Security risks in protecting an organizations assets - Free Essay Example

Sample details Pages: 6 Words: 1668 Downloads: 2 Date added: 2017/06/26 Category Business Essay Type Argumentative essay Did you like this example? The protection of an organisationà ¢Ã¢â€š ¬Ã¢â€ž ¢s assets must be based on understanding security risks the only way an effective security solution / services can be found and implemented is by carrying out a comprehensive security risk assessment and security audit, discuss. In this paper, the importance of security risk assessments and security audits to an organization wishing to select the most cost-effective security solution (and security supplier[1]) to protect its assets will be discussed. Prior to engaging with the assumptions which are embedded within the statement at the top of this paper, it is first important to define what is meant by à ¢Ã¢â€š ¬Ã‹Å"security risksà ¢Ã¢â€š ¬Ã¢â€ž ¢. Don’t waste time! Our writers will create an original "Security risks in protecting an organizations assets" essay for you Create order A succinct definition of the concept has been provided by Landoll (2006, p36), an eminent author in this field of industry, who writes: à ¢Ã¢â€š ¬Ã…“Security risks are a measurement of the likelihood that [an] organizationà ¢Ã¢â€š ¬Ã¢â€ž ¢s assets are susceptible.à ¢Ã¢â€š ¬Ã‚  If we accept this definition as the starting point of our discussion, we can immediately assert that, if an organization chooses to employ a proactive[2] security system to protect its assets, then it must necessarily perform an assessment of the security risks to which those assets are vulnerable- if it did not, then it would be unable to select the most cost-effective solution to protect those assets because, simply stated, it would not know what risks it needed to protect itself from. Of course, if an organisation chooses only to employ a reactive security system, i.e. one which is designed to protect assets against security breaches which have occurred previously[3], then a security risk assessment is not necessary- the security risks will be identified from actual breaches which have occurred, and a solution selected on the basis of damage assessment and appropriate safeguard design. We can therefore conclude that, while the protection of an organisationà ¢Ã¢â€š ¬Ã¢â€ž ¢s assets from new forms of security breaches must be based on understanding security risks, the protection of an organisationà ¢Ã¢â€š ¬Ã¢â€ž ¢s assets from security breaches which have already occurred in the past requires no real understanding of security risks- the security risk is identified from an actual breach rather than from a risk assessment or security audit. In this regard, the first assumption provided by the statement at the top of this paper, namely that à ¢Ã¢â€š ¬Ã‹Å"the protection of an organisationà ¢Ã¢â€š ¬Ã¢â€ž ¢s assets must be based on understanding security risksà ¢Ã¢â€š ¬Ã¢â€ž ¢, must be considered, at least partially, inaccurate. In order to understand the impact of this ina ccuracy, it is important to address the following question: Under what circumstances is it appropriate for an organisation to employ only a reactive security system to protect its assets? While it will not be possible within the limited scope of this paper to provide a comprehensive answer to this question, two important observations can be made: A (solely) reactive model is not appropriate for an organisation whose environment is constantly changing, such as a web-based organisation- the security threats that such organisations are likely to face will evolve, and a purely reactive model would not be able to prevent effectively future breaches. While a reactive à ¢Ã¢â€š ¬Ã‹Å"incident responseà ¢Ã¢â€š ¬Ã¢â€ž ¢ model may be appropriate for an organization whose environment is simple[4], static and unchanging, that organisation will only be able to reach the conclusion that a reactive model is appropriate either (i) through exercising such a model and discovering that the security risks faced by the organisation are few and non-evolving; or, (ii) by performing a security risk assessment and discovering that the security risks faced by the organisation are few and non-evolving. No prudent security system architect would ever promote the former of these routes, unless the assets owned by the organisation have such little value that it is not cost-effective to perform a comprehensive security audit[5]. Accepting that the assumption of the statement at the top of this paper is not accurate for organizations with low-value assets, existing within a static, non-evolving environment, let us now turn to consider the second assertion provided by the statement at the top of this paper; namely, that à ¢Ã¢â€š ¬Ã‹Å"the only way an effective security solution / service can be found and implemented is by carrying out a comprehensive security risk assessment and security audità ¢Ã¢â€š ¬Ã¢â€ž ¢. The only contentious element of this assertion, and semi-contentious at that, is that the carrying out of a comprehensive security risk assessment and security audit is the only way to find an effective security solution. After all, no authors have ever argued against the usefulness of security risk assessments; in fact, quite the contrary: à ¢Ã¢â€š ¬Ã…“Assessments are the key tools for uncovering security issues that may have been well hidden before. Often, an assessment leads to a compelling event that increases internal awareness of your organizationà ¢Ã¢â€š ¬Ã¢â€ž ¢s security shortcomings à ¢Ã¢â€š ¬Ã¢â‚¬  it may uncover a prior, but undiscovered, breach; or a penetration test may à ¢Ã¢â€š ¬Ã…“createà ¢Ã¢â€š ¬Ã‚  such an event by highlighting vulnerabilities. In addition, assessments can also help create budget resources for security enhancement à ¢Ã¢â€š ¬Ã¢â‚¬  besides identifying problems, an assessment report can provide justification for making the investment necessary to solve the problems.[6]à ¢Ã¢â€š ¬Ã‚  The question is whether or not it is possible to select a proactive security solution without first conducting an assessment and audit. It seems clear that it is not: As we have argued earlier, without a comprehensive assessment and audit it will not be possible to identify and quantify each security vulnerability, and as such it will not be possible to create a bespoke and comprehensive security solution. We must therefore conclude that the state ment at the top of this paper is wholly accurate in regard to proactive security systems, while only partially accurate in regard to reactive security systems. In the last part of this paper, let us turn to examine how this statement could be improved to render it a more useful piece of guidance. One important point is that, in an evolving organisational environment, in order to ensure that the most effective security solution is maintained, regular security risk assessments and security audits must be conducted. The reason for this is self-explanatory: As the environment changes so too do the potential security risks. It is possible for a previously effective security solution, based upon a comprehensive assessment and audit, to become out-dated. Additionally, an assessment and an audit will not be useful unless the resultant solutions are actually implemented. As Axt (2003, p98) notes: à ¢Ã¢â€š ¬Ã…“In the authors experience, more than one manager has nodded in agreement t o proposed solutions without having any intention of adopting the suggested measures.à ¢Ã¢â€š ¬Ã‚  One final point which should be noted is the importance of employing independent auditors to conduct the security risk assessments and security audits. As Goldman and Orton (2001, p2) note: à ¢Ã¢â€š ¬Ã…“Only independent and impartial tests can validate corporate security efforts, ensure that all potential security problems have been examined and exposed and provide the serviceà ¢Ã¢â€š ¬Ã¢â€ž ¢s clients with objective proof that sufficient due diligence has been exercised in securing their dataCompanies need external expertise to audit their sites Bringing somebody in from the outside creates a greater initiative to find a problem. Having your internal people, who set up the security system, does not only create a questionable initiative for them to find things that are wrong but it might simply be hard for them to do. In conclusion, the author of this paper would argue that the statement at the top of this paper might be more accurately and more usefully presented as follows: à ¢Ã¢â€š ¬Ã…“The protection of an organisationà ¢Ã¢â€š ¬Ã¢â€ž ¢s valuable assets ought to be based on understanding security risks the best way an effective security solution can be found and implemented is by instructing a firm of independent security analysts to carry out regular comprehensive security risk assessments and security audits, and to ensure that their proposed security solutions are implemented by senior management.à ¢Ã¢â€š ¬Ã‚  References and Bibliography: Landoll, D., 2006. The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments. Auerbach Publications, Taylor Francis Group: New York. IBM, 2007. Acquire a global view of your organizationà ¢Ã¢â€š ¬Ã¢â€ž ¢s security state: the importance of security assessments. Security Solutions White Paper. Available on-line at https://www-935.ibm.com/services/us/iss/pdf/ assess_white_paper.pdf Last accessed: 05/10/08, 13:45. Goldman, N. and Orton, E., (2001). The Critical Role of Independent Security Audits. Pp1-11. ADDSecure.net Inc. Available for download from https://www.addsecure.net/audit.rtf. Tippett, P, and Oà ¢Ã¢â€š ¬Ã¢â€ž ¢Neill, D., 2001. Managing Information Security Risk. ABA Banking Journal, Vol. 93, 2001. Bedard, J., Graham, L. and Jackson, C., 2005. Information systems risk and audit planning. International Journal of Auditing 9 (2): 147-163. Axt, D., 2003. From Recommendations to Results: From Walk-Through to Implementation, a Well-Planned Security Assessment Can Ease the Way for a Successful Security Upgrade. Security Management, Vol. 47, March 2003. White, D., 1995. Application of Systems Thinking to Risk Management: a review of the literature. Management Decision, Vol. 33, No. 10, 1995, pp. 35-45. Edinburgh: MCB University Press Ltd. Footnotes [1] The selection of a suitable supplier can be as difficult as the selection of an appropriate security solution: Not all suppliers will have the necessary expertise or the products in place to meet a proposed solution. [2] One which seeks to protect an organisationà ¢Ã¢â€š ¬Ã¢â€ž ¢s assets from potential security breaches, i.e. breaches which have not yet occurred but which are likely. [3] For example, the incident response model. For a brief summary of this model, see Microsoft (2004, fig. 2.1) available on-line at https://technet.microsoft.com/en-us/library/cc163152.aspx. Last accessed 04/10/08, 15:00 [4] It is unlikely that a reactive model would be appropriate for a complex organisation. As Tippett and Oà ¢Ã¢â€š ¬Ã¢â€ž ¢Neill (2001, p74) write: à ¢Ã¢â€š ¬Ã…“Increasing complexity = increasing vulnerability. The more complex a system gets, the more vulnerable it becomes to attack. Vulnerability increases exponentially as complexity increases.à ¢Ã¢â€š ¬Ã‚  [5] It should be remembered that security audits can be rather costly (e.g. two American researchers discovered that: à ¢Ã¢â€š ¬Ã…“The price of a truly comprehensive technical audit might start from US$40,000 to $85,000 and require extensive time and resources to run and implement consultants recommendations.à ¢Ã¢â€š ¬Ã‚  Goldman and Orton (2001, p6)), and it is for this reason that a small organization with few valuable assets might decide to avoid an audit and simply operate a reactive model. [6] IBM, (2007, p4)

The Color Of Water By James Mcbride - 1514 Words

The Color of Water Comparison Essay When people are treated unfairly or unjustly, how should they perceive it and how do they generally react to this? In The Color of Water by James McBride, prejudice shapes James and Ruth in many ways, James has different stories than Ruth, due to the fact that he lived in a different time period, which makes his scenario different from Ruth’s. Both faced adversity, and stood up for themselves and defended themselves in many different ways just to make sure that they could survive in society. Ruth had always taught her children to be independent. She comes from an interesting background, she was starving of love and affection as a child. Ruth has experienced a lot of grief in her life due to all of these bad events that occurred. Even growing up, her father had treated her unfairly by taking advantage of her sexually. This was definitely not a right thing to do, Ruth’s father was an abusive man who had a sex addiction. He was found to have an affair with another woman even though Mameh knew about it the entire time. Due to her rough past when practicing Judaism, she decided to practice Catholicism after marrying Andrew Dennis McBride. She felt as if she was a freer person, she gained a personal connection to the religion which was good because it helped for her to get her mind off of things. James is a very confused boy, being black and white. He’s unsure where he fits in when it comes to society. A personal connection that I have toShow MoreRelatedThe Color Of Water By James Mcbride953 Words   |  4 PagesThe Color of Water, James McBride’s autobiography and tribute to his mother, gives the reader a look into his childhood and growing up biracial. James McBride was born to an African-American father and a Polish Jewish immigrant mother in 1957. While James was too young to fully grasp the civil rights and black power events that took place in the 1960s, he recounts experiencing these events vi cariously through his older siblings. James McBride does a marvelous job at painting a vivid picture for hisRead MoreThe Color Of Water By James Mcbride Essay1250 Words   |  5 Pagesbook, The Color of Water by James McBride. I learned several things about what life was like in the mid-1900’s and in which may be why we still face issues with racial differences. McBride does a great job of illustrating his internal and external challenges that he faces throughout his life. I also learned more about African American culture in the United States and gave me a desire to be a part of positive change to this particular racial group. The Color of Water, written by James McBride is a non-fictionRead MoreThe Color Of Water By James Mcbride1549 Words   |  7 Pages James McBride received the title through a long ago conversation held between him and his mother, Ruth McBride, in which she gave her son James implicit responses to his queries as to why she looked so apart from his friend’s mother’s. He went on to ask his mother a question about â€Å"race† and whether †God† was black or white, she replied â€Å"†¦. God’s not black. He’s not white. He’s a spirit†. â€Å" What color is God’s spirit†? â€Å"It doesn t have a color, she said. God is the color of water. Water doesn tRead MoreThe Color Of Water By James Mcbride937 Words   |  4 PagesJames McBride can tell you firsthand about man verse racial identity. Journalizing his experience in his New York Times Bestseller novel the Color of Water simply outlined his struggles of finding who he was. His upbringing included a black father and a Jewish white mother. His background made it hard for him to understand wh y his home was different than others on the street. Although McBride experience shows an older outtake of racial identity, some may say this still is a problem today. OffspringRead MoreThe Color Of Water By James Mcbride1150 Words   |  5 PagesThe novel, Color of Water, by James McBride details and reflects on racial prejudice from the perspective of two lives; the life of a Jewish mother, Ruth McBride Jordan, and then in the life of her black son, James. Growing up in Suffolk Virginia, Ruth McBride was abused by her Orthodox Jewish rabbi father as she was forced to work very long hours in their family store. Since love was not something that was simply provided by her father, she instead finds love in the arms of a black man. In a turnRead MoreThe Color Of Water By James Mcbride1506 Words   |  7 PagesColor of Water Comparison Essay When people are treated unfairly or unjustly, how should they perceive it and how to they generally react to this? In the Color of Water by James McBride, prejudice shapes James and Ruth in many ways, James has different stories than Ruth, due to the fact that he lived in a different time period, which makes his scenario different from Ruth’s. Both faced adversity, and stood up for themselves and defended themselves in many different ways just to make sure that theyRead MoreThe Color Of Water By James Mcbride1727 Words   |  7 PagesThe Color of Water: A Black Man’s Tribute to his Mother The Color of Water: A Black Man’s Tribute to his White Mother written by James McBride is a miraculous memoir about James’ and his mother’s life. He describes in detail what it was like growing up in a household with a white mother, a black father, and eleven black siblings. Biracial marriages and families were not the norm and nor was it accepted by society during that time. James encountered many misfortunes growing up and was constantlyRead MoreIdentity In Mcbrides The Color Of Water By James Mcbride871 Words   |  4 Pagesof The Color of Water, James McBride, struggles with this throughout his life. He details his trials with his own identity amid his book, The Color of Water. In his talks with Ruth, his Jewish blood flowing through his veins, and his time spent in Louisville, James not only learns who he is, but who he wants to be. Ruth was a source of knowledge that James trusted growing up. James, being a mixed child, is confused about what skin color God would have, so he asks his mother,† â€Å"What color is God’sRead MoreEssay on The Color of Water by James McBride726 Words   |  3 PagesThe Color of Water Book Review In this memoir, the author chooses to have two narrators, himself as one, and his mother as the other. This style makes for quite an interesting story, skipping back and forth in time, from the childs life, to that of his mother. Although many time changes occur, they are quite easy to keep up with, as the two narrators of the book, James, and his mother, alternate chapters. For this reason, it is also very easy to compare the childhood of each of the mainRead MoreTheme Of Identity In The Color Of Water By James Mcbride824 Words   |  4 PagesThe Color of Water, by James McBride, is a capturing memoir which contains meaningful quotations to represent a bigger theme. In my opinion, the major theme in this book is The Search For Identity. This is because, throughout the entire memoir, there have been multiple occasions where the identity of a certain character was unknown. American society is known to connote freedom in some sort of way, and in this case through the expression of individuality. Ruth Shilsky, James McBrides mother, was

Semantic and phonetic interference in memory recall Free Essays

Additionally, a significant difference was visible between all three conditions, with the semantic and honesty conditions scoring a lower recall level in comparison to the controlled condition. Introduction The active difference between short-term memory and long-term memory is anything but exact. Although, there is an understanding that long-term memory is being examined when a list is displayed several occasions over an interval of time calculated in minutes and recalling is measured after minutes, hours and days, and short-term memory is being examined when a list is displayed once and at a rate of fewer than 30 seconds. We will write a custom essay sample on Semantic and phonetic interference in memory recall or any similar topic only for you Order Now Within cognition a key question is whether information is forgotten due to a function of time. A strong amount of research proposes that information is not forgotten due to time, but as a result of interference (see, e. G. , Lavabo, Annoys, Masters, 2002; Neat Surprising, 2003; Bureau Kiel, 2006). However, many academics have thought that unrehearsed information is forgotten over several seconds (e. G. , Biddable, 1986; Tows, Hitch, Hutting, 2000), since supported theories (e. . , Biddable Scott, 1971; Cowan, Nugent, Elliot, Greer, 2000; Mueller, Seymour, Sierras, Meyer, 2003). The matter continues to be uncertain. Our skill to selectively remember earlier information is a vital specs of our long-term memory system. Prior research proposed that in many circumstances individuals have the ability of selectively seeking information in memory, preceding to their subsequent remembrance. Even with research for this skill to selectively seek information from our memory, we still do not have much information on how we actually achieve this complex task. Able and Bump’s (2013) research focuses on participants revising items from different categories and then continually recalling specific items from specific categories, recall rehearsal normally increases recall of he rehearsed information although impairs retrieval of associated but unrehearsed information, relative to manage information from unrehearsed categories. The results displayed the belief that memory impairment following extended intervals between practice and test and in the occurrence of retroactive interference. In opposition, both the rehearsed and the related unrehearsed information displayed barely any failure to remember under these conditions. Unshorn, Brewer and Spillers’ (2013) conflicting study observed the impact of proactive and retroactive interference on memory Argentina, examining how individuals concentrate their search on a target list when accompanied by proactive or retroactive interference. Results showed that long-term memory targeting is steered by noisy temporal-contextual cues (unless other salient cues are current) that trigger equally relevant and irrelevant memoranda that are then exposed to a post recovery supervising process; these findings challenge the results from Able and Bump’s (2013) study. This research among other findings (see, e. G. , Lavabo, Annoys, Masters, 2002; Neat Surprising, 2003; Bureau Kiel, 2006; Unshorn, Brewer Spillers’, 201 3) motives the present study. This research examines not only the question of whether there will be a difference between semantic and phonetic interference during memory recall, but also if the results will show a significant difference between the retroactive interference conditions and the controlled condition. Additionally, this study has also been motivated due to there not being prior research comparing semantic interference and phonetic interference in memory recall. The hypothesis of this study is there will be a significant difference between semantic interference and phonetic interference in memory recall. Methods Design In this experimental study, a between participant design was utilized to examine the difference between the effect of semantic and phonetic words on the memory recall of a list of words. The independent variable was the type of retroactive words used (semantic and phonetic). The dependent variable was the amount Of items correctly recalled from a list Of 1 5 words. Participants A sample of 30 student volunteers were employed from Nottingham Trend University, ASK. 15 male and 15 Female participants were used, in an age angel of 18-21 years old. The mean age of the participants was 19. 5. Materials The stimuli consisted of a list of fifteen words. All three conditions consisted of the same fifteen words, although condition two consisted of another fifteen semantic words (See Appendix Two) and condition three consisted of another fifteen phonetic words (See Appendix Three). One mark was awarded for each correct memorized word. Procedure All student partakers were separately put in a room where they were requested to complete a consent form prior to partaking in the current study (See Appendix Four). The partakers were presented with presentation slides matching to their condition. Partakers in condition one were explained, The next slide will display fifteen words, they will appear for four seconds each, separately. Please memories as many words as you possibly can’. A one minute interval was given then partakers were asked to recall as many words as they could on paper. Partakers in condition two and three were explained, The next slide will display fifteen words, and you will then be shown another 15 words, they will appear for four seconds each, separately. Please only memories words from the first slides shown’. A one minute interval was given then partakers were asked to recall as many words from slide one as they could on paper. Condition two’s second set of words were semantic words and condition three’s second set of words where phonetic. One mark was given for every correct word recalled. After the task was finished, partakers were asked if they had any questions before being debriefed about the study. Rest Its Table 1 shows the mean number of words correctly recalled, standard deviation and range for each condition. The findings show that those in indention two (semantic) and condition three (phonetic) recalled less words than in the controlled condition. Additionally, there was a significant difference from those in condition two (semantic) and condition three (phonetic). Therefore, it is clear that retroactive interference had an impact on number of target items being correctly recalled. Table 1 : Descriptive Statistics for scores on the number of words correctly recalled in each condition. Mean SD Ra Eng Condition 1 10. 60 1 . 34 10 Condition 2 Condition 3 9. 20 7. 10 1 . 03 1 . 6 A one-way NOVA was carried out to compare condition one; a list of 15 rods (mean = 10. 60, standard deviation = 1. 34), condition two; semantic words, (mean = 9. 20, standard deviation = 1. 03), and condition three; phonetic words, (mean = 7. 10, standard deviation = 1. 86) on the number of words that were correctly recalled. The results showed there was a significant difference between the groups, F(2, 27) = 21. 54 , p = 0. 001 Post hoc analysis, using Bonfire corrected appraise comparisons, found that all three conditions had a significant difference in comparison to each condition. Discussion The results from the descriptive statistics (see table 1) were fairly draughtswoman, representing a distinct interference in relations of both semantic and phonetic interference. Particularly, in comparison to the controlled condition, condition two and three were associated with lower recall levels, suggesting that the presence of a non-target list presented after the target list interfered with the recall of target items. Additionally, as put forward by Shuffling (Bibb), retroactive interference effects were of a comparable scale across the measures of importance. These findings are consistent with the previously stated hypothesis drawn upon in the introduction that there will be a difference between the semantic and phonetic interference on memory recall. Supporting research (Unshorn, Brewer and Spillers, 201 3) suggests that participants can usually mentally recall the information from the target list, however due to a certain amount of doubt regarding which items were really shown in the target list in relation to the interference list, participants create a wider selection to make sure that the target items will be incorporated in the search set. Therefore, likelihood of accurate recall is lowered when recollecting from the target list (controlled indention) due to non-target list items are added in to search set. Also, this interpretation calculates that the search set will be placed on the target list, although items shown in close time-based proximity to the target list will likewise be added in the search set. Overall, this concept is very much consistent with our findings. Future research is required to grasp an improved understanding with regards to the conditions wherein the search set can and cannot be focused on only target items, the procedures that are employed in order to recall context for events while trying to avoid only pending solely on the present context, and how partakers utilizes context to observe the results of retrieval and how this affects managing decisions during recall. How to cite Semantic and phonetic interference in memory recall, Papers