber, VP, Technology, BeyondTrust.
There is certainly no shortage of material to leverage! I have
grouped my predictions in to three categories: methods for major hacks,
breaches and exploits; the business of cybersecurity-focus and investments;
and offensive and defensive strategies.
Methods for major hacks, breaches and exploitsbr />Prediction
#1 – The bigger they are, the harder they fall
If we think the headlines, with news of major organisations
getting breached, shocked us, we will learn that large organisations have
poor cyber security hygiene, are not meeting regulations, and are failing to
enforce the policies they developed, recommend, and enforce on others. Next
year’s news will have even more high-profile names.
Prediction #2 – Increase in mobile phone spam
With there being more mobile phones in most countries than there
are citizens in those countries, mobile phone spam will rise 10,000 per cent
due to automated spam and dialling ‘botnets’ that essentially
render most phones unusable because they receive so many phone calls from
unidentified numbers. This rise in phone spam pushes cellular carriers to
start to require that end users adopt an “opt in” policy so only
those in their contacts can call them.
Prediction #3 – Major increase in ‘gaming deleteware’
infections
‘Gaming deleteware’ infections across most major
platforms will increase as botnets continuously attack gaming networks and
devices such as Steam, Xbox, PlayStation, and Nintendo systems with the sole
intention of rendering the machine inoperable. The malware is downloaded as
an embedded game add-on, causing millions of devices to need to be replaced.
Prediction #4 – The first major Apple iOS virus hits within a
popular “free” game
As users click on the ‘ad’ to play a game for free,
their iOS11 device will be compromised, leaking all data stored in the local
Safari password storage vault.
Prediction #5 – Continued growth in the use of ransomware and
cyber-extortion tools
2017 has proven the model that vulnerabilities nearly 20 years old
are being exploited in organisational networks (Verizon DBIR 2017), so the
opportunity is too great and too easy for organised crime to ignore. Further,
the commoditization of these tools on the deep web opens the door to anyone
who feels the risk is worth the reward. This is likely to continue until
organisations get the basics right and the risk/reward balance tips, making
ransomware far less appealing.
Prediction #6 – More end-user targeting
Penetration through unpatched servers like in the case of Equifax
will happen, but hackers will continue to target end users with more
sophisticated phishing and targeted malware, taking advantage of unpatched
desktops where clients have far too many privileges. Again, do not take your
eyes off the end users.
Prediction #7 – Biometric hacking will be front and centre
Attacks and research against biometric technology in Microsoft
Hello, Surface Laptops, Samsung Galaxy Note, and Apple iPhone X will be the
highest prize targets for researchers and hackers. The results will prove
that these new technologies are just as susceptible to compromise as touch ID
sensors, passcodes, and passwords.
Prediction #8 – Cyberrecycling
As we see a rise in the adoption of the latest and greatest
devices, we will see devices, and now IoT, be cyber recycled. These devices,
including mobile phones, will not be destroyed however. They will be wiped,
refurbished, and resold even though they are end of life (EOL). Look for
geographic attacks against these devices to rise since they are out of
maintenance.
Category: The business of cybersecurity – focus and investmentsbr
/>Prediction #9 – More money for security, but the basics still will not
be covered
Organisations will continue to increase spending on security and
new solutions, but will struggle to keep up with basic security hygiene such
as patching. Hackers will continue to penetrate environments leveraging known
vulnerabilities where patches have existed for quite some time. Regardless of
whether it is an employee mistake, lack of resources, or operational
priorities, we are sure to see this theme highlighted in the next Verizon
Breach report.
Prediction #10 – IAM and privilege management going hand-in-hand
Identity Access Management (IAM) and privilege management adoption
as a required security layer will continue. We will see more security vendors
adding identity context to their product lines. Identity context in NAC and
micro-segmentation technologies will increase as organisations invest in
technologies to minimise breach impact.
Prediction #11 – Greater cloud security investments
Vendors will begin to invest more heavily to protect cloud
specific deployments for customers migrating to the cloud. Supporting
Docker/containers, DevOps use cases, and enforcing secure cloud
configurations are some initiatives that will be driven by customers.
Prediction #12 – Acceptance that “completely safe” is
unobtainable
As 2018 progresses and more and more organisations accept that
breaches are inevitable there will be a shift toward containing the breach
rather than trying to prevent it. This doesn’t mean abandoning the wall,
but rather accepting that it isn’t perfect, can never be, and shifting
appropriate focus toward limiting the impact of the breach. Organisations
will refocus on the basics of cybersecurity best practise to enable them to
build effective solutions that impede hackers without impacting legitimate
users.
Prediction #13 – Chaos erupts as the GDPR grace period ends
As organisations enter 2018 and realise the size of the task to
become GDPR compliant by 25 May, there will be a lot of panic. This
legislation seems poorly understood which has led to many organisations
tabling it for ‘later’ and, for many, they will wait until the
first prosecution is underway before they react. The EU gave over two years,
after GDPR passed into law (27 April 2016), for organisations to become GDPR
compliant, so there is likely to be little tolerance for non-compliant
organisations which are breached after 25 May and, more than likely, some
example setting. Those who completed their GDPR compliance ahead of the
deadline will be right to feel smug as they watch their competitors flail.
Category: Offensive and defensive strategiesbr />Prediction #14
– Increased automation in cybersecurity response
The size of the cybersecurity threat continues to grow through
2018, with increasing numbers of attack vectors combined with increased
incidence of attacks via each vector (driven by commoditization of attack
tools) leading to massive increases in the volume of data being processed by
cybersecurity teams. This demands improvement in the automation of responses
in cybersecurity tools to do much of the heavy lifting, thereby freeing the
cyber teams to focus both on the high-risk threats identified and in planning
effectively for improvements in defences. Increased use of machine learning
technologies and, from that, more positive outcomes will lead to a
significant growth in this area.
Prediction #15 – Richer cybersecurity vision
As organisations’ needs for more comprehensive cybersecurity
solutions grows, so will the need for effective integration between the
vendors of those technologies. This will lead to more technology partnerships
in the near-term and eventually to industry-standards for integration in the
longer term. The ability for systems to work with relatively unstructured
data will allow for more effective information interchange and, as a result,
far richer and more rewarding views across our cyber landscapes.
Prediction #16 – It is now law
Governments will begin passing legislation around cybersecurity
and the basic management of IoT devices required for safe and secure
computing.
[c] 2017 CPI Financial. All rights reserved. Provided by SyndiGate
Media Inc. ( Syndigate.info ).
Source Citation
(MLA 8th Edition)
“2018 IT security predictions–attacks, investment areas and cybersecurity strategies.” CPI Financial, 5 Dec. 2017. Global Issues in Context, http://link.galegroup.com.prx-herzing.lirn.net/apps/doc/A517415080/GPS?u=lirn50909&sid=GPS&xid=01e63c0c. Accessed 23 Jan. 2018.
Gale Document Number:
GALE|A517415080
Bringing cybersecurity management to another level
CPI Financial.
(June 20, 2017): News:
From Global Issues in Context.
Copyright:
COPYRIGHT 2017 SyndiGate Media Inc.
http://www.cpifinancial.net
Full Text:
In an exclusive interview with Banker Middle East, Wayne Loveless,
Principal, Cybersecurity and Lutfi Zakhour, Senior Vice President, Financial
Services, both at Booz Allen Hamilton MENA extensively discuss major issues
surrounding blockchain technology and cybersecurity.
What are the major cybersecurity issues and concerns in this
region?
Wayne Loveless: Cybersecurity is a growing concern across
organisations around the world. In fact, this was discussed at the World
Economic Forum’s annual summit in Davos this year where cybersecurity
was highlighted in the list of business risks across different sectors.
Average annual losses to companies worldwide from cyberattacks now exceed
$7.7 million per organisation, according to the Ponemon Institute.
For example, one of the most notable cases to hit GCC shores was
the Shamoon virus attack, which shut down more than 30,000 workstations at
Saudi Aramco in 2012. Despite the exceptional efforts to remediate and
protect systems after the 2012 attack, the Shamoon virus resurfaced in
January this year, impacting several government agencies and private sector
companies.
Given these growing cyberrisks and threats, more organisations in
the region are waking up to the potential hazards that a weak cybersecurity
readiness presents. Currently, one of the major concerns around cybersecurity
in the region is preparedness. As technology and digitisation becomes more
prevalent across industries, the risk of attackers successfully penetrating
and compromising systems, and the vital data they store and process, is only
increasing. In addition to the government, other sectors that have been
identified as being particularly vulnerable to cyberdisruption include
finance, energy, manufacturing, utilities and transportation.
More than 50 per cent of recorded incidents in the Middle East
region were conducted against oil and gas corporations, according to the
Repository of Industrial Security Incidents (RISI) data. This is but a
precursor to the potential disruption of the energy and oil and gas
sectors’ industrial systems. A more targeted and concerted effort from
governments and private companies in the region is warranted.
Therefore,Investing in a robust resilience strategy that could prevent or
reduce the impact of potential threats and protect national interest is key.
How is financial regulation developing in these markets and in
what ways will it help combat cybersecurity breaches?
Lutfi Zakhour: Recent brazen attacks have brought regulatory
requirements and standards in the financial services sector to the limelight.
For instance, last year a Bangladesh hack leveraged the SWIFT payment system,
allowing attackers to successfully steal $81 million of their targeted $951
million from Bangladesh Bank before a spelling error compromised the attack.
With regional financial institutions also not being immune to such attacks
GCC governments have been eyeing changes to the regulatory role within their
respective countries.
While SWIFT is taking actions to improve security requirements and
preclude a repeat of the Bangladesh Bank heist, GCC governments are also
increasingly viewing financial services as a critical national
infrastructure. A prime example can be found in the UAE where the federal
government is seeking across the board improvements to the cybersecurity of
critical infrastructure. In fact, the National Electronic Security Agency
(NESA) is rolling out its latest cybersecurity framework with an initial
focus on the financial services industry. Further actions taken in other GCC
countries include new updates to e-transactions laws and cybercrime laws to
place further emphasis and controls on ensuring the protection of both banks
and consumers.
With the MENA region waking up to the importance of digital
technologies, today’s financial landscape has seen key players
re-evaluate their strategies and regulations to guarantee maximum efficiency
and security. What is your view on this?
LZ: The financial services sector in the UAE, specifically, has
picked up on blockchain technology, with one leading bank pursuing proof of
concept of a blockchain network for international remittances and open
account trade finance and another launching a pilot of blockchain, using the
technology through Ripple. Additionally, Dubai has announced plans to use
blockchain for all government documents by 2020 and several departments have
announced that they would explore the technology in areas including
healthcare, wills and diamond transactions.
Other initiatives include The Global Blockchain Council,
established by the Dubai Museum of the Future Foundation, which has
spearheaded several blockchain-related initiatives and launched pilot
projects across several sectors such as healthcare, diamond trade, title
transfer and business registration in order to test the cost-saving and time
reducing effects of the technology.
Blockchain has now been recognised as a potentially game-changing
approach to cybersecurity. Described as a generational disruptive force in
the financial services industry, these distributed ledgers maintain
tamper-proof lists of ever-growing data records and enable secure value
exchanges-money, stocks, or data access rights-between different parties.
Blockchain also creates a more secure, efficient, and collaborative ecosystem
for sharing and accumulating critical data and information. It is
particularly beneficial in the financial services sector, where it could
enable safe and secure applications across payments services, trade finance
and KYC registries benefitting both firms and consumers.
We foresee a lot of growth potential for blockchain in the GCC,
across different industries, with several entities wanting to continuously
advance the technology in order to complete their digital transformation and
truly realise the potential of a smart city.
What are your suggestions to improve the cybersecurity standards
in the region?
WL: Cybersecurity standards represent a baseline for tackling
cybersecurity threats and improving overall readiness in prevention and
mitigation of cyberincidents. While progress towards minimum standards for
security is underway across the GCC and many institutions continue to follow
industry standards and best practises, further efforts will be needed to
improve security.
As demonstrated in the SWIFT attacks on the Bangladesh Bank,
attackers can take any number of routes when compromising the security of
systems and data, both stored and in transit, to meet their motives. With
cybercriminals, nation states, and hacktivists all seeking to meet their
objectives across the region, a more robust, and beyond baseline perspective
on security is certainly warranted.
One of the biggest impediments to improving cybersecurity is not
necessarily improving compliance to the minimum standards but understanding
more fully how organisations can improve beyond the basics. This means
foregoing basic compliance in favour of a more a maturity based approach to
cybersecurity.
Building cybermature organisations requires maturation across all
three perspectives of cybersecurity. It does not mean having the latest and
greatest technology. While technology certainly plays a role in automating
much of the security domain, it is actually other dimensions-namely, people
and process-where greatest levels of improvement are needed across the
region.
organisations are only ever as secure as their people. Each
employee, no matter where they stand within an organisation, is often both
the first and last line of defence. Better trained people, more cyber-focused
skillsets, and a defined organisation-wide cybersecurity focus on improvement
are three key means of improving organisational prevention, protection, and
response.
Additionally, another area of focus should be improving the
overall processes around cybersecurity. Many of the cybersecurity standards
actually centre on the process aspect of the cybersecurity dynamic. Stronger
governance, adherence to sound practises and procedures, and implementation
of security first processes can ensure that systems and data remain secure
while continued growth in digitisation and adoption of technologies like
blockchain rapidly progress.
How will big data and blockchain technology impact the financial
sector? What are the pros and cons of these technologies?
LZ: There is no doubt that big data, predictive analytics and
blockchain technology in the financial sector (and beyond) have the potential
to create a myriad of new services and a new frontier of business
intelligence.
Deploying big data can fuel job creation especially for personnel
with specialised skills such as data scientist, digital app developers,
digital payment experts, and cybersecurity specialists. It can also fuel
lateral job movements and a re-positioning of current jobs in the financial
sector, whereby traditional counter clerk positions will transition to
financial services analyst positions.
With the power of advanced data analytics, today’s counter
clerk will be able to proactively and predictively offer a customer the most
personalised services required when that customer enters a financial centre,
or over the phone or internet-based on data insights from that
customer’s financial behaviour.
This customer data will then allow institutions to benefit from
data insights related to spending patterns, financial capabilities and income
thresholds of customers. The more access to data, the better the ability to
harness power to make customers more satisfied and employees more productive.
These socio-economic benefits can lead to an increased customer base, a
higher performing work force, and consequently to overall market growth.
Furthermore, data analytics capabilities will eventually allow for
Data-Analysis-as-a-Service (DAaaS) offerings to different establishments-a
merging of today’s credit rating companies and financial institutions,
for example. This will allow SMEs to benefit from the data-analytics
revolution and become more relevant and prosperous in their services
industry.
The challenges would l—ie in that with the creation of these new
services, comes the need to support their development, marketing,
provisioning and continuous enhancement, among other requirements, to support
the creation of jobs across the current and future financial services value
chain. If this is overlooked, the potential of these services will not be
realised.
As for blockchain technology, it can offer support on a wide range
of use cases for financial institutions, including trade finance,
remittances, syndicated loans, loyalty programmes and KYC registries, to name
a few.
Blockchain improves cost efficiency, durability and reliability,
ensures transparency and speeds up transactions, while enhancing security and
privacy. Due to its decentralised network, blockchain does not have a central
point of failure and is better able to withstand malicious attacks. Changes
to public blockchains are also publicly viewable by all parties, which
ensures that all transactions are unchangeable.
The blockchain payment system will, however, come with challenges.
An example of this is the persistent doubt on whether the blockchain can
handle the speed, scale, and security required to process high volume
payments. To cater to a significantly larger volume of transactions, high-end
servers would need to be put in place, which could impact the potential cost
savings of moving to a distributed ledger.
There is no silver bullet on selecting the right path to develop
blockchain technology for financial services in the GCC region. What is clear
though is that central banks and financial services players need to engage
with the technology to understand, harness, and develop it appropriately to
bring about the potential benefits it promises to both businesses and
consumers.
[c] 2017 CPI Financial. All rights reserved. Provided by SyndiGate
Media Inc. ( Syndigate.info ).
Source Citation
(MLA 8th Edition)
“Bringing cybersecurity management to another level.” CPI Financial, 20 June 2017. Global Issues in Context, http://link.galegroup.com.prx-herzing.lirn.net/apps/doc/A505630529/GPS?u=lirn50909&sid=GPS&xid=98522427. Accessed 23 Jan. 2018.
Gale Document Number:
GALE|A505630529
Not Prepared for Hacks
U.S. News & World Report Weekly.
(May 30, 2014):
From Educators Reference Complete.
Copyright:
COPYRIGHT 2014 U.S. News and World Report, L.P.. All rights reserved.
http://www.usnews.com/
Full Text:
Data breaches are up and businesses aren’t ready to deal with them
By Tom Risen
Hacking increased so much this past year that approximately half of U.S.
adults had their information stolen and less than half of U.S. companies have
taken enough precautions to protect consumer data, according to two studies
released this week.
Recent months have been filled with reports about hackers stealing credit
card data, online account passwords and other personal information from
consumers. These included data breaches of networks at retailers like Target
and Michaels, along with the Heartbleed security bug that made software
vulnerable to spying and online theft. Last week, in one of the latest major
security incidents, eBay urged its users to change their passwords
“because of a cyberattack that compromised a database containing
encrypted passwords and other non-financial data.”
Approximately 110 million people, or 47 percent of adults, in the United
States have had their personal information exposed by such attacks, according
to a new study from CNNMoney and cybersecurity research firm the Ponemon
Institute. Attacks will likely become more frequent as Internet and mobile
device use grows, the report cautioned.
To make matters worse, companies are lagging behind trying to protect
themselves, according to PricewaterhouseCoopers’ 2014 U.S. State of
Cybercrime Survey published Wednesday. Less than half of companies in the
survey took necessary steps to protect themselves. Only 38 percent
prioritized security investments based on the risks to their businesses, and
only 31 percent have a security strategy for the rapidly growing mobile
sector.
Businesses are unprepared in part because of poor cybersecurity training at
colleges, says Alan Paller, co-chair of the U.S. Department of Homeland
Security’s Task Force on CyberSkills, which advises how to train
cybersecurity professionals. Security training was not provided for new
employees at 54 percent of the businesses in the PricewaterhouseCoopers
survey. “Colleges are creating people who can tell you about security
but they cannot fix the system,” says Paller, founder of the SANS
Institute cybersecurity training organization.
Many cybersecurity specialists with practical computer expertise “are
not coming out of academia,” Paller adds. Rather, “they are a lot
of self-taught people,” he says.
Failure to protect a network from security gaps at partner companies is also
a problem, as only 27 percent of firms have incident-response plans in place
with businesses in their supply chain, and only 44 percent evaluate the
cybersecurity of third-party companies they work with, the
PricewaterhouseCoopers survey showed. The five most used hacks reported were
malware, phishing emails that send malicious links, network interruption,
spyware that tracks computer activity, and denial-of-service attacks that
overload online servers.
In recent months, Congress has hammered retailers, including Target, for
failing to prevent data breaches, but lawmakers have yet to pass legislation
that would set cybersecurity standards for businesses.
In the mean time, the Obama administration has encouraged companies to share
information about online threats. Some retailers — including Target, Gap and
Nike — have partnered with the Retail Industry Leaders Association to form
the Retail Cyber Intelligence Sharing Center to advise each other of
potential threats.
Source Citation
(MLA 8th Edition)
“Not Prepared for Hacks.” U.S. News & World Report Weekly, 30 May 2014. Educators Reference Complete, http://link.galegroup.com.prx-herzing.lirn.net/apps/doc/A510389258/GPS?u=lirn50909&sid=GPS&xid=358bc79e. Accessed 23 Jan. 2018.
Gale Document Number:
GALE|A510389258
