There is a test of infiltration that a cybersecurity organization had accompanied to examine its security. The assessment determined that Sifers-Grayson is required to execute better performances of security. Following a precise examination proceeding the Action Reports on behalf of Sifers-Grayson, the advisors have been given work with the expansion and growth of pan to progress the safety of Sifers-Grayson. Technologies, processes, and policies will have an evaluation and execution to apply a security strategy in protecting the business of IT from both external and internal attacks and threats (Hossain et al., 2019). High-ranked associates have shown that two protection approaches should be executed. Initially, the creation of a DMZ for purposes of the R&D Center is expected to include intrusion prevention/detection organization, firewalls, and enterprise-class routers. Moreover, in the defense against attackers, the older associates have attempted to execute Detective procedures and Enterprise-extensive Defensive. The security procedures have different layers of encryption and are expected to regulate admission to source code and software certification and provide business-extensive identity organization and the application of an integrated threat management instrument.
The investigation conducted in Sifers-Grayson Company established a rise in matters connected to data privacy loss that has added to a rise in information access by unlawful operators. The application into the system has been influenced by ransomware, resulting in the rise of the expense amount as the company makes steps towards employing external professionals to limit the challenge (Porche, 2019). The used system in the management of information has not undergone efficient back up a situation that has amplified the invention of different computer system viruses, thus resulting in data loss. Largely, the central challenge experienced by Sifers-Grayson Center is connected to poor data confidentiality and privacy. The data has undergone intense hacking by the external applicants, thus resulting in the change of the entire implication leading to amazement among receivers.
Security Strategies
After a proper analysis procedure and vigilant consideration, there has been a resolution that the strategies that have been recommended will enhance the security provision at Sifers-Grayson. A DMZ (demilitarized zone) is a network space found in the middle of an external and an internal system to the demilitarized network. The idea of a demilitarized zone exclaims that the networks from the external and internal connections to the demilitarized zone are allowed. In contrast, the link from the demilitarized zone may only be permitted the external connection (Connolly, 2018). The demilitarized zone, which will be executed in the network of Sifers-Grayson, will give the room a secure relationship that provides appropriate defense from external intimidations and impostors.
This approach is tailored to incorporate the use of Linksys in the case of the R&D Center, which periodically checks the undetermined and determined layers of security by making sure that the company activities regarding the overall technological advancement are protected from malicious interception, and this can only be effective if the company opts to use the public network. Such a creation is applied in swiftly organizing isolated remedies for an organization that requires improving its security schemes. The strategy used for a defense that was selected involved the application of the demilitarized zone. The DMZ also demilitarized zone defines a significant cushion between the internal network and the internet for an organization can gain access through the internet. The product requires obtained with the organization to improve the protection of firewall for the organization’s inner systems. This given strategy is anticipated to include the application of CISCO products in the place of the R&D Center, which will function as a principal asset in safeguarding the network from the utilization of the public (Wickline, 2021). The demilitarized zone is vitally significant and will assist in the defense between the external and the internal organizational network and may be accessed using the internet. Maintenance of the safety of firewall for the internet system at Sifers-Grayson will be created to secure susceptible regions and protect the network from unnecessary or malicious traffic.
In creating the demilitarized zone for this analysis and the development hub, there is a recommendation pointing out that Sifer-Grayson uses CISCO products to improve the work played by the business and in safeguarding the security and assets of the organization. It will encompass jointly used documents, internet browsing, procurement, file transfer, and emails; the servers of public access will be provided safely by CISCO in making sure that there is no compromise Sifers-Grayson. CISCO has received a confirmation of trust as it is a good instrument that functions to work against interference and other radical exploits. CISCO has proceeded to be at the center position in the protection field. It progresses to enhance the products, with this devotion to establish secured access and attain the business’s wants. Sifers-Grayson will have reduced susceptibility, contain an increased strong security scheme, and less expected to suffer a cyberattack and eradicate particular susceptible areas (Dalla, 2019). In line with the Clear path Solutions Group in the service software, the promotion of CISCO virtually eradicates interruption of updates. The application of the CISCO product will allow Sifers-Grayson to have an advantage.
Product Evaluation
The first line of defense is the firewall, and it is designed to assist in safeguarding connections and traffic of the network. CISCO firewall has been recommended to be designed to provide a safe network system, control, and monitor both the outgoing and the incoming circulation at Sifers-Grayson. The firewall is expected to provide automated access to response and consistency protection for the place of work. The CISCO product will provide the Sifers-Grayson safe center of data, network traffic examination, network access control, and unauthorized network control. The CISCO firewall installation in the Sifers-Grayson network must go through the firewall, including the intranet.
While the products are anticipated to be organized remotely, it makes sure that organizations that through firewall do not have comprise. In the construction of the DMZ for the strategic improvement of the predetermined activities of safeguarding the enterire center of examinationation, Sifers-Grayson requires a product which is Linksys, that will help in safeguarding the functionality of the enterprise in ensuring that there exists improved protection of important functionalities, for instance, internet browsing, procurement, file transfer, email, and extra functionalities which may be compromised by way of ensuring that the accessible servers that operate in public have protection by the application of Linksys. This product guarantees that there is maximum protection of computers from an attack by putting computers in separation that is found contained around twenty feet from spasms through pubic systems, which may lead to the comprise of network security (Trautman & Ormerod, 2017). The Linksys product is applied to ensure that many computers which are linked ass the hosts of the internet are prohibited from being attacked and from preventing the spreading of attacks from one computer to the next, which are found twenty feet close.
The Preventive measure and Enterprise-Wide Protective is a defense strategy that also received recommendations to be included in the company, efficiently offering essential defense from external and internal attacks. The integration of this degree will lead to the applicable regulatory basis code and software certification. The devices of access, in this situation, will assume a thoughtful responsibility in the grit of the people having accessing convince data and those not permitted to gain access to data about the company. The data concerning security and incidence management strategy that will in equal measure establish that numerous risks that have had aggrieved in the company process have been restricted, thus resulting in a positive process concerning the privacy of information.
The other strategy of ensuring that security is maintained in an organization is the application of SonicWALL, which is deemed to be inventive in providing internet applications that will defend Sifers-Grayson by the control of content and other appliances of cyber security, which will ensure the security of its network from attacks caused by external insecure networks. This product is precisely important in joint danger control for a network organization. This product defines a business class of firewall which will help the organization as an anti-junk for offering security network using firewalls, safeguarding private network virtually, and an anti-spasms email.
The vulnerabilities that result from computer network progress with the expansion of technology and intimidations are not restricted to the center of information; cyberattacks are a challenge that could alter an organization’s network from the norm mobile phone gadgets. The use of Cisco Intrusion together with the Detection Center is required in the case of Sifers-Grayson to provide it with quality and world-class instruments to make the network safe. With the implementation of this recommendation, Sifers-Grayson will develop the capability of getting the remedy to be applied in removing any form of intrusion at the entry point to offer protection to the organization’s assets. It will largely save the organization from challenges about breaches and cyberattacks, but it will also prevent the waste of bandwidth (Heartfield et al., 2018). Two router choices are cost-efficient and are advocated with the CISCO product. That will highly safeguard network traffic and data at Sifers-Grayson while saving the organization’s money. The two choices of routers have gone through numerous tests and thus found to be significant in offering intrusion detection by making comparisons between the updated which has not undergone threat signatures and malware to the network’s traffic.
There will also be the installation of instruments at Sifers-Grayson to establish a broad and wide system of security that is required to take the lead stage in making any information among the staff members from being compromised in any way whosoever, to safeguard all the information concerning the customers, and to offer overall protection toward all the organizational data. The CISCO product will offer worldly-rated business-wide prevention, detection, and protection abilities. The instruments that will be applied comprise Scientific Image Capture Efficacy (such as SIFT, Sumuri/Paladin, Belkasoft FTK Imager), UTM (Unified Threat Management) or SIEM (Security Information and Event Management), IAM (Identity & Access Management), and ALM tool (Application Lifecycle Management).IAM (Identity and Access Management) is defined as a function of ensuring that the IT administrator obtains the privilege of getting access to the organization’s resources such as the database and network and also to assist in the management processes of the digital identities of the users. Therefore, the function of access management and responsibilities is performed using IAM.
Recommendations
The application of IAM technology is recommended; it will ensure the IT manager at Sifers-Grayson efficiently and securely gets the opportunity to administer the privileges of access and management of online identities. The IT manager will thus have the authority to modify the user’s functions, enforcing and reporting on compliance and rules used at Sifers-Grayson to keep data safe (Ramírez & Segura, 2018). The resolutions of IAM provided with the CISCO product comprise gathering procedures and tools. The application will involve smartphones, thumbprints, and passwords to ensure safety prevails.
SIEM (security information and event management) is another technology that has been recommended to function under CISCO as it will offer an apparent check into the dealings of Sifers-Grayson and the system of security. Since hackers in the present day have developed intense sophistication, the best way of managing cybersecurity attacks involves the development of massive teams working on security solutions. The amalgamation of the SIEM solution with the strategy of CISCO secrecy is expected to provide the security team at Sifers-Grayson with huge advantages. It will enable the entire security detail to examine alarms received from the IPS (Intrusion Prevention System) and IDS (Intrusion Detection System).
Regarding the research performed on Sifers-Grayson, there were two broad security strategies selected to be useful in curbing data and company security challenges by the senior team members. The first strategy involved the construction of a specific induction of a certain area that has high-security levels of indoctrinates, which is a demilitarized zone that would be understood by the infringing certain coordinating chips used in the R&D center. An intrusion detection and prevention system, as well as business-class firewalls and routers, are required in the demilitarized zone. (Borgiani et al., 2019). The demilitarized zone, which will be executed in the network of Sifers-Grayson, will give the room a secure relationship that provides appropriate defense from external intimidations and impostors. Over the years, there have been several malicious activities that have made the process of security implementation to be as difficult as never witnessed. Sifers-Grayson is supposed to upgrade the demilitarized zones, which have shown promising patterns in ensuring network security.
The second defense established by research involves implementing the strategy of laying down the defense against both external and internal attackers. The goal was for a large number of servers and engineers to inhabit the demilitarized zone while using a test range to telework and coordinate signals to the R&D center. The measures to achieve this recommendation include maintaining software access source data and documentation, execution of a business-wide identity administration, implementing SIEM (Security Information and Event Management), and IAM (Identity & Access Management). Sifers-Grayson is expected to possess a substantial security system if all the recommendations are implemented; the organization needs to establish security measures that are important in countering cyberattacks and protecting the assets and information of the customers. Most hackers are using Html injections and the mos recent tactic of cloning an exact server that resembles the attackers. Therefore, programs that foresee phishing activities should be adopted and put into use.
References
Borgiani, V. D. S. P., Vianna, M. D. F. D., Vianna, D. S., & Meza, E. B. M. (2019). Auxílio Multicritério à Decisão para seleção de um Firewall de rede para empresas de pequeno porte utilizando o método AHP. Brazilian Journal of Development, 5(11), 23737-23750. Web.
Connolly, M. (2018). User privacy: A practical guide for librarians (Vol. 37). Rowman & Littlefield. Web.
Dalla Rosa, B. (2019). Big Data: technological revolution or social disruption? (Bachelor’s thesis, Università Ca’Foscari Venezia). Web.
Heartfield, R., Loukas, G., Budimir, S., Bezemskij, A., Fontaine, J. R., Filippoupolitis, A., & Roesch, E. (2018). A taxonomy of cyber-physical threats and impact in the smart home. Computers & Security, 78, 398-428. Web.
Hossain, I., Hasan, M. M., Hasan, S. F., & Karim, M. R. (2019, December). A study of security awareness in Dhaka city using a portable WiFi pentesting device. In 2019 2nd International Conference on Innovation in Engineering and Technology (ICIET) (pp. 1-6). IEEE.
Porche III, I. R. (2019). Cyberwarfare: An Introduction to Information-Age Conflict. Artech House.
Ramírez, M., & Segura, P. A. (2018). Informatics Security-VPN. Tekhnê, 15(1), 45-53. Web.
Trautman, L. J., & Ormerod, P. C. (2017). Industrial cyber vulnerabilities: Lessons from Stuxnet and the Internet of Things. U. Miami L. Rev., 72, 761. Web.
Wickline, T. (2021). The Capabilities of Antivirus Software to Detect and Prevent Emerging Cyberthreats (Doctoral dissertation, Utica College). Web.