The general area of network security is obviously of enormous corporate and national importance. And there’s no doubt that intrusion detection and prevention is a principal concern. Lately there have been a number of concerted security attacks on major corporations that apparently feature mixed motives on the part of the attackers: some combination of ideological objections to the corporations combined with an appetite for identity theft. The attackers in this case appeared to be shifting collectives of individuals rather than highly organized rings, as is the case with purely criminal enterprises. One of the most publicized of these recent security attacks is that made on Sony Corporation’s PlayStation Network. This has featured at least two and possibly three waves of security assault, accompanied by a singularly lackluster response from the Corporation. Here’s a basic introduction to the situation; you may wish to do your own research to fill in the details further, since there’s no shortage of information online about this problem:
Kuchera, B. (2011) PlayStation Network hacked, data stolen: how badly is Sony hurt? ArsTechnica. Retrieved Decenber 12, 2011, from http://arstechnica.com/gaming/news/2011/04/sonys-black-eye-is-a-pr-problem-not-a-legal-one.ars
The traditional way to respond to intrusions of this sort is to deal with them as individual actions. This article suggests that what the Corporation needs is simply better firefighting:
Evans, G. (2011) Security Expert: Sony, Microsoft Should Hire Hackers. GamePolitics.com. June 2. Retrieved Decenber 12, 2011, from http://gamepolitics.com/2011/06/02/security-expert-sony-microsoft-should-hire-hackers
On the other hand, the recently published ISACA “business model for information security” suggests that a more systematic approach ought to be taken, including fundamental changes to the organization’s culture, in order to build an environment in which security pervades all aspects of the systems. Please review this outline of the so-called “business model”:
ISACA (2009) An Introduction to the Business Model for Information Security. Retrieved December 20, 2011 from http://www.isaca.org/Knowledge-Center/BMIS/Documents/IntrotoBMIS.pdf
When you’ve read through the case articles noted above and other related material, scanned the websites and any other sources you think relevant, and thought about it carefully, please compose a short paper on the topic:
How application of parts of the ISACA business model might help Sony Corp. be prepared for any further hacker attacks
CASE EXPECTATIONS:
Your paper should be between three and five pages. Take a definite stand on the issues, and develop your supporting argument carefully. Using material from the background information and any other sources you can find to support specific points in your argument is highly recommended; try to avoid making assertions for which you can find no support other than your own opinion.
Your paper should be structured as a point/counterpoint argument, in the following manner. You are expected to:
Begin this paper by stating your position on this question clearly and concisely
Citing appropriate sources, present the reasons why you take this position. Be sure to make the most effective case you can.
Then present the best evidence you can, again citing appropriate sources, against your position — that is, establish what counterarguments can be made to your original position.
Finally, review your original position in light of the counterarguments, showing how they are inadequate to rebut your original statement.
By the end of your paper, you should be able to unequivocally re-affirm your original position.
You will be particularly assessed on:
Precision: Your draw on a range of sources, and to establish your understanding of the historical context of the question. You carried out the exercise as assigned, or carefully explained the limitations that might have prevented your completing some parts (running out of time isn’t generally considered an adequate limitation).
Support for assertions: You use examples, citations (especially to the required readings), and elaboration to support assertions. You provide evidence that you have read the required background materials.
Clarity: Your answers are clear and show your good understanding of the topic. You see what the module is all about and to structure your paper accordingly.
Breadth and Depth: The scope covered in your paper is directly related to the questions of the assignment and the learning objectives of the module.
Critical thinking: The paper incorporates YOUR reactions, examples, and applications of the material to business that illustrate your reflective judgment and good understanding of the concepts. It is important to read the “required readings” posted in the background material plus others you find relevant. Your informed commentary and analysis is vital — simply repeating what your sources say does not constitute an adequate paper.
Overall quality: Your paper is well written and the references, where needed, are properly cited and listed (refer to the university guidelines (http://www.trident.edu/Media/Default/pdf/Well-Written-Paper.pdf) if you are uncertain about formats or other issues.
Last Completed Projects
| topic title | academic level | Writer | delivered |
|---|