Connect on Whatsapp : +1 206 673 2541, Get Homework Help 24x7, 100% Confidential. Connect Now

Risk Management: Security Assessment Report | Best Assignment Service

Risk Management: Security Assessment Report

Security Analysis Baseline

After developing a new system, various tests are conducted by experts to examine its proficiency and response to various situations that arise in the workplace. Importantly, the security analysis baseline creates an enabling environment where developers can evaluate the significance of different configurations and improvements that should be introduced in the system. From this realization, consistent security assessments will provide an organization with an opportunity to incorporate various aspects that enhance the user experience and safeguard their credentials when using the system. Likewise, a security baseline enables practitioners to conduct assessments that yield favorable results, which define the best approaches that can be used to overcome emerging scenarios in the contemporary community.

Many corporations have a huge enterprise network that relies on various endpoints, which improve the user experience due to the improved service delivery. However, the large size of the enterprise network presents a serious problem that undermines the organization’s ability to safeguard user credentials from third parties. When hackers can freely maneuver through a system, they tend to initiate discreet operations that interfere with the company’s credibility and likely to affect its relationship with stakeholders in the long run (Carver, Burcham, Kocak, Bener, Felderer, Gander, & Williams, 2016). From this perspective, network attacks, whether passive or active, lower an organization’s reputation and interfere with its ability to accomplish desired outcomes. Some of the common network attacks include endpoint attacks, malware attacks, and advanced persistent attacks. Likewise, hackers exploit vulnerabilities in a company’s network before launching attacks that have far-reaching implications on their reputation. Therefore, cyber attacks have a significant impact on an organization’s productivity and may contribute towards regulatory fines, which disrupt normalcy in the work environment.

Fig 1.0 A graphical representation of a network diagram with both configuration and connections.

When developing a network system, corporations deploy various strategies that enhance the overall user experience by safeguarding their credentials. In this regard, security posture of an organization is defined by a company’s resilience and ability to overcome cyber attacks that interfere with their operational performance (Liu, Bailey, Karir, Liu, & Zhang, 2018). Usually, a company’s enterprise consists of different assets that are susceptible to different risk factors. In this regard, company managers tend to use different security approaches to increase the efficiency of their networks by reinforcing their security posture. For instance, aspects such as the measures an organization has put in place against external attackers play an important role in shaping its security posture. Likewise, the company’s ability to stage a strong defense against cyberattacks and readiness to respond to each of the attempts defines its security posture. For this reason, security posture acts as a company’s inventory for its different assets that range from cloud to infrastructure.

Fig 2.0 A graphical representation of the features that define a company’s security posture.

An enterprise security posture defines the status of a company’s software and the ease of external interference. On many occasions, company managers are focused on investing in security approaches that lower the accessibility of third-parties in their networks. Although networks are frequently being hacked, the true test of an organization’s security posture is determined by its ability to thwart any efforts that focus on gaining access into a company’s network (Solow, Darshan, Cain, Epstein, & Zucker, 2019). Besides, security network experts should map the attack surfaces and enable the company leadership to understand the possible loopholes that can be exploited by third parties. However, identifying the paths that can be pursued by hackers provides one with a clear line of thought that demonstrates the intentions of the third party and the resilience of the network to withstand the numerous attacks.

Fig 3.0 A graphical representation of a network infrastructure with configuration, connections, and endpoints.

Code injection, data breach, and malware infection are some of the popular security concerns that compel organizations to develop security approaches, which respond to the real-time problems. On many occasions, hackers exploit vulnerabilities in a security network before injecting a malicious code in a company’s application or web platform with the hope of manipulating organizational outcomes (Niakanlahiji & Jafarian, 2017). Usually, the vulnerability exists in the text fields where users key in their credentials to access different pages in a web or mobile platform. Since hackers focus on fields that incorporate an SQL statement, companies should develop approaches that enable them to safeguard user credentials, server control, and data protection.

Alternatively, data breaches have a significant impact on a company’s operational performance because of the cost implication associated with losing data to hackers. Causes of data breaches range from software misconfiguration to lost hardware, where hackers utilize the existing vulnerabilities before deploying their phishing attacks. While many corporations are always on the look out to warn their employees about malwares, a majority of their executives are unaware of the dangers posed by email spam (Angst, Block, D’arcy, & Kelley, 2017). In this regard, malwares have different origins, which influence the nature of attack that can be launched in an organization. From this realization, incorporating different screening levels enables corporations to overcome the devastating impacts of malware infections on the company’s security network.

Acquiring an accurate IT asset inventory enables organizations to establish their security posture, which enables them to predict potential cyberattacks that can interfere with their credibility. Following a successful IT inventory, company managers, through their security experts, can then proceed to map the attack surface before introducing countermeasures that aim at improving the strength of the network security (Asmussen, Kristensen, Steger-Jensen, & Wæhrens, 2018). At some point, organizations require qualified personnel who can perform different tasks that meet the desired expectations. Initially, viruses were the common form of malware but have decreased over the years because of the introduction of tools such as antiviruses, which enhance detection. Routers, switches, and firewalls are quite vulnerable because of the ease with which hackers use them to gain access into a network.

Data in transit refers to the process where information is constantly being exchanges across a network. In this regard, any external interference affects the quality of communication and lowers the level of comprehension where individuals understand the shared messages. From this realization, data protection plays an important role in securing inactive data from hackers and third-parties (Goddard, 2017). However, organizations can adopt various measures that revolve around remediation, mitigation, countermeasure, and recovery to improve its overall performance in the business environment. After mapping the security risks that threaten a company’s network security, adhering to NIST SP 800 53A guidelines play an important role in creating secure systems that have a minimal interference. It should be noted that the NIST SP 800 53A guidelines specify the security controls that should be used for different networks, a move that reinforces the general security in the modern workplace.

Developing a Network Defense Strategy

Firewalls are critical when developing a network defense strategy because of their ability to detect malware and other forms of cyberattacks. Although firewalls are not enough when developing a network defense strategy, organizations should compliment their roles with other technological tools that reinforce the security levels in their networks. Besides, firewalls are among the oldest measures of computer security and continue to prove their importance with subsequent technological innovations (Liu, Zhang, Zhang, & Shao, 2020). It should be noted that modern technological innovations have introduced sophisticated features, which enhance their detection capacity and ability to mitigate cyberattacks. For this reason, organizations should step up their security with the adoption of other tools that compliment the functionality of the firewall and its ability to overcome issues, which may undermine their performance in the modern corporate world.

IDS fit is an important addition when elevating the security level of different platforms in the corporate world. In this regard, an IDS strengthen a network architecture by identifying vulnerabilities and the accruing risks associated with routers and switches. Even though router access lists can be verified overtime to evaluate their efficiency, it is impossible to retrace the weak links without an IDS (Capdeville, Lemoine, & Mezerette, 2019). From this perspective, an IDS exposes security experts to an enabling environment where they can introduce audit tactics that assist with change management in the security architecture. Likewise, IDS logs can be examined to identify various activities that undermine the efficiency of the network security and its ability to safeguard user information from third parties. In the same vein, IDS logs provide organizations with forensic evidence in case of an attack because of their ability to trace the source and activities of different users at any given time. However, incorporating an inline IDS into a network can help prevent ongoing attacks.

Using Monte Carlo simulations allows one to foresee the probability of different variables when exposed to varied scenarios. In this case, Monte Carlo simulations can be used to analyze the impact of risks and the growing uncertainty that revolve around the concept of forecasting. In cybersecurity, Monte Carlo simulation models are widely recommended because of their ability to map risk paths, a move that enables security experts to plot appropriate measures in response to the emerging security threats (Khan & Jayaweera, 2017). It should be noted that organizations can use various methods to implement processes in their networks to evaluate the effectiveness of the cyber controls against emerging threats. Firstly, establishing security metrics enables security managers to utilize operational statistics that play a critical role in enhancing the nature of outcomes in the contemporary environment. In the same vein, performance measures are plotted against the ability of an organization to withstand various risks in the external environment. Hence, setting compliance goals enables company managers to develop a range of deliverables that guide individuals towards accomplishing the set goals and objectives.

Secondly, conducting vulnerability assessments exposes one to an enabling environment where they can overcome various challenges affecting an organization’s operational performance. In this regard, regular vulnerability assessments expose the security patches and weak configurations that can be exploited by hackers. Thirdly, executing an internal audit provides an organization with a clear image of its security controls and the weaknesses that hinder its effectiveness in the cybersecurity space (Ali & Awad, 2018). Likewise, a gap analysis can also be conducted to establish the shortcomings associated with the company’s security policy and other cybersecurity standards.

Penetration Testing Engagement

Penetration testing is similar to ethical hacking because of its ability to demonstrate the existing loopholes in a security system. On many occasions, organizations are expected to deploy a penetration testing to enhance the security levels and features of their networks (Chu & Lisitsa, 2018). In this regard, different processes are conducted to evaluate the overall status of a security system and its ability to withstand consistent attacks from hackers as shown in the chart below.

Fig 4.0 A graphical representation of the penetration testing stages.

In the first step, organizations develop a plan that will guide them in conducting a reconnaissance that will yield the desired outcomes. In this stage, the test goals are established and information about the best approaches that can be used to achieve the objectives is gathered. Consultation is often made in this stage to enable the organization explore all options that can be used to yield desirable outcomes. In the second step, scanning tools are introduced to enable the security managers comprehend the possible reactions from the security system following a consistent exposure to intrusion (Hatfield, 2019). Scanning tools such as Netsparker, Wireshark, and John the Ripper password cracker are deployed in this stage. In the third step, managers initiate the ethical attacks to the target and observe the response from the system. By using the target and test goals established in the first step, security managers launch simultaneous attacks to establish the errors and develop viable solutions that respond to the emerging challenges. In the fourth and fifth step, security managers maintain access while analyzing the results to establish the best approaches that can be used to overcome the problem. The overall penetration testing engagement may take less than one week, depending on the system’s level of engagement and involves the Information Security and Policy Office (ISPO) and the data custodian.

Letter of Intent

HighCastle Cybersecurity

9507 S. Oak Valley Drive

Brooklyn, NY 11228

January 27th, 2021.

Max Webber

Chief Technology Officer

Ambac Financial Group

1 State St, New York,

NY 10004, United States

Physical Penetration Testing Authorization

Following our conversation with you last week, we are writing to seek authorization to conduct a physical penetration test on your network.

As agreed, our company will use the black box testing approach to identify any vulnerabilities in your system and help develop adequate solutions that can be used to respond to the changing needs of both your organization and consumer.

Below, are the Rules of Engagement (ROE) that will be applied in the penetration testing process;

  • We will run this operation in conjunction with your technical team to avoid creating inconveniences that may affect the user experience.
  • Sensitive data will be handled appropriately to eliminate the possibility of creating risks that may undermine the credibility of your organization.
  • The penetration testing will take one day before normal operations can be restored. However, the development of viable solutions based on the results will take one week where we will share our findings with you to help you accomplish your desired company goals.

In the event challenges arise during the penetration testing process, our team will brief you on the new developments and work on a new turnaround strategy that will influence the nature of outcomes in the workplace.


Jeremy Peters

General Manager,

HighCastle Cybersecurity


Network Penetration Test Outcomes

NIST SP 800-53 stipulates the approaches federal institutions should use to manage their security systems. At any given time, organizations develop appropriate mechanisms that suit their security needs and enhance the overall user experience. In this regard, NIST SP 800-53 was established to dictate how federal agencies would implement strategies that protect citizen data from third parties. From this realization, NIST SP 800-53 is a critical element of Federal Information Security Management Act (FISMA) because of its ability to set industry standards that guide federal agencies during their interactions with citizens and other stakeholders (Bertoglio & Zorzo, 2017). Operating under the U.S. Commerce Department, NIST SP 800-53 promotes innovation and healthy outcomes in the scientific field where industry players are expected to conform to the market standards of operation. From this realization, NIST SP 800-53 enhances the security level of information systems in government institutions. In the same vein, the guidelines enable the government in developing appropriate mechanisms through policy formulation and implementation to control hacker interference that affects the ability of organizations to accomplish their desired objectives in their immediate environment.

Related: policy formulation and implementation essay assignment.

After conducting the penetration testing engagement at Ambac Financial Group, we discovered various issues that violated the NIST SP 800-53 control families. Firstly, the company’s access controls were compromised, providing third-parties with unlimited access to customer database. Although Ambac had created an environment that allowed its users to access different services, it lacked a physical access control that would limit individuals from accessing various platforms. By developing a logical access control, it becomes difficult for unauthorized personnel to access the designated technological infrastructure. Both physical and logical access controls respond to different issues that threaten the effectiveness of a security network. For instance, physical access control lowers accessibility in buildings and other tangible IT infrastructure while logical access control reduces exposure to computer networks and system data. From this realization, Ambac Financial had not given authorization to the right personnel who could access company data at any given time, creating a conducive environment for hackers to penetrate their security system.

Without the access control measures in place, it was impossible for Ambac to establish ground rules that would be used to promote audit and accountability in their security system. Notably, many individuals encounter various issues that interfere with different operations in the workplace. In this regard, Ambac should allow external investigators to conduct audit and accountability exercises to evaluate the ability of their system to conform with the stipulated federal guidelines and policies (Rains & Brunner, 2018). It should be noted that NIST SP 800-53 oversees the evaluation of central audit systems to eradicate any potential risks that undermine the existence of different values in the corporate world. By defining the target audience in every security platform, Ambac will create an environment where information resource owners vary from other custodians who rely on the security system. For this reason, IT security personnel at Ambac should allow external investigators to identify auditable events that can be used to overcome security violation issues that undermine the functionality of the security system.

In a compromised security network such as Ambac’s, one may encounter various issues that influence the outcomes of events in the workplace. Firstly, security professionals at Ambac should establish a risk baseline that outlines the different types of threats that can undermine the effectiveness of the entire network. Since every organization has a different culture, it should be noted that adoption of a risk baseline will be influenced by the goals and objectives of Ambac and its vision in the contemporary business environment. Before aligning its operations with the recommended access control protocols, Ambac should assess its workflow and examine the data exchange process to overcome various issues that hinder the corporation from accomplishing its expected outcomes. From this realization, Ambac will be required to capitalize its resources by identifying its risk baseline and aligning its operations with the aim of overcoming the specific threats.

Alternatively, Ambac will be expected to develop a user awareness program that engages its different stakeholders who rely on their platforms for different outcomes. Importantly, creating a healthy relationship with customers plays a significant role that enhances the nature of outcomes in the business environment (Florea & Duica, 2017). Away from the technological infrastructure that facilitates the interactions, embracing progressive approaches in communication is a critical element that will influence Ambac’s success in the business environment. Given that people often click on unapproved links, Ambac should eliminate the possibility of consumers disclosing private information to third parties who benefit from the systemic vulnerabilities. Therefore, engaging stakeholders and informing them about the different approaches that can be used to maneuver the system will build a loyalty program that connects the organization with its target audience in the corporate world.

Risk Management/Cost Benefit Analysis

In the corporate context, analyzing risks is heavily based on the human attribute because of the inability of individuals to conform to the society expectations, unlike technological tools and innovations. In many instances, organizations take risks by hiring unqualified personnel with the hope that they can learn and adapt to the changing work environment where expectations dictate different operations. Likewise, many Americans take the risk of driving every day to work despite the numerous consequences associated with the activity. In this regard, adopting a security system attracts cybersecurity risks that expose organizations to scenarios that taint their reputation in the business environment.

In Ambac’s case, the real future risk involves a possible cyberattack that may expose private consumer data to external third parties. The consequences from this scenario will be defined by the approaches that may be used by the hackers during their interaction with the acquired information. Likewise, the statistical data will be calculated using the amount of loss that will be incurred by Ambac and its loss of credibility from its stakeholders. The projected risk entails the lack of business due to limited market trust following the company’s reputation in the financial world. Lastly, the perceived risk is held closely by individuals who believe in the organization’s inability to deliver customer expectations in the market.

From this case analysis, it is impossible for Ambac to ignore the benefits associated with elevating the security status of its network due to the changing technological landscape. Conducting regular assessments and audit of the efficiency levels in the security system will provide Ambac with an opportunity to overcome challenges that hinder its ability to interact with consumers in the business environment. For this reason, the benefits outweigh the cost of operation in this activity because of the advantages of connecting with the target audience and forming strong bonds with the people.

Cite this Page

Risk Management: Security Assessment Report | Best Assignment Service . (2022, March 08). Essay Writing . Retrieved February 01, 2023, from https://www.essay-writing.com/samples/risk-management-security-assessment-report/
“ Risk Management: Security Assessment Report | Best Assignment Service .” Essay Writing , 08 Mar. 2022, www.essay-writing.com/samples/risk-management-security-assessment-report/
Risk Management: Security Assessment Report | Best Assignment Service . [online]. Available at: <https://www.essay-writing.com/samples/risk-management-security-assessment-report/> [Accessed 01 Feb. 2023].
Risk Management: Security Assessment Report | Best Assignment Service [Internet]. Essay Writing . 2022 Mar 08 [cited 2023 Feb 01]. Available from: https://www.essay-writing.com/samples/risk-management-security-assessment-report/
Get FREE Essay Price Quote
Pages (550 words)
Approximate price: -