Essay Example - An Organizational Need

A.Summary of an Organizational Need in the Case Study, Including the Scope of the Need

Techfite is a firm that produces medical devices for the space program. The company is located in Houston, Texas. Techfite has various issues that require to be solved. The primary concern that the company would like to address is security. The firm has already installed two firewall systems. The adequacy of the current framework of this system has brought the attention of the Chief Information Officer. The company is also required to ensure the security solutions comply with FISMA using NIST for the security framework. Techfite requires log management and front-end intrusion prevention systems.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

The organization is at stake, leading to the National Aeronautics Space Administration and other bodies to request for a joint venture with the firm. However, the firm is currently worried because of the current situation of the firewall framework. According to Techfite, it would be hard for the system to handle the security of substantial system traffic. The fact that the federal government is acquiring access to the firm is another security concern to the Techfite. The Company is also faced with space limitations even though the system is required to support high data traffic from global partners because of its international operations. The required system must be capable of sending notifications and warnings in case attackers evade the host and network systems. More so, there is a need for the system to deploy honeypots as a decoy because hackers would be attracted away from the network. This way, the likelihood of deflecting criminal attention on the system m is increased.

B. Emerging Technology Solution to Address the Organizational Need from the Case Study and Justification that classifies this Technology as Emerging

I propose the use of Cloud Workload Security (CWS) because of the current security requirements of Techfite Company. The fact that the firm manages large volumes of data traffic plus the need to guarantee the best security levels to the hosts and systems requires the use of CWS. Cloud Workload Security is capable of delivering both agent-based and agentless monitoring technology. According to Cser (2017), Utilizing Virtual Machine Monitor Platform API can intercept the transfer of data and monitor signals between tenant users and the Virtual Machine Monitor Platform.

The firm can conduct comprehensive interception and monitoring if it makes use of the agent-based protocol. This way, Techfite can quickly discover any threats so that it can easily secure the network and its hotspots. Also, CWS can monitor data traffic, and disk flows among tenant operating system and Virtual Machine Monitor (Cser, 2017). The Machine Learning (ML) also enables the CWS to discover threats like firewall throttling and protect the system against any virus. Therefore, it is clear that CWS provides the highest security level for the Techfite Company. Both stakeholders and company data security are guaranteed. CWS also complies with FISMA and NIST framework. More so, CWS layered and automated, making it capable of ensuring enhanced detection for any intrusion, granular control, and cloud integration. Thus, the system can perfectly satisfy the security requirements of the Techfite Company.

C. Steps of the Adoption Process that I Recommend the Organization Used to Integrate the New Emerging Technology, Including a Description of why Each Step is Necessary and how Each Step Relates to the Organization

Many companies currently offer consultations related to technology. Techfite would, therefore, be required to seek advice from one of these firms before choosing the vendor for any CWS installation. Upon getting recommendations on the security system, Techfite, the next step would be to complete a purchase agreement with the vendor selected. The vendor will then install the CWS for the Techfite firm. To enable the Techfite to meet specific requirements, it would be essential to accomplish the system configuration with little impact. Secondly, Techfite has to make sure that the system administrator is skilled in configurations and system capabilities.

The installation process would involve four phases based on the NIST framework. Phase one would include risk assessment, which Techfite would conduct to assess the cybersecurity vulnerability (Cser, 2017). The second phase would involve protecting the company's critical infrastructure by deploying the CWS system. The third phase would be the performance of the scan to detect any suspicious, malicious attacks. After the detection of suspicious events, the firm has to establish an effective, responsive procedure. The outcomes of the responsive process would be critical for the future improvement of the system.

The fourth phase would involve the beginning of the system recovery procedures upon neutralizing the threat. The company has to make sure that the system adheres to the requirements of all the phases by ensure that it acquires adequate information regarding each of the steps. Thus, consistent tracking, in this case, would be critical to the organization as it will guarantee the system adherence to all the phases.

The implementation of the system would be subject to multiple risks. The vulnerabilities have to be prioritized and assessed to avoid or mitigate any possible threats. The loss of information is widespread because of attacks from hackers. Therefore, it would be advisable to regularly update the CWS so that any risks can be avoided or mitigated.

D. Positive and Negative Impact That Emerging Technology Solution Could have on the People or Current Processes in the Organization and Examples for how to Address the Negative Impact

The fact that CWS is an automated system means that it will require less or no human workforce intervention to manage and monitor. That means the move would save the company management expenses that it would have otherwise paid to the cybersecurity department. Techfite will benefit from confidence because it will be assured that it has the best protection system in the market. Thus, the company reputation would rise because investors would be assured that the probability of losing their capital is low.

However, the use of the CWS is quite expensive for the Techfite Company. The purchase cost, installation, and maintenance costs would also be incurred. More so, the fact that the technology is automated might result in layoffs, a move which would make some employees lose their jobs from the Techfite IT department. On the contrast, the cost of installation and maintenance would be offset by the low maintenance cost since the system is automated. Moreover, the employees who would lose jobs from the IT departments can be absorbed by other departments and branches of the organization.

E.Comparing Emerging Technology Solution to an Alternative Technology Solution, Providing at Least Two Advantages and Two Disadvantages that each Technology May have for the Organization

There are many comparative cybersecurity systems in the market. One of the comparable systems is Hewlett Packard Enterprise Secure Computer Lifecycle (Hewlett Packard Enterprise, 2020). The system prevents the booting of the server when security is compromised. It can only boot when threats are detected, and data is secured. However, Hewlett Packard Enterprise Secure Computer Lifecycle is not recommendable to the Techfite company because its traffic and the capability are weak compared to that of the CWS system. It is also clear that Hewlett Packard Enterprise does not offer firewalling services e (Hewlett Packard Enterprise, 2020). Techfite requires the most robust system like CWS to achieve the mission of expanding security so that the information system's safety can be guaranteed. More so, Techfite needs vast data traffic, a requirement that can best be met by the CWS system.

F. Recommending a Method that can be Used to Determine Whether Adoption of the Proposed Emerging Technology Solution will be Successful or Unsuccessful Based on the Needs of the Organization

The installation of cybersecurity systems in any organization is to mitigate the threats of an attack. Therefore, a risk-based approach has to be deployed so that a security goal can be achieved. The risk-based approach is essential because IT specialists can quickly identify any and address any vulnerabilities on the system. For effective coordination and management of the system, the specialists have to assess the possible damage of the vulnerability to the business, operations as well as the impact on the stakeholders. Then, using the cost-benefit analysis, the specialists firm the IT department. The organization is required to invest heavily in the system to ensure it employs the best type to mitigate possible risks. The evaluation framework and monitoring are done to provide the level of the risk at least remains within acceptable levels even when it becomes impossible to avoid it altogether. There are specific metrics utilized for the risk approach. According to Chickowski, (2015), Average Time to Detect (ATD) and Average Time to Respond (ATR) are the essential metrics utilized in risk approach. These metrics are capable of measuring the difference in time between risk event and period taken to become aware and detect the situation. According to Chickowski (2015), the smallest timeframe the best, such that the shorter the timeline, the more efficient of the security system used by the organization.

If the ATD is high or takes more time, it means the organization should refine because it is less effective or inefficient (Chickowski, 2015). The ATR is critical to the firm because it indicates the success of the organization in achieving the security objective between detecting the risk or threat and neutralizing the issue. Therefore, these metrics are essential to the techfite company because they will help achieve the firm's security goal.

References

Cser, A. (2017). Vendor Landscape: Cloud Workload Security Solutions, Q3, 2017. New CWS Functionality Offers Better Breach Detection, Granular Control, And More Cloud Integration. Forrester (pp. 77-81). IEEE. http://pages.cloudpassage.com/rs/857-FXQ-213/images/forrester-market-overview-cloud-workload-security-management-solutoons-automate-or-die.pdf

Chickowski, E. (2015). 10 Ways to measure IT security program effectiveness. Transform to Intelligent Infrastructure Security. 15(6), 30-40. https://www.hpe.com/us/en/solutions/infrastructure-security.html?pp=false&jumpid=ps_d6y3q8aebi_aid-510353130&gclid=cjj0zfxr5dccfumxgwodacyksg&gclsrc=ds

Hewlett Packard Enterprise. (2020). Server infrastructure security solutions. Defend Against Infrastructure Security Attacks. 14(2), 37-49.

www.hpe.com/us/en/solutions/infrastructure-security.html?pp=false&jumpid=ps_d6y3q8aebi_aid-510353130&gclid=cjj0zfxr5dccfumxgwodacyksg&gclsrc=ds