Introduction To DIGITAL TECHNOLOGY

Unit 3.2
ATHE Level 3 Diploma In Information and
Digital Technologies

NAME: Aulrich Jay P. Montesur

TUTOR: Sir Abdulrahman

Table of Contents
Task 2(AC 2.1) Explain methods of keeping safe when using social networks. .................................................... 2
Task 2(AC 2.2) Describe how social networks create your personal brand ......................................................... 4
Task 2(AC 2.3) Explain how to protect your reputation online............................................................................ 6
Task 2(AC 2.4) Explain methods of keeping safe when working online ............................................................... 9
Task 3(AC 3.1) Explain the types of cyberattacks to look out for ....................................................................... 11
Task 3(AC 3.2) Identify legislation relating to cyber security ............................................................................. 13
Task 3(AC 3.3) Outline policies that could be implemented in a chosen work environment ................................ 15
Task 3(AC 3.4) Explain effective prevention methods to protect the organization .............................................. 18
Task 3(AC 3.5) Describe how to protect systems, people and processes .......................................................... 20
Task 4(AC 4.1) Identify techniques for managing any security risks .................................................................. 22
Task 4(AC 4.2) Create a cyber security risk register ......................................................................................... 24
Task 4(AC 4.3) Explanation on how to monitor cyber security risks in the organization ....................................... 28
Task 4(AC 4.4) Create a risk response plan .................................................................................................... 30
Task 4(AC 4.5) Describe the importance of cyber security when designing a new system ................................... 35
Task 4(AC 4.6) Create a disaster recovery plan ............................................................................................... 37
Task 5(AC 5.1) Install and configure security measures on mobile devices ....................................................... 42
Task 5(AC 5.2) Implement Anti-Virus and Firewall in Desktop Devices.............................................................. 45
Task 5(AC 5.3) Implement Password Policy and Monitor user activity in Cloud based systems ........................... 46
References: ................................................................................................................................................. 48

Task 2(AC 2.1) Explain methods of keeping safe when using social networks.

Keeping Yourself and Others Safe on Social Networks

Keeping oneself safe when using social networks can be as simple as reducing your digital footprint by limiting your
visible online activity and keeping sensitive things like any kind of data or information to yourself. On the other hand,
protecting other people can also be as simple as spreading awareness, such as sharing your insights, methods and so on.
There are some, however who may not be able to grasp internet literacy, an example to this are old people and children,
they would be the most vulnerable online, in which case, monitoring, tracking and limiting what they access in social
networks would be a necessity for their safety.
Strong Passwords as a Priority
Your first line of defense is having a strong password. A good rule of thumb is to create a password that is easy for you
to remember but difficult for others to guess. Avoid using personal details like your address, personality traits, or pet
names, as attackers can study your behavior and relationships to make educated guesses. Instead, pick completely
random combinations of letters, numbers, and symbols but in a way that would be easy for you to remember like using a
familiar yet long pattern of sorts.

Additionally, avoid posting sensitive, revealing, or overly descriptive information about yourself online, as this can make
it easier for attackers to impersonate you or commit identity theft and fraud.

Minimizing Visible Activity

To reduce your visible activity on social media:

• Set your accounts to private so that only trusted friends and relatives can view your content.
• Avoid accepting friend requests from people you don’t know.
• Limit the number of accounts you create and delete unused ones.
• Refrain from signing up for websites you plan to use only once, and if you must, log out immediately after use.

Being Mindful of What You Share

Most importantly, be sure to never reveal any important and sensitive information, as obvious as it is, it can be quite easy
to spill a little too much when your caught in the moment, nevertheless, it is imperative to always be mindful of what you
say online to both protect your reputation and yourself from accidentally giving attackers what they want to use against
you.

(State Farm, 2023)

Use Two-Factor Authentication

Another important measure that will help to strengthen your positions in the network space is to enable two-factor
authentication (2FA). This provides a second line of defense to your accounts. If by any chance someone hacks into your
account or guesses your password, he or she will not be able to log into your account since the second factor of
identification is usually your phone or email. It is a small measure that greatly decreases the likelihood of your account
being hacked, and most of the sites provide it as a free service. (Microsoft, n.d.)

Be Wary of Phishing Attempts

Phishing is one of the most frequently used tricks by attackers to get your personal data. This can, for instance, be in the
form of email messages, messages or pop-up advertisements requesting your private details or login details. Most of
these contacts and emails will try to impersonate someone to appear legitimate, asking for your sensitive information
with a supposed good and valid reason which is why one should always double-check the email’s address for any
suspicious or unfamiliar details and never click on links or attachments from unknown sources. Even if you just have a
bad feeling about it but no evidence to show yourself, it is often better not to interact with the person or content at all
unless complete verification is reached which typically means contacting the person that is being impersonated in
another more secure and verfiable way, atlternatively you may also report the potential phising account. (Microsoft,
2021)

Always Make Sure That Your Software is Up to Date

Updating your software, apps, and operating systems is one of the most important things that people neglect to do. You
should always keep in mind to regularly update them to have all the current fixes to bugs and exploits that attackers
might use on our devices. But thankfully however, you can set your devices to automatically install the updates when it’s
released and you are connected to the internet for your convenience, shielding you from new threats without needing to
remind yourself to update your software. This simple trick alone is already very helpful to keep your online activities
safer and minimize the possibility of getting infected with malicious software.

Educating Yourself and Others

The very best way of defending yourself and others against online threats is knowledge. Always stay informed about the
latest cybersecurity threats and educate yourself on best practices for staying safe online, for casual internet users, just
looking around what's trending in the cybersecurity space for 10 or 5 minutes is usually enough. Also, make it a habit to
share this knowledge with others, especially those who may not be as tech-savvy or literate about digital space. Whether
it’s guiding a friend on how to set up their privacy settings or teaching elderly relatives about social engineering tactics
and phishing, educating others always helps create a safer online environment for everyone.

Task 2(AC 2.2) Describe how social networks create your personal brand

Importance of Social Networks for Personal Branding

Social Networks can be a very crucial tool to create one’s brand and reputation, but it must be used properly and
ethically if that reputation is to be shaped in a good way. As such, one must know what kind of reputation they want to
have and which group they would like to make an impression of it on. Asking for any recommendations is also
important, likewise, to having an open mind.

Creativity and Consistency in Branding

One helpful quote I found is “While your goal may be to create an unstoppable personal brand online, make sure it
reflects you and your values.” (Digital Marketing Institute, 2024). To make your personal online brand, you must branch
out to several different social media platforms, limiting yourself to one will also limit the amount of potential people who
will see your content. Once you have set up your social media accounts, you must now decide what brand you will take
on, what its target preferred audience should be and how you want that audience to see it before taking any steps.
Creating a brand image takes a lot of creativity as you need to make sure your content is unique enough to stand out
among the crowd while still being engaging and informative at the same time, so that you can have your audience
regularly come visit you, speaking off, you need to provide them that reason as well to come back to your social media
which is why you have to post consistently, it can be daily, it can be weekly, it can be an hour, just the important thing is
the consistency and frequency of your posts so that your audience will have an idea as to when to expect next content to
be delivered instead of a randomized schedule throughout a weekly or monthly basis.

Develop Credibility

Your credibility as well will start to build up with your content so be sure to have an active online presence with every
social media interaction like answering any questions or engaging and sharing knowledge in topics and discussions,
joining industry groups as well can also help you build a network, your preferred industry like making as contacts with
other experts and specialists on the field as possible to build up a legitimate and trustworthy impression to your
audiences. (Marr, 2023)

Be Open to any Feedback

There is always room for improvement, having an open mind in how you create your personal image can quickly make a
lasting impression on your audience. Try to seek out as much guidance, advice and suggestions from your followers and
peers, think of them as your tips and tricks as to how to further appeal to a larger audience and make a more reputable
image.

Keep Your Content and Profile Updated Regularly

Your topics, skills or interests might change over time, and your audience should be able to see that growth as time
passes. Updating your profile and your content regularly makes you relevant in your field and proves you are still
developing. It could be a new skill, a recent accomplishment, or even new insights you want to share with your audience
but sharing it with them keeps them engaged and reminds them of your expertise. If an old piece of content is still
valuable, don’t be afraid to refresh it; if your brand is dynamic, don’t be afraid to add new perspectives.

Don’t Build a Following, Build Relationships

It’s not just about getting followers. It’s about building real relationships and connections with your audience. Have
conversations, respond to comments, build an environment where people feel like they’re part of your brand.
Appreciating your followers can turn your casual followers into loyal supporters literally invested in your brand and
image.

Don’t Post Controversial or Harmful Content

When you’re trying to build a strong brand, you want to steer clear of getting involved in controversial or damaging
content that could damage your reputation. It’s tempting to jump on the latest trending topics but never forget the long-
term effect of your words. Have it posted without content that can alienate or offend your audience because that can
damage your credibility and will result in needless controversy. Maintaining your reputation is built on trust, and
avoiding divisive subjects will help you keep that.

Authenticity is Key

In an age where anyone can curate a fictional and bias image online, authenticity is one of the most valuable traits. It
helps build trust and loyalty when you are real with your audience. Don’t just post highlights, share your true thoughts,
challenges and successes, build relatability and communication. Authenticity is more relatable because it taps into a
vulnerable side of people which helps build stronger and long-lasting connections. Remember that your audience wants
to know the person behind the brand, so let them see your true self.

Task 2(AC 2.3) Explain how to protect your reputation online

Importance of Protecting One's Reputation

Protection of one’s reputation is a very important practice in the world of the internet, it can be the deciding factor of one’s
credibility, if their followers are still going to take their word and what they say as truthful and factual, one’s business, if they would
keep getting customers and glowing reviews or one’s brand image, if it’s still going to get positive attention, reactions and
interactions. You should always be mindful of your reputation and how people perceive you as it can quickly change overnight and
can have very disastrous outcomes and consequences, both online and in real-life if left unchecked or mismanaged.

Mindful Posting and Monitoring

To start, always be mindful of what you post online. Consider how others might feel about your content and how they might
respond. Maintaining a friendly, neutral, and open-minded tone in your online interactions can enhance your credibility and
professionalism.

However, not everyone shares the same perspective. Peers or strangers with differing opinions or agendas might tag or mention you
in ways that could harm your reputation or alter how others perceive you. You can fix that issue by:

Managing Online Presence

Just frequently monitoring and controlling your online presence would be enough for a casual internet user. Always keep in mind
that reputational damages and issues usually arise from personal and confidential information that might have been unintentionally
or intentionally shared or leaked online so watch and limit what kind of information you privately share in the internet to minimize
either the chances of reputational damaging information getting leaked or the damages of it being leaked. You can do this by using:

Tools for Reputation Management

Practicing searching for your name on search engines every now and then to identify any websites or content mentioning you or
your personal brand. Since manually reviewing every website on the internet is impractical, we can utilize tools like Google Alerts
to help us. By setting up an alert with your name, you’ll receive notifications about any new articles, posts, or data related to you,
enabling you to stay informed and manage your online reputation more effectively.

How to Respond to Negative Feedback Quickly

In the case of online reputation management, quick response is very important to negative feedback and comments. Negative
reviews or comments about your brand or personal image shouldn’t be ignored. If you’re addressing concerns or complaints, do it
with professionalism and offer solutions, and you can turn a potentially damaging situation into an opportunity to prove your
dedication to customer service or personal growth. The quicker you respond, the less likely the negative feedback is to spiral out of
control.

In Regularly update your privacy settings.

Privacy settings and policies on social media platforms are constantly changing and you need to always be aware of it and
consistent in updating your own privacy preferences in accordance with these new changes. Frequently check and revise what is
visible to the public, which access you allow to your accounts and profiles, and which posts you allow the public to see. Adjusting
your settings can take some time and a bit of effort, but by doing so you limit your exposure and lower your risk of attracting
unwanted attention or damaging your reputation.

Professional Online Conduct

Your online reputation is what you are saying about yourself. When engaged in an industry conversation, or discussing with clients
or followers, you should always aim to be a respectful and courteous young professional. Your online persona should be as
professional as you would be in person. Don't even argue with someone if you don't feel like agreeing with them and avoid any
escalation that would spoil your reputation.

Crisis Management Plan

If a reputational crisis happens, you need to have a crisis management plan where it will have steps for reputational recovery like
addressing the issue, communicating with your audience, working out on a resolution and taking responsibility if necessary. The
trick is to stay calm, accept the situation, and explain how you’re going to solve the issue. A good crisis response can lessen the
blow of any reputational damage and show that you are ready to deal with problems quickly. (Asana, 2021).
Task 2(AC 2.4) Explain methods of keeping safe when working online

Importance of Online Safety

Being safe online is as important as using the internet to accomplish any important and personal or work-related tasks or purposes,
and as cyber-attacks continue to significantly grow annually, it has become a necessity itself to be proactive in how you handle and
protect any sensitive data of yours.

Mindfulness in Digital Interactions

In digital social spaces, networks, and platforms where you interact with others, it is essential to be mindful of your digital footprint.
A golden rule of the digital world is to remember that anything shared on the internet may stay there forever. Before taking any
action online, whether posting, writing an article, or sharing content, always assess what you are doing, why you are doing it, and
what the potential response to your action might be. Remember, the goal is to appeal to others without offending or alienating your
audience. Since many people will encounter you for the first time online, your first impression should uphold a high standard of
professionalism while maintaining a welcoming and approachable tone.

Implementing Cybersecurity Measures

Practicing cybersecurity measures would also be a pretty powerful asset to you protecting your data and social media accounts from
being breached like having strong and unique passwords on all accounts and saving them on trusted password managers like
Bitwarden. Coupled with Two-Factor Authentication, which acts as the second and final security system to access your account,
these practices provide robust protection.

Encryption, on the other hand, is heavily needed in messages and calls to keep them confidential so that nothing would be captured
to be used against you. Firewalls, meanwhile, protect your devices and networks to safeguard any sensitive data and information
you are exchanging or storing that can be used against you. Never share sensitive or personal information with anyone for any
reason other than another trusted individual. It is usually safer to share it privately to avoid compromising your privacy or safety.

Staying Wary of Suspicious Websites and Links

For perusing around the internet, you should consistently have it in mind to be wary of any suspicious websites and links. Avoid
visiting websites that have insecure connections, such as those missing HTTP or HTTPS links.

To double-check, do not immediately enter your password to sign up; instead, input garbage first in the password field to see if the
website has access to a database with your account in it from Google. If the garbage is accepted, the website is most likely
illegitimate and dangerous.

Antivirus Software for Securing Devices

In addition to practicing good password management, it’s important to secure your devices with up-to-date firewall and antivirus
software which helps to detect, remove and block the possible threats of unauthorized access, ransomware, malware and phishing
attempts. Scanning your devices routinely allows you to ensure that these threats aren’t present, which also eliminates the chances
of you not losing any of your personal information through hacks, data theft or other security breaches. To ensure you don’t fall
victim to the newest threats, it’s also important to make sure that your antivirus program is updated.

Virtual Private Networks (VPNs)

Using public Wi-Fi or browsing on unsecured networks is very unsafe as it can put your device at risk of being attacked through the
unsecured network, this is where a Virtual Private Network (VPN) comes to play. One of the main benefits of using a VPN is that it
encrypts your internet connection making it much more difficult for hackers to intercept your data. Using a VPN is important
whether you’re accessing sensitive work documents or checking out your personal accounts, because it will keep your online
activity private and secure from cybercriminals that may be monitoring and using the network.

Limiting the sharing of Personal Data

A very well-known yet highly necessary internet etiquette that every user needs to adhere to is always being conscious of what
personal information they share online. Social media platforms, online shopping, and so on, record all of one’s digital activity and
personal data, but it’s worth asking yourself if it’s necessary to give that data. For instance, don’t share too much on social media
platforms like your location, birthdate, credentials or family members. By limiting the amount of personal information you expose
to the public, you reduce your vulnerability to being a victim of identity theft and fraud by an enormous amount.

Task 3(AC 3.1) Explain the types of cyberattacks to look out for

1. Phishing

What it is: The criminals send an email, an SMS, or redirect victims to a website with the intention of obtaining the
victim’s information such as password, credit card digits, or login details.

Example: Getting an email that is like one that your bank sends saying your account is suspended and asking you to
update your details by clicking on a link.

2. Malware (Malicious Software)

What it is: Malicious software such as viruses, worms, ransomware or spyware intended to invade, corrupt and control
software and hardware systems.

Example: A ransomware infection will block your files and request a specific amount of money before you are given access
to use them again.

3. Man in the middle attacks

What it is: Eavesdropping takes place when an attacker interrupts the transmission of information between two points, say
a user and a website, with an intention of cheating.
 Example: Having access to an open Wi-Fi where the attacker gets your username and password.

4. DoS and DDoS Attacks

What it is: A ceaseless overload of a server or a network, which is aimed at rendering Web sites or systems unreachable.

Example: A website is going down due to a botnet which generates a massive amount of fake traffic.

5. SQL Injection

What it is: Security Flaws: Taking advantage of flaws in the web site’s database in order to inject HTML code with SQL
statements that either report or change data.

Example: An attacker manipulating the organization’s data to obtain usernames and passwords that are stored in a
database.

6. Password Attacks
What it is: The act of trying to log into an account through successive and random guesses or through using words and
combinations drawn from a dictionary.
Example: An attacker employs a script to test out every plausible form of password the application has ever accepted a
variety.

7. Social Engineering
What it is: Tricking people into disclose the intended information or elicit actions which are detrimental to security.
Example: They con someone on the phone as a technical support worker to get them to disclose their account details.

8. Zero-Day Exploits
What it is: Exploits which are launched on known weaknesses in a software before the authors of the software come up
with a fix.
Example: Preying on a recently discovered weakness of a Web Browser.

9. Insider Threats
What it is: Malicious insiders include current and former employees, contractors, and partners with access to an
organization’s systems and data.
Example: An angry staff who is divulging vital information.

10. The term Advanced Persistent Threats (APTs)

What it is: Long-term attacks where individuals gain unauthorized access to a system for the purpose of obtaining specific
information.
Example: Hackers planning to attack a governmental database for the purpose of getting hold of secret data.
Task 3(AC 3.2) Identify legislation relating to cyber security

1. Personal Data Protection Law

The law defines the controls for the processing of personal data and the general obligations of companies that
have personal data to secure it and maintain its confidentiality and privacy. It prohibits the processing of personal
data without the consent of its owner, except for some cases in which the processing is necessary to protect the
public interest or to carry out any of the legal procedures and rights. (U.AE, 2024)

Other Examples:
• General Data Protection Regulation (GDPR), of the European Union mandates personal data protection and
allows people rights such as the right to access the data or have it erased.
(Wolford, 2024)

• The California Consumer Privacy Act (CCPA) was designed to guarantee consumers in California more control
over 6their personal information data. (State of California Department of Justice, 2024)

2. Cybercrime Law
These laws concern actions in seeking, identifying, and penalizing unlawful undertakings implemented
with computer and internet technologies including hacking, phishing, identity theft, and malware.
(Michalsons, n.d.)

Example:
• In the United States, the unauthorized access to computers is prohibited by the Computer Fraud and Abuse Act.

• The treaty of the Council of Europe Convention on Cybercrime which is also known as Budapest Convention that
seeks to address cybercrimes.
3. Policies on the Protection of Critical Infrastructure
These laws are aimed at protecting strategic sectors such as energy, transport and healthcare, and
telecommunications. They require those undertaking important operations and services to undertake
strict security measures in cyberspace. (DESC, 2024)

Example:
• The NIS Directive (Network and Information Systems Directive) in the EU imposes higher levels of protection
for organizations in the critical information infrastructure sector.

• The basic legislation which governs the safeguard of important infrastructure against cyber threats in the United
States is the Cybersecurity and Infrastructure Security Agency Act (CISA).

4. Laws Relating to Protection of Intellectual Property Rights

These bodies of law deal with unauthorized taking or use of assets including trade secrets, software or any
other original material, digital or physical that may be under cyber threat of plagiarism or misues. They
assist in making sure that no innovation or creation is used without proper consent has been granted.
(U.AE, n.d.)

Example:
• In the United States there is the Digital Millennium Copyright Act which protects digital rights and sanctions the
bypassing of protections for copyrighted works.
• The Trade Secrets Act protects any unique and valuable commercial information.

5. Cybersecurity Compliance Laws and Standards

These enumerate the set policies and standards that organizations must adhere to to enhance and
achieve the set cybersecurity features to protect digital devices from Cyberattacks. (Nord Layer, n.d.)

Example:
• The Health Insurance Portability and Accountability Act (HIPAA) in United State requires implementation of
cybersecurity in patient’s data.
• The Payment Card Industry Data Security Standard (PCI DSS) mandates that companies who process, store or
transmit credit card data protect their assets.
 6. Incident Reporting and Breach Notification laws.
These laws expect organizations to inform regulators, consumers, and other shareholders when a cyber-
attack on the firm or a data breach is witnessed. The aim here is to prevent bad things from happening and
where possible guarantee some level of transparency and openness. (DLA Piper Data Protection, 2024)

Example:
• The regulation requires an organization to report data breaches to the organizations within seven-two hours of
discovery.
• A Singapore law prevents breaches that could harm people through the Personal Data Protection Act (PDPA).

Task 3(AC 3.3) Outline policies that could be implemented in a chosen work
environment

1. Data Protection and Privacy Policy

Preserves privacy and confidential information of staff and customers and adheres to the legal requirements such as
GDPR, CCPA and local data protection laws.

What is it?

• Gives the requirement of needing to outline how one’s data is captured, managed, used, and disclosed.
• Follows legal standards in the use of consent for the collection of data.
• Contains guidelines on how to handle security breaches of one’s data.

Example: The customer data that must only be used for analytical purposes while having their identities remain
confidential in the process.

2. Safety and Security Policy in the Workplace

Provides security for the staff and customers on-premises and their physical welfare.

What is it?
 • It describes actions to be taken in case a threat or emergency appears in the charity workplace emergency such as
fires, evacuation, insider threats, breaches.
• Takes advantage of security measures like surveillance area access controls and restrictions.
• Automatically a staff training requirement.

Example: Any employee sighting any suspicious activity or any object that appears suspicious should report it to the
security department as soon as possible.

3. Cybersecurity Policy

Gives protection to the Charity’s employees and its customers from cyber risks like Malwares, Cyberattacks, breaches,
etc.

What is it?

• Ensures password standards are complied with and requires at least two-factor authentication for all systems.
• Provides for the encryption of customer data both when in transmission and when stored on the firm’s systems.
• Contains information and procedures for identifying and reporting a phishing or cyber-attack.

Example: Any email that is suspected to be phishing is to be forwarded to IT access its contents.

4. Customer Interaction and Assistance Policy

Sets up parameters for proper and secure communication with charity customers.

What is it?

• It regulates communication of sensitive information about customers through secured and encrypted means.
• An employee must enter multiple authentication details to access confidential customer information and data.
• Establishes primary standards for how customers should be treated with respect and timeliness of interactions.
Example: The support staff must use two-step verification to confirm the identity of a customer before transitioning to
reset account passwords.

5. Acceptable Use Policy (AUP)

Imposes company policies related to the use of company resources such as the Internet, e-mail, and devices to minimize
the risks of staff or customer abuse.

What is it?

• Prevents connecting to websites that contain prohibited material or passing customer data to an unapproved
portal.
• Prohibits employees from using personal devices at work, if not encrypted.
• Looks at the best practices to be undertaken by an employee when using social media at work.

Example: Blocks phishing and distractive websites.

8. Health and Hygiene Policy

For the health and wellbeing of staff and customers, particularly when working in close vicinity with each other,
increasing risk of transferring infection.

What is it?

• Establishes role models for orderliness at the workplace.

• Prescribes how to manage spreadable diseases from employees by having them quarantine or work while sick.
• Sets down the rules to follow when placing hand sanitizers or masks in customer-accessible spaces.

Example: Reporting any employee and co-worker with flu-like symptoms such as sneezing, coughing, and fever to
assign them work-from-home activities or vacations to avoid spreading infections.
Task 3(AC 3.4) Explain effective prevention methods to protect the organization

1. Strong access controls.

Restriction of users to systems and information prevents several users from having the access they need. This aids
in the reduction of access and leakages of information.

Methods:
• Role-based access control (RBAC): The user permissions should be created based on jobs assigned by the
organization.
• Multi-factor authentication (MFA): More layers of security than just single passwords.
• Least privilege principle: Assign only the permissions that are necessary for a job to be done in the system of
the users that work in it.

2. Swift Software Patching and Maintenance or Management

Both operating systems and applications must be updated to prevent exploitation of known, existing flaws in the
program code.

Methods:
• Automate updates: Allow updates of important software and applications, as this can be done automatically.
• Regular patching schedules: Develop an operational procedure for checking and addressing, by hand, systems
that cannot have updates run automatically.

3. The management should also provide several employee training and awareness programs.
One of the major characteristics of cyber threats is that they tend to occur through human mistakes. It is also
essential to train employees on how to handle cyber threats since fewer people are the main cause of social
engineering, phishing, and other attacks.

Methods:
• Phishing simulations: It is recommended to check employees with fake phishing emails within a week.
• Cybersecurity workshops: In the case of security awareness, offer information on approved activities, general
security awareness for suspicious activities, and highly effective passwords.
• Security awareness campaigns: Have some occasional promotions with tips about cybersecurity to regularly
refresh the audience’s memory.

4. Implement a high-end threat identification/detection and threat remediation/management system.

Applying tools that allow the organization to detect threats and produce an answer to them immediately makes it
possible to identify possible leakages and counteract them.

Methods:
• Intrusion detection systems (IDS): Preventing activity by using network traffic monitoring.
• Endpoint detection and response (EDR): Offer some level of visibility and control of devices in an
organization to enable dynamic responses in reaction to anomalous activities.
• Security information and event management (SIEM): Consequently, that is done in the following way:
Collect and analyze information of different types in order to reveal patterns that may indicate a threat.

5. Network segmentation and firewalls

Explanation: A network should be partitioned to reduce damage of a large-scale attack. Firewalls can be used to
help filter traffic access and exit from the net connection.

Methods:
• Internal segmentation: Divide the network into more segments by department or function, where there will be
higher security between one segment and the next.
• Next-generation firewalls (NGFW): Employ firewalls that have highly developed filtering options, for example
application filtering as well as packet filtering.

6. Data Encryption
Explanation: This provides a barrier to entry to an attacker even if the attacker is lucky to have a copy of the
data, he, she cannot read it without the decryption key.

Methods:
• Encryption at rest: Stored data should also be protected with adequate encryption to ensure that data/database
is/or can be secure.
• Encryption in transit: Data that is transmitted over networks should be encrypted by means of protocols such as
SSL/TLS.
• End-to-end encryption: It is important to make sure that the components of communication are secured between
the sender and the receiver.
Task 3(AC 3.5) Describe how to protect systems, people and processes

1. Protecting Systems
Implementing a strong technology management strategy supports the protection of an organization’s data related
to applications and networks from cyberattacks and malicious persons.

Methods:
• Install Security Software: Employ anti-virus, anti-malware software and firewalls in order to close down
external entry to systems.
• Regular Software Updates: All Security software on the operating systems and applications should be updated
to eliminate any known exploits and weaknesses.
• Network Segmentation: Isolate the network into zones where there will be minimal transfer from one zone to
the other in the event of an attack.
• Encryption: Secure in these two phases to avoid leakage of data to wrong channels or malicious access to the
data.
• Multi-Factor Authentication (MFA): Utilize MFA when logging in to any systems, so there are extra measures
of protection to reduce .
• Endpoint Protection: Implement endpoint detection and response products for constant tracking and protection
of all endpoints connected to it.

2. Protecting People
Employees frequently act as the first and even the only barrier against cyber threats. Making sure they are
informed, informed and alert is the key to cybersecurity.

Methods:
• Security Awareness Training: Never leave any employees untrained in how to protect themselves from
phishing attacks, strategies of social engineering, or even how to be safe online.
• Role-Based Access Control (RBAC): Restrict information and systems necessary to perform daily tasks
according to an employee’s position to prevent accidental violation of access privileges.
• Clear Security Policies: Setting administrative measures that define the use of technological and the processing
of data resources. It is important that the human capital is aware, and more importantly complies with these
regulations.
• Regular Phishing Simulations: Regularly quiz the employees on the behavior and emails to ascertain their
ability in withholding scams.
• Two-Factor Authentication (2FA): Ensure use of 2FA every time a person wants to log in to the company’s
accounts, thus even if the attackers possess the account details, they are locked out.
• Incident Reporting Procedures: Encourage employee reporting of possible security threats or eventualities
through well-articulated guidelines that will be far easier for the employees to follow.

3. Protecting Processes
Unlike established and maintained ad hoc practices, a practice of standardized and correctly implemented security
measures assists with maintaining compliance with industry standards and best practices.

Methods:
• Incident Response Plans: Outline and simulate an incident response plan which will allow the organization to
react to a breach or a cybersecurity attack in the best possible way with least impact.
• Regular Audits and Assessments: Schedule security assessments and application information security risks in
an organization to prevent possible threats in processes and structures.
• Compliance with Standards and Regulations: Always make sure that all data and processes are protected from
different cybersecurity laws and regulations, for instance; GDPR, CCPA, NIST framework.
• Change Management Policies: Other controls include that change management processes need to be followed
together with review and approval of any change on systems and software to minimize introduction of
vulnerabilities.
• Backup and Disaster Recovery Plans: Schedule a backup and create a general disaster plan to easily recover the
systems and processes in case of an attack.
• Access Control and Monitoring: Always capture activity so that you can quickly notice any abnormal activities
that are likely to have been instigated by a security threat.
• Data Protection Protocols: Develop measures in dealing, storing and discarding the data, for example, the
control of access rights to avoid exposure of sensitive data.
Task 4(AC 4.1) Identify techniques for managing any security risks

1. Risk Assessment and Analysis

Security risk management starts with the assessment of the risks an organization is exposed to.

Techniques:

• Identify Assets: Enumerate Critical assets or resources such as information, equipment, computer system,
application and knowledge capital /intellectual property.
• Identify Threats and Vulnerabilities: Any opportunity that is available, internal or external, should also be
looked for and any existing in the systems or operation processes which may be vulnerable should be seen as
threats.
• Risk Prioritization: Considerations for risky elements should be employed to evaluate the probability and
consequence of risks so that the organization can target high-risk areas. (BlackDuck, 2023)

2. Implementing Security Controls

Managing recognized risks requires the use of suitable technical, physical and administrative measures.

Techniques:

• Preventive Controls: They include the firewalls, the intrusion detection systems, anti-virus and the best
encryption and access controls that help prevent the acts of threats.
• Detective Controls: Security presence systems and periodic security check-ups about constant or previous
occurrences.
• Corrective Controls: Strategies and resources associated with security incidents and ways to mitigate the effect
and resume business function after an attack.

3. Regular Security Audits and Penetration Testing

Preventive security measures enable one to check for vulnerabilities before they are discovered and exploited.

Techniques:

• Penetration Testing: Use penetration testing to perform an assessment on systems, networks and applications to
establish their weaknesses.
• Vulnerability Scanning: It was recommended that one should use automated tools to identify security
vulnerabilities.
• Compliance Audits: Regulate compliance to industry set rules and regulations as well as internal security
standards.
4. Employee Training and Awareness

It is well known that people are the weakest link in security systems. Training does minimize the possibilities of both
carelessness and malicious acts when information security is an issue.

Techniques:

• Phishing Simulations: Assess the test employees’ performance in detecting and informing about phishing scams.
• Cybersecurity Workshops: Train staff about Cyber-security measures like securing passwords and how they to
properly handle sensitive data.
• Clear Policies and Guidelines: Easy to read and understand guidelines should be promoted and made easily
available for the employees to come across.

5. Incident Response Planning

This means that an organization has to develop a sound incident response plan that will enable a proper response to
reduce the impact of a security incident.

Techniques:

• Develop a Response Plan: Describe procedures for recognizing, preventing, eliminating, and responding to
occurrences.
• Create Communication Protocols: Put up proper reporting and escalation processes of any occurrence in the
planned and executing processes.
• Conduct Drills: It is important to put the response plan under test from time to time via the means of tabletop
exercises and other simulations.

6. Frequent Surveillance and Threat Reporting

Static surveys can be time consuming since they involve reviewing data which has been stored for some time then
formulating a response for it while real-time surveys provide instant response in case of an attack thus making security
better.

Techniques:

• Log Monitoring: Try to use security information and event management system in order to identify logs that
may contain signs of activity of a security threat.
• Threat Intelligence Feeds: It is recommended to subscribe to intelligence services in order to know the new
vulnerabilities and attack methods.
• Behavioral Analysis: ‘Tools should also be used in the system to identify deviations from user activity that
would demonstrate that there are insiders or that accounts have been compromised’.
7. Enforcement of data protection measures.

The security of information is important to minimize security threats.

Techniques:

• Data Encryption: Secure data in transit and data at rest.

• Access Control: Correctly restrict some information concerning a user to limit his/her interaction with the system
to the extent of his/her line of duty.
• Data Masking: Mask datasets retrieved from non-productive environments to lookout for dummy values.

8. Business Continuity & Disaster Recovery Plan

Contingency planning should be done with the aim of minimizing the time that an organization takes to recover from a
security incident.

Techniques:

• Data Backups: More importantly, ensure that critical information is backed up in secure, easily and regularly
retrievable format.
• Redundant Systems: Always prepare a standby system to be put in service if the main system has developed a
fault.
• Testing Recovery Procedures: Testing disaster recovery processes on a regular basis to reduce chances of
failure or root out redundant and inadequate processes.

Task 4(AC 4.2) Create a cyber security risk register

Risk Risk Name Description Likelihood Impact Risk Level Mitigation Risk Review
ID Owner Date
1 Phishing Employees Medium High High Regular staff IT Quarterly
Attacks may fall training on Securit
victim to phishing y
phishing awareness;
emails, Improve email
resulting in filtering
data theft or software and
malware tools;
installation. Implement
multi-factor
authentication
(MFA).

2 Ransom- Malicious Medium High High Regular IT Monthly

ware software backups; use Manage
could anti-malware r
encrypt tools; patch
organizationa software
l data, regularly;
demanding a educate
ransom for employees
access. about
ransomware
threats.

3 Insider Malicious or Low High Enforce HR/IT Bi-

Threats negligent access Securit Annually
insiders controls; y
could conduct
compromise employee
sensitive background
data or checks;
systems. implement
user activity
monitoring
tools.

4 Data Breach Unauthorized High High High Implement IT Quarterly

access to strong Securit
sensitive encryption; y
customer or restrict data
access; use
 employee intrusion
data. detection and
prevention
systems
(IDPS).

5 Distributed Attackers Medium High Medium Use DDoS IT Monthly

Denial of flood and mitigation Securit
Service overload services; y
(DDoS) servers with monitor
network network
traffic, traffic; create
making them incident
unavailable. response
plans for
DDoS
scenarios.

6 Physical Unauthorized Low High Medium Implement IT Weekly

Security physical access Securit
Breach access to controls; use y
data centers surveillance
or devices. systems;
require ID
badges and
visitor logs.

7 Compliance Failing to Medium High High Conduct IT Team Quarterly

Violations adhere to regular
regulatory compliance
requirements audits; train
may lead to employees on
fines or relevant
reputational regulations;
damage. document
security
policies.

8 Weak Poor Medium High High Enforce strong IT Quarterly

Passwords password password Securit
security may policies; y
result in require Multi-
 unauthorized Factor
access to Authentication
systems or ; deploy
data. password
management
tools.

9 IoT Device Compromise Low Mediu Medium Segment IoT IT Team Quarterly
Vulnerabiliti d IoT devices m devices on
es could provide separate
attackers networks;
entry points regularly
into the update device
network. firmware;
disable
unnecessary
features.
Task 4(AC 4.3) Explanation on how to monitor cyber security risks in the organization

1. Real-time threat detection systems incorporated into an organization’s system.

Security tools that allow depending on occurrences in real-time include the Intrusion Detection System (IDS) and
Intrusion Prevention System (IPS). These systems work by examining the traffic on a network to look for signs that
indicate that an intrusion is taking place, for example, attempts at unauthorized access or attempts at copying data out of
a network.

Example: An IDS informs the security team if it identifies large volume of traffic which may mean the organization is
under DDoS attack.

2. Having a Routine Vulnerability Audit Conducted

Conduct frequent vulnerability assessments on the IT facilities to be able to see any exploit that an attacker may take
advantage of; such as weaknesses in the presented software, hardware and configurations. It is recommended to use the
tools like Nessus, Qualys, OpenVAS; so that the vulnerability will not go unnoticed for a long time.

Example: An example of a vulnerability scan is that the operating system on a server is outdated and needs to be
updated to minimize risks.

3. Security Information and Event Management (SIEM) Systems

SIEM systems collect data, originating from firewalls, servers, and applications and dissect them in search of
irregularities and threats. Such systems afford a single point of view on the security situation in the organization.

Example: In a SIEM system, multiple failed login attempts from a foreign IP address are considered to be a sign of a
brute force attack.

4. Endpoint Detection and Response (EDR)

EDR tools watch over the endpoint activities including laptops, mobile devices and servers for signs of a malware or
unauthorized actions. EDR solutions enables an organization gain insight into the behavior of endpoint and limit the
spread of threats to the devices.

Example: In case ransomware is found running on an employee’s workstation, the EDR tool isolates the device.

5. Incident Response Planning

This means that an organization has to develop a sound incident response plan that will enable a proper response in order
to reduce the impact of a security incident.

Techniques:

• Develop a Response Plan: Describe procedures for recognizing, preventing, eliminating, and responding to
occurrences.
• Create Communication Protocols: Put up proper reporting and escalation processes of any occurrence in the
planned and executing processes.
• Conduct Drills: It is important to put the response plan under test from time to time via the means of tabletop
exercises and other simulations.

6. Perpetual Surveillance and Threat Reporting

Static surveys can be time consuming since they involve reviewing data which has been stored for some time then
formulating a response for it while real-time surveys provide instant response in case of an attack thus making security
better.

Techniques:

• Log Monitoring: Try to use security information and event management system in order to identify logs that
may contain signs of activity of a security threat.
• Threat Intelligence Feeds: It is recommended to subscribe to intelligence services in order to know the new
vulnerabilities and attack methods.
• Behavioral Analysis: ‘Tools should also be used in the system to identify deviations from user activity that
would demonstrate that there are insiders or that accounts have been compromised’.

7. This paper focuses on the enforcement of data protection measures.

The security of information is important to minimize security threats.

Techniques:

• Data Encryption: Secure data in transit and data at rest.

• Access Control: Correctly restrict some information concerning a user to limit his/her interaction with the system
to the extent of his/her line of duty.
• Data Masking: Mask datasets retrieved from non-productive environments to lookout for dummy values.

8. Business Continuity & Disaster Recovery Plan

Contingency planning should be done with the aim of minimizing the time that an organization takes to recover from a
security incident.

Techniques:

• Data Backups: More importantly, ensure that critical information is backed up in secure and regularly
retrievable format.
• Redundant Systems: Always prepare a standby system to be put in service in the event that the main system has
developed a fault.
• Testing Recovery Procedures: Other detail will include Testing disaster recovery processes on a regular basis.

Task 4(AC 4.4) Create a risk response plan

What is a Risk Response Plan:

The task of a Risk Response Plan gives resiliency to the organization through identifying and defining what are the
actions, responsibilities, and timelines required to manage risks effectively to protect the asset, data, and employees of
our organization (Team, 2024). My Risk Response Plan is as follows:

1. Risk Identification and Risk Assessment

What is it?
This will include listing out all the possible risks that may affect the organization. Likelihood, impact, and overall risk
level are all assessed for each risk.

Methods

Risk identification and assessment are systematic which needs to capture diverse perspectives from key departments like
IT, HR, and compliance and are actively engaged by stakeholders from those departments for maximum use of
intelligence and our capibility. In addition, we use data recorded from past incidents, threat intelligence reports, and
industry analyses to give the organization a comprehensive view of risk. These roles fall udner the two categories,
Identification and Assessment:

Identification:

Identify and Categorize Risks:

Identify all risks wither external (e.g., market conditions, natural disasters and cyberattacks) or internal (e.g., operational
inefficiencies, technical failures or insider threats), once identified, we can group them into categories, be that financial,
operational, technological, or reputational. This can help us in making analysis and mitigation easier through much more
simplified processes.

Use Tools and Techniques:

Because there remain more risks uncovered than there are arrows of the TQM arrow, leverage brainstorming sessions,
SWOT analysis, checklists, the advanced tools of flowgraphs, fishbone diagrams, and risk registers to guarantee that all
the potential risks are uncovered and structured for evaluation.

Assessment:
Analyze Likelihood and Impact:

Assess both the probability that each risk will occur (qualitatively or quantitatively), and the impact that such occurrence
will have on the organization’s financial performance, operations, reputation, or compliance. The most attention needs to
be paid to high likelihood and high impact risks.

Document Findings:
List all risks (likelihood, impacts, priorities, interdependencies where applicable) to be used in a risk register (More
information in page 34) which would provide a foundation for decision-making, monitoring, and mitigation planning.
2. Make a Risk Prioritization Criteria

The risk is classified based on likelihood, impact, and total risk level. The risk is rated as High, Medium, or Low, and
likelihood is determined by the probability of the risk occurring. The organization’s potential impact is also rated as
High, Medium, or Low. The factors are then combined into an overall risk level, to which the individual, critical, high,
medium, or low risk levels can be applied to aid in risk priority and risk reduction.

3. Integrate Risk Response Strategies

For each identified risk, one or more strategies will be implemented to address it effectively (BlackDuck, 2023):

Avoidance

Risk avoidance is to eliminate the risk by discontinuing the activity associated with it. Let’s take an example: suppose
storing sensitive customer data locally is a high risk, then the organization may migrate to a secure cloud environment to
eliminate this vulnerability.

Mitigation

Proactive management of a risk to mitigate or reduce the likelihood or impact of a risk is the focus of mitigation
strategies. This is implementing firewalls and regularly patching the tool as well as using the anti malware tool to counter
threats just to mention a few. This results in the ability of the organization to avoid exposing itself to the dangers, by
directly addressing vulnerabilities.

Transfer

Risk transfer means that responsibility is passed on to a third party. This can be with a cyber insurance, which would
protect from financial losses that could come from potential breaches. Finally, we can also transfer risk by either
outsourcing our cybersecurity programs or our services to specialized vendors who have a more robust security features.

Acceptance and Control

Some risks, however, are accepted and monitored within acceptable thresholds, with low impact or likelihood risks being
accepted. For example, if there is temporary website downtime or a natural disaster occurred, it is accepted as either
expected or nothing can be done about, but we can utilize tools to monitor and control damages around that.
4. Create a Risk Register

The risk register is a centralized repository where all risks that are identified to the organization are stored, and where
they can be tracked, managed and mitigated all at once. The register documents risks, impact, likelihood and mitigation
strategies to provide a structured approach to risk management as well as informed decision making and accountability.
(Eshna Verma, 2013)

5. Integrate the Organization’s Incident Response Plan

Risk response activities are tightly integrated with the organization’s incident response plan to ensure:

• Timely Detection and Resolution: Threats are dealt with quickly and efficiently, minimizing disruption to the
organization.
• Clear Roles and Responsibilities: Defined responsibilities to streamline the response procedure.
• Effective Communication Protocols: The right individuals are consistently informed and in a timely manner,
enabling collaborative incident management.

6. Monitoring and Review

Steps:

Risk mitigation measures are regularly audited to make sure they are functioning as intended. Newly identified risks are
continuously updated in the risk register. The overall effectiveness of risk management practices is evaluated using
metrics of, for example, the number of incidents, recovery time and downtime.

Tools:

Security Information and Event Management (SIEM) systems are monitoring tools that analyze and alert potential risk
from a single location. To take corrective steps proactively, these weaknesses are identified and addressed by automated
vulnerability scanners. Findings are discussed during periodic review meetings where strategies are also reviewed.

(Six Sigma, 2024)

Task 4(AC 4.5) Describe the importance of cyber security when designing a new
system

1. Protecting Sensitive Data

Cybersecurity aims to protect sensitive data such as personal information, financial records and intellectual property, etc,
as well the system itself from unauthorized access, theft, and tampering. To protect this data, we must design a system
that utilizes methods and programming like encryption, access controls, and data masking into the system.

Example: To avoid losing data due to data breaches and identity theft as well as financial loss, an e-commerce platform
must block the data of user’s addresses and payment details.

2. Building User Trust and Confidence

A system that is built on strong security practices would be able to show users and customers that their data is in safe and
confidential custody, building trust and confidence in the company. It’s especially important when you’re working with
an application that involves user accounts, financial transactions or sensitive personal data.

Example: Strong user authentication and privacy controls favour more trust in the platform with people’s information
and personal interactions if they are implemented by a social media platform.

3. Legal and Regulatory Standards Compliance

By designing with cybersecurity in mind, you help your organization to comply with industry standards and regulations
like GDPR, HIPAA, PCI DSS, and ISO 27001, legitimizing the organization and avoiding significant penalties like legal
and reputational damage.

Example: To avoid fines and maintain patient trust, healthcare systems must be HIPAA compliant, keeping patient data
in a secure, private environment.

4. Preventing Cyber Attacks

A system designed with cyber-security in mind can stop common cyber threats like malware, phishing, denial of service
(DoS) attacks, and data breaches. We can also reduce vulnerabilities by implementing security measures such as a
firewall, multi factor authentication (MFA), intrusion detection systems (IDS) and many others.

Example: If this is embedded in our standard software design, our organization security would be streamlined across the
board with other applications.
5. Reliability and Integrity of the System

Cybersecurity systems serve to ensure the system's integrity and reliability so that we know that the system works as
expected with no unwanted changes. It’s important for systems that need accurate and unaltered data to make decisions
and run operations.

Example: In financial software one important thing to ensure is that the transactions cannot be modified or intercepted,
so both users and the organization cannot be fooled by fraudulent transactions.

6. Insider Threats Protection

Building security protocols into the systems helps to protect against insider threats which are posed by employees,
contractors, partners or other trusted people who can have access to sensitive information. Insider risks can be mitigated
by controls such as role-based access, user behavior monitoring and audit logs.

Example: An enterprise resource planning (ERP) system with strong access controls makes it so that employees can’t
see data that’s outside their job, limiting the chance of intentional or accidental misuse.

7. Minimizing Financial Loss

Substantial financial costs result from cyber incidents: the fines levied, legal fees, costs associated with recovering the
system, and opportunities to do business lost. A good system design can significantly minimize the financial impact of a
cyberattack.

Example: By investing in a secure software development lifecycle (SDLC), a company can avoid the costs of post-
launch patching and customer compensation for security breach.

8. Enabling Secure Scalability

The demands on their systems grow as businesses grow. An organization can grow its operations without compromising
security standards if a system is designed with scalability in mind.

Example: An increase in user traffic and data storage needs can be addressed with a cloud-based platform with built-in
access controls and data encryption, without introducing new vulnerabilities.

9. Reducing Long-Term Maintenance Costs

The costs of recovering and rebuilding data as well as paying for any ransom of our organization data would heavily
more expensive than building multiple security cybersecurity programs into the system from the beginning and their
upkeep. Security issues after a system is breached are usually more expensive and difficult to pay off than they are to just
be implemented during the design phase.
Example: Security testing and vulnerability scanning integrated in the development stage will avoid major issues like
cyberattacks that would have to be remediated when they occur later

Task 4(AC 4.6) Create a disaster recovery plan

Core Objectives Description

Risk Assessment Assess potential hazards that may interrupt operations
which would include any cyberattacks, natural disasters or
system failure which would also encompass the analysis
of risks in the organization's overall digital infrastructure
and their likelihood and potential impact. This will
accomplish the following:
• Cyber-attacks, natural disasters and system
failures are identified.
• Informative vulnerability analysis of the
organization’s infrastructure.
• Informative evaluation of how likely risks are and
what their consequences.
Priority Impact Analysis Determine the criticality and importance of systems and
processes to know which areas need the most priority
recovery effort. This allows us to be able to understand
the financial, operational, and reputational impact of
downtime which enables us to strategically leverage the
efforts and actions that can be employed to recover
without additional doing additional damages and costs.

Backup and Data Management A powerful data backup and recovery plan is a vital piece
of the disaster recovery picture. Regular data backups and
clear methodology for restoring uncorrupted data help
minimize a loss of data caused by a disruption.

Backup Strategies:

• Regular Backups: Back up your data daily,

weekly, and monthly to make sure that data is
always stored and up to date.
• Offsite Storage: Backup your stores in secure,
secure places, for example, in the cloud or data
centers.
 • Encrypted Backups: Make sure all backups are
encrypted to ensure data confidentiality as well as
to avoid unauthorized access.

Recovery Procedures:

• Test Data Recovery: You must regularly test the

data recovery process to be ready and effective.
• Restore Prioritization: The most critical data to
business systems to ensure fast continuity are the
first sets of data to be saved and backed up.

Communication Communication protocols should be set up so that the

channels continue to function even with disasters and
provide an uninterrupted flow of updates together as:
• It can be extremely effective to have all the
necessary parties cooperating and collaborating to
recover to manage the much-needed expectations.

• Consistency and speed are guaranteed when

communications like emails or business
messengers are pre-prepped for crisis.
Regulatory Compliance Make sure the disaster recovery plan satisfies industry
driven legal and regulatory requirements. Financial
penalties, legal consequences and reputational damage
can all be the result of noncompliance.
Regularly review vendor capabilities to make sure they
continue to be ready to fulfill recovery requirements and
to support the organization to meet the goals during an
emergency.

Bring in partners and vendors to build recover strategies

aligned. This would provide you with

• It provides you with access to critical resources

and services during disaster.
• Periodical review of vendors capabilities and
performance.

Employee Training and Awareness Actively train our employees and staff in how to actively
be aware and to quickly respond to any crisis, disasters or
unforeseen events.
• Role specific training helps employees know what
they are supposed to do and how to do it.
 • It is regular simulations and drills that will help
the team to identify areas that the team should
improve upon.
• Encouraging a culture of proactive risk
management would also help employees to be
more vigilant and ready for any disasters even
when doing their everyday tasks.

These in turn will get them ready to manage things

effectively when an emergency occurs and remove any
confusion, being sure they are aligning to organizational
priorities.

Testing, Updates and Maintenance It’s always crucial to test, revise and update the disaster
recovery plan on a regular and consistent basis to lower
chances of failure and increase its capability to save the
organization from more costs and damages.

Testing Procedures:

• Team Training: Simulations where members of

the disaster recovery team will visualize and test
their responses as a time while no actual
disruptions occur with the computer systems
which would increase the swiftness of their
responses and its effectiveness. (Bernstein, 2019)
• Full Simulation: Perform an exercise of all
aspects of the DRP, including trying to measure
readiness, analyze the contingency plan, and its
deficiencies.

Plan Updates:

• The DRP should be reviewed and updated

annually at the very least, but this should occur on
a more frequent basis, at least quarterly, if there
are changes in operation, computer support, or
legal standards.

Incident Response Team A good DRP depends on a dedicated disaster recovery

team that has been appropriately trained and is prepared to
follow through. This means assigning roles and
responsibilities so that the team can respond quickly and
in a coordinated manner. (Bernstein, 2019).
Roles and Responsibilities:

Team Leader: Responsible for the integration of the

entire disaster recovery operation including
communication with and the coordination of other team
members with senior management for strategic decision
making.

IT Recovery Specialist: Ensures network functionality is

maintained, ensures backup data is restored to IT systems,
and manages all recovery-related IT processes.

Communication Officer: Generates advertising to

inform and reassure the public, stakeholders, and
customers of the recovery process.

Security Officer: Ensures the protected secure systems

and data that get recovered from recoverable threats and
vulnerabilities are protected from further threats and
vulnerabilities.

Business Unit Representatives: Serve as a way for each

department to communicate with each other, asking for
information on what specific business needs or priorities
are, and how they can be helped.
System and Infrastructure Recovery Restoring IT systems and infrastructure is very imperative
to allow the organization to resume normal operations,
again. Only through a systematic and organized approach
to recovery will that process be quick, efficient, and the
costs will be minimal in the long term for critical systems
to get back online.

Steps for System Recovery:

• System Identification: First make an inventory of

systems and then rank those systems by criticality
to the business.
• Restoration Process: Fix hardware, software and
network system in a structured way starting with
the highest priority.
• System Testing: All restored systems are to be
tested to make sure proper processes are made to
ensure proper functioning and processes when
back online fully.

Example: For instance, administrative banking could

concentrate on rebuilding the payment processing systems
and customer apps over any internal administrative tools.

Steps for Post-Recovery Evaluation • Document Lessons Learned: Documentation of

the response process, the strengths, weaknesses
and the outcomes recorded.
• Implement Changes: Revise the DRP with
information and experiences from the DRP team.
• Train and Educate: This should be done in
conjunction with the findings reaching the staff
with the aim of training the staff on how to handle
instance for the future.

Example: Any anomaly that was noticed during the first

run of the simulation, especially regarding the time that
the members of the team take to provide their response,
can be changed to achieve efficiency.
Conclusion:

The Mission of the Recovery Plan

“A disaster recovery plan (DRP), disaster recovery implementation plan, or IT disaster recovery plan is a recorded
policy and/or process that is designed to assist an organization in executing recovery processes in response to a
disaster to protect business IT infrastructure and more generally promote recovery.” (Druva, 2023). This plan shall put
forth what to do with which departments or assets and what their actions will be to set clear objectives, enabling the
organization to know what the appropriate priorities and response actions will be.

Task 5(AC 5.1) Install and configure security measures on mobile devices
Biometric Fingerprints
I’ve set a security feature on my phone where it will need my fingerprint for it to give access. This security measure is
arguably more secure than standard pin codes as in the event of my phone being breached or stolen, any attackers won’t
be able to use software to guess every possible combination for my pin code.
Device Management Software
I have installed this device manager to help me control, configure and monitor the settings, features and applications that
either connected or integrated to my mobile device. This general overview of my device’s status can quickly give me all
the needed and relevant information of my device so I can make any quick actions if needed.

Task 5(AC 5.2) Implement Anti-Virus and Firewall in Desktop Devices

Built-in Windows Security Anti-Virus

I have enabled my Built-in Windows Anti-Virus to guard my Desktop from any unwanted malware. The fact that this
feature is built-in is very positive as it doesn’t require me to install another anti-virus application which will take up my
system resources and storage.
Built-in Windows Firewall
I have also turned on my built-in system firewall which guards my desktop in the Domain, Private and Public networks
but only the public network firewall is active as my Desktop at the time is connected to a Wi-Fi that is set to a public
network. What a network firewall is, is that its security system that monitors, controls and protects your computer from
any unauthorized access and cyber threats by filtering incoming and outgoing network traffic.

Task 5(AC 5.3) Implement Password Policy and Monitor user activity in Cloud based
systems
Password Policy

The cloud service I utilize is called File Net and its password policy is already automatic. You can see right there that my
password meets their security standards. A password policy is a set of rules and guidelines that users must follow to
create strong, secure passwords that a hacker will have extreme difficulties inj guessing or cracking, significantly
minimizing the risk of our data being breached.
Cloud Two Factor Authentication

References:

State Farm (2023). How to Reduce and Protect Your Digital Footprint. [online] State Farm. Available at:
https://www.statefarm.com/simple-insights/family/how-to-reduce-and-protect-your-digital-footprint [Accessed 28 Nov.
2024].

Kaspersky (2020). Top 10 Internet Safety Rules & What Not to Do Online. [online] Kaspersky.com. Available at:
https://www.kaspersky.com/resource-center/preemptive-safety/top-10-preemptive-safety-rules-and-what-not-to-do-
online [Accessed 28 Nov. 2024].
Digital Marketing Institute (2024). 10 Steps to Building Your Personal Brand on Social Media | Online Digital
Marketing Courses. [online] digitalmarketinginstitute.com. Available at: https://digitalmarketinginstitute.com/blog/10-
steps-to-building-your-personal-brand-on-social-media [Accessed 28 Nov. 2024].

Microsoft (n.d.). What is two-factor authentication (2FA)? | Microsoft Security. [online] Available at:
https://www.microsoft.com/en-ie/security/business/security-101/what-is-two-factor-authentication-2fa [Accessed 29
Nov. 2024].

Marr, B. (2023). 12 Easy Steps To Build Your Personal Brand On Social Media. [online] Forbes. Available at:
https://www.forbes.com/sites/bernardmarr/2023/01/06/12-easy-steps-to-build-your-personal-brand-on-social-media/
[Accessed 29 Nov. 2024].

U.AE. (2024). Data protection laws - The Official Portal of the UAE Government. [online] Available at:
https://u.ae/en/about-the-uae/digital-uae/data/data-protection-laws [Accessed 1 Dec. 2024].

Wolford, B. (2024). What is GDPR, the EU’s new data protection law? [online] GDPR.eu. Available at:
https://gdpr.eu/what-is-gdpr/ [Accessed 1 Dec. 2024].

Michalsons (n.d.). Cybercrime law around the world | Links and updates. [online] Michalsons. Available at:
https://www.michalsons.com/focus-areas/cybercrime-law-around-the-world [Accessed 2 Dec. 2024].

Microsoft (2021). Protect yourself from phishing. [online] support.microsoft.com. Available at:
https://support.microsoft.com/en-us/windows/protect-yourself-from-phishing-0c7ea947-ba98-3bd9-7184-430e1f860a44
[Accessed 3 Dec. 2024].
Nord Layer. (n.d.). Cybersecurity compliance: What you need to know. [online] Available at:
https://nordlayer.com/learn/regulatory-compliance/cybersecurity-compliance/ [Accessed 3 Dec. 2024].

DLA Piper Data Protection. (2024). Breach Notification in UAE - Dubai (DIFC) - DLA Piper Global Data Protection
Laws of the World. [online] Available at: https://www.dlapiperdataprotection.com/index.html?t=breach-
notification&c=AE2 [Accessed 3 Dec. 2024].

Mitnick, K.D. (2019). The Art of Invisibility: The World’s Most Famous Hacker Teaches You How to Be Safe in the Age
of Big Brother and Big Data. New York: Little, Brown & Company. [Accessed 3 Dec. 2024].
BlackDuck (2023). What is Security Risk Assessment and How Does It Work? | Black Duck. [online] Blackduck.com.
Available at: https://www.blackduck.com/glossary/what-is-security-risk-assessment.html [Accessed 3 Dec. 2024].

Asana (2021). What Is a Crisis Management Plan? (6 Steps to Create One). [online] Asana. Available at:
https://asana.com/resources/crisis-management-plan [Accessed 4 Dec. 2024].

Team, E. (2024). What is a Risk Response Plan in Project Management? A Definitive Guide. [online] SixSigma.us.
Available at: https://www.6sigma.us/six-sigma-in-focus/risk-response-plan/ [Accessed 4 Dec. 2024].

Kelley, K. (2022). What is Cyber Security & Importance of Cyber Security | Simplilearn. [online] Simplilearn.com.
Available at: https://www.simplilearn.com/tutorials/cyber-security-tutorial/what-is-cyber-security [Accessed 4 Dec.
2024].

Mitnick, K.D. and Simon, W.L. (2012). Ghost in the wires : my adventures as the world’s most wanted hacker. London:
Little, Brown.
Druva (2023). What is a Disaster Recovery Plan? Definition and Related FAQs | Druva. [online] www.druva.com.
Available at: https://www.druva.com/glossary/what-is-a-disaster-recovery-plan-definition-and-related-faqs [Accessed 5
Dec. 2024].

Bernstein, C. (2019). What is a disaster recovery team? Definition from WhatIs.com. [online] SearchDisasterRecovery.
Available at: https://www.techtarget.com/searchdisasterrecovery/definition/disaster-recovery-team [Accessed 5 Dec.
2024].

U.AE. (n.d.). Intellectual property. [online] Available at: https://u.ae/en/information-and-

services/business/regulations/intellectual-property [Accessed 6 Dec. 2024].

Six Sigma (2024). COVID-19 Situation: Six Sigma Ongoing Training Announcements. [online] SixSigma.us. Available
at: https://www.6sigma.us/six-sigma-in-focus/risk-response-plan/ [Accessed 7 Dec. 2024].