Risk Management Essay Example | Topics and Well Written Essays - 750 words

Risk Management - Essay Example Although CSA has been largely effective as security technology, it has a number of vulnerabilities that allow malicious attackers to carry out remove code executions on the network (Allen,2001). On the other hand, our organization employs the use of both behavior based antivirus and signature based antivirus. Antivirus has proven to be significantly effective particularly in the detection and deletion of suspicious programs in our systems. A major challenge with this technology is that antiviruses also have a number of security flaws and sometimes hackers have been able to evade detection by using malware. Finally our organization has also employed the use of file/HDD encryption technologies to make both the data and files we transfer over the network to be unreadable to unauthorized individuals. In terms of effectiveness, encryption is fully effective and does not only improve the security of the organizations data but is also easier to be applied by the users. There are a number of additional security controls that can be added to the security technologies in our organization to help prevent unauthorized persons from accessing our confidential information and sensitive systems. These controls include administrative, technical and managerial controls. With regard to the administrative controls, our organization still needs a number of controls such as well written policies, guidelines and procedures that can be used as a framework of reducing the various security risks facing our organizations network systems. For example some of the additional policies that our organization urgently need at the moment included a well developed corporate security policy as well as a password policy. On the other hand, the additional technical security controls required in our organization include IDS and firewalls. Additionally we also need to put in place other important technical security controls such as logical access controls as well as new version antivirus software. Fin ally our organization will require managerial security controls such as security guards to protect the physical installations within our organization, cameras as well as locks and doors. To effectively mitigate some of the security risks in our organization, there is need to include all these security controls and use them together with the security technologies that are currently in place. As earlier been noted, there are a number of security technologies and methodologies used in our organization. Some of the security technologies and methodologies we use in our company include Cisco security agent (CSA), Antivirus, and file Encryption. The use of CSA has significantly helped our organization to be able to minimize cases of end point intrusion by allowing our security experts to monitor the network traffic and system activity in our networks systems of our organization. Given the constant security threats that our organization has continued to face, Cisco Security argent has effec tively enabled our organization to overcome some of the vulnerabilities in its security systems. As a security technology, CSA has also provided an efficient infrastructure that supports various network operations in the organization. Finally although it has a few flaws, this security technology can effectively be integrated by the other technologies to