Paper Example on Payless Foods' Information Security

This is a report from the Information security office addressing the events that transpired in Payless foods on Monday, 28th October 2018. The report will explain what my office has identified as the root of this day's occurrences. It will also tell what is being done to manage the situation. On top of that, the report will indicate the measures being taken by the Chief information security officers to ensure that today's misfortunes do not happen again.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

Failure of network access at the company and its branches may have been a result of interruption from outside sources. The invasion destroyed identity management systems (IDMS), rendering it unusable. The failure of IDMS is what led to the massive network failure in the organization. To ensure that this does not happen again in the future, Ingress filtering has been added to IDMS. Filtering will sensor access in the IDMS, providing that it will not be infiltrated in the future, and resulting in a denial of the network in the company.

We also had issues of suspicious transactions from finance, which had not been authorized by the finance office. This type of cybercrime is called a fabrication. A third party introduces fake transactions and records to the database. First of all, we will add an intrusion detection system that will help to detect intruders in the information system fast. Also, to prevent TCP hijacking in the future, we will use IPSec in financial software. We will also liaise with the relevant authorities to ensure that the money lost will be tracked and hopefully retrieved.

To address the proposed budget slash in the information security training, I believe that that is not necessary. Learning how to build passwords and which links to open or not to open is very important because one click on the wrong link could infect the whole company with a virus. My office is going to increase the information offered in training because, for the company's systems to be invaded, the attackers must have had some information that was supposed to be private. The courses will equip the employees from all departments and branches with the knowledge that will help us all protect the company's information. This will help save the company money lost through network failures or infiltrations by intruders.

About the compromised application, which resulted in perpetrators collecting our customers' information, I recommend we send out emails to our customers to report this to the relevant authorities. Additionally, we have attained a written agreement with the business unit manager stating that the security features will be incorporated in the second release of the application next year. In the future, we will ensure that we assess all applications being used in the organization and act accordingly in case of a security breach. My office will be conducting a periodical assessment of information and all information systems from now henceforth.

My office also plans to ensure that we employ more reliable and secure measures to protect the company's software. We plan to give every employee in the finance department a unique log in code. The unique code will increase accountability because outside parties will not be able to access the company's software without them. The employee whose login information will be used in any malpractice will be answerable for the act.

The information security office takes full responsibility for the misfortunes that faced Payless Food organizations today. Never the less, the information security office has saved the company a lot of money by identifying and preventing potential attacks over the years. We, therefore, request that you give us a chance to amend today's setbacks. Some of the measures mentioned above are already being implemented while the rest will be implemented gradually. With that Payless, foods will have a more reliable information technology system.