Resilient Digital environment

 Methods used to implement digital resilience

  • risk analysis of digital system's resilience by testing it against penetration testers/white hat hackers
  • planning for disruption scenarios such of data leaks or loss due to cyber criminals, or natural disasters
  • planning disaster recovery and conducting recovery exercises in case of said data leaks
  • documenting lessons learnt, how you can improve on your response for if it happens again, and how you can stop it from happening again
  • installing new software updates and new hardware in replace of older versions as newer systems patch bugs that can lead to security breaches
  • adding redundancy to systems, so if data is lost, it can be recovered as it will have a copy
  • device hardening (removing unneeded apps, ports and permissions) to stop people being able to plug in malicious hardware such as thumb drives with malware on them
  • maintaining effective backup systems, in the case of large scale data loss, it can all be recovered if stored elsewhere
  • staff training to teach staff how to be safe online, and how to handle data breaches
  • appropriate and reviewed standard operating procedures

Benefits of being digitally resilient

  • increased security of stored data and data transfers
  • increased reputation of the business as they are know to respond well to data breaches
  • lower service downtime leading to better customer reputation


Comments

Post a Comment

Popular posts from this blog

ESP overview

  task number  focus  No. Of hours  Marks allocated  1  Trouble shooting and test planning  2 hours 30  22  2  Interview and communication  2 hours 10  12  3  Project proposal  4 hours  24  4  Post project review  3 hours 30  12    Task uno:  This focus on trouble shooting a fault based on a specified problems/issues and designing a test plan.   The troubleshooting document should include:  User details   Test dates  Computer specs and software  Proposed tests and expected outcomes   Record of diagnosis  The test plan should include:  Administrative details E.G. dates names.  Test dates   Hardwear specs and software   Actual and relevant tests carried out in a logical order including images/diagrams  Full and complete details of expected outcomes  Remedial action required   Task d...
Read more

Stakeholder roadmap

 A stakeholder roadmaps provides an overview of the main components of the project, it will include objectives, deliverables, milestones, resources, and timelines, and is used to show these to stakeholders as well as keeping stakeholders in the know of operations. unlike a project plan, it does not include day to day tasks or a detailed view of roles, only a quick overview to catch stakeholder interest Project timelines timelines show what phases of the project are complete, current, and to do they are used to keep track of different project tasks they include: start and end date of tasks the task duration who is assigned the task task dependencies (if it relies on another task being complete) they are important as they: a central area to display all tasks and project management phases provide a simple representation of the project to make it easier to understand allow team members to focus on important tasks help promote improved time and resource management  Linking pro...
Read more

hw 12/5

Test yourself 241  A botnet aims to take control of digital systems. It is a type of malware that allows a cyber security attacker to take control of someone's system without their knowledge.   The aim of a DOS attack is to make a network inaccessible to users. It does this by flooding the network with traffic which in turn slows its speeds down to a point where it is basically unusable.  One of the main differences between a DOS attack and a DDOS attack is a DDOS attack tends to use multiple devices to try and infiltrate a network. The types of networks that are usually under threat from these would be ones like websites, banks, and payment websites.   Some of the main websites that are targeted by DDOS attacks would be ones like banks and payment websites.   Test yourself 242 One way of trying to find a password is using a dictionary software. This goes through some of the most common passwords and trying them when trying to get access to the account....
Read more