A-Implementing network segmentation represented another low-cost change as existing equipment could be reconfigured to meet the requirements. The decision to create additional subnets and VLANs and split systems up into corresponding segments involved a much high risk to the bank community. So, there are three major steps to implement the change, one of them is host-based firewall. host-based Firewall is considered an important critical source that configured to prevent all desktop to desktop traffic. Also, monitoring and analyzing the traffic was accomplish by the host-based firewall log to document all good traffic. B-These days, many banks have been hacked for the lack of security of the bank. So, we need to protect the CIAA (confidentiality, integrity, Availability, and accountability) to prevent the attacker from using the vulnerability to exploit it.
And we need to know the difference between them. The CIAA triad is designed to guide the organizations about the information security. In which C is confidentiality, I is integrity, A is availability and lastly, A refers to accountability. Confidentiality means assurance that information is not disclosed to unauthorized individuals, processes, or devices. Integrity means protection against unauthorized creation, modification, or destruction of information. Availability means timely and reliable access to data and information services for authorized users. Accountability means Process of tracing, or the ability to trace, activities to a responsible source.
2- Discuss the Tolerance Level of the organization.A. Before implementing security controls: In the old system of the bank, the assets have high level of tolerance on all the assets Firstly, because of the huge number of vulnerabilities that was in the system. Secondly, they don’t have a full time employee (FTE) detected to information security.
Thirdly, they don’t have enough computer infrastructure. Fourthly, both software and hardware have been pieced together over many years through an ad-hoc acquisition process which created an environment of disjointed technologies and poorly integrated process. The old system also was very simple and easy so the attacker or hacker will not need motivation or experience in hacking to attack the system. Also, the main problem was that no one truly responsible for evaluating the risk imposed on the bank as a whole, the software vendors understood the functionality of their own systems, but they were certainly not expert in cyber security.
B. After implementing security controls: in the new system of the bank, the assets have low tolerance level on most of the assets because of the defense in depth that are implemented. Also, the assets have less vulnerabilities which require the hacker to be expert to hack the system. So, the first step was hiring someone with professional background in technology. Also, investing in training and technical certification to stay informed about the ever-changing cyber threat landscape.
The bank had started the process of virtualization by converting a few aging physical servers to virtual machine. Which create an opportunity to utilize the existing environment for VDI as well, which provide a solution for most of the risk that had been identified. Migrating from physical to virtual desktops also presented the perfect opportunity to test and implement several security changes by removing local administrator access for all users and locking down the workstations using a principle of least privilege. 2- Identify key risks that could jeopardize the achievement of the organization’s objectives.? Breakdown or theft of key equipment? Not complying with governmental politics and regulationsAdd more with explanation 4- How to raise the level of understanding within an organization.
let each employee in the organization understand that security belongs for everyone. Employees should understand that the organization’s security is a responsibility for everyone in the organization not only for the security department. By understanding this concept, the organization’s security will be higher because of the cooperating of all the employees.Security awareness training, awareness should be spreaded all over the organization. All employees should know the basic security lessons. Training must be twice or more each year so, the employees are being up to date and to not forget what they have learned.
the Visible Ops principles IT and InfoSec establish and maintain communication channel with senior management to make a good decision. 5- Show some examples of due diligence that information security team did.1- Enforcing policies: enforcing password policy through changing the password periodically. Also, the password should have 9 minimum characters to 15 character.2- The bank applied the idea of multiple solutions through applying the same concept in its approach to risk assessment, which is through identifying risks to information security looking for solution at the same time.3- Competitive: Implementing network segmentation: it is through creating additional subnets and VLANs. It improves security by limiting any external movement of an attacker within the same network.
4- Negotiations: negotiating with the bank’s vendors legal team to agree on a specific language that the bank want to require.6- Estimate the likelihood of a successful attack.Before implementing security controls: the threat source is highly motivated to prevent the vulnerability from being exercised are ineffective. For example, the bank didn’t have the need of experts or skills to make decision about the threats and risks it face. And What is the best way to protect bank critical resources. Which means that the likelihood (0.9) was high. The decision that used to be made, were passive since these is know enough knowledge about security, the bank make passive decision that are easy to apply just to maintain the existence state without making decision with the management.
After implementing security controls: the likelihood (0.1) (has been change from high to low which means that the threat-source lacks motivation in place to prevent the vulnerability from being exercised, for many reasons: 1- The bank hired employee who are professional in. information technology and security. Also, providing training opportunities to their employee, and technical certification to stay up in cyber threat landscape. 2- The decision-making process is now made by vendors, senior management, and broad of directors engaged together, and make decision based on security professionals’ recommendations, and other community bank.
3- Using virtual machine had help in reducing the hardware failures, and issues related to hardware.