CYB100 University of Phoenix Cloud Storage as a Service Presentation The “Sample PowerPoint” posted in the Tutorials & Guides section of the Center for Wri

CYB100 University of Phoenix Cloud Storage as a Service Presentation The “Sample PowerPoint” posted in the Tutorials & Guides section of the Center for Writing Excellence website
The Lynda.com® video “Office 365: Learning PowerPoint” with Garrick Chow
The Lynda.com® video “Using Office Shapes and SmartArt to Enhance Business Documents”

Create a Microsoft® PowerPoint® presentation containing eight slides, including Introduction, Conclusion, and Reference slides. Include detailed speaker notes with each slide.

Scenario: You are preparing for a new company-wide project to provide each employee with a personal cloud storage account. The VP of Information Technology has asked you to research solutions for the organization and make sure the CSaaS provider encrypts data in transit and at rest. The U.S.-based company has 100,000 staff members and offices in 100 countries. You will be preparing a presentation of products to present to the company’s Information Technology Committee so they can understand the technology, security features, and associated cyber risk. Your task is to:

Research Cloud Storage-as-a-Service (CSaaS) providers
Briefly define the technology involved to implement a cloud-based technology such as CSaaS
Briefly describe the registration and authentication process for one of the providers
Correctly identify the encryption technology used both in transit and in storage for one provider
Correctly identify the ethics and privacy policies of one CSaaS provider

All references need to adhere to APA guidelines, and images should not be copied unless author permission is obtained or copyright free images are used.

Compile your work from Weeks Four and Five into a zipped file. Running head: INFORMATION SECURITY
Cyber security Laws
Gabrielle Briscoe
University of Phoenix
CYB/100
1
INFORMATION SECURITY
2
Information Security
The US has many laws that govern information and computer security, and the use of
the internet. One of these laws is the Computer Fraud and Abuse Act. This law was enacted in
1986 and makes it illegal to intentionally access a computer without authorization or exceed
the level of authorization that one has been granted (McGowan, 2017). Another example is
the Sarbanes-Oxley Act of 2002, and that was formed to prevent fraud of shareholders,
destruction of information that could otherwise serve as evidence, and the requirement for
auditors’ independence in their operations (Amadeo, 2017).
The Sarbanes-Oxley Act has been one of the most frequently enforced laws in the US.
According to Drawbaugh & Aubin (2002), Sarbanes-Oxley Act was heavily enacted during
the bankruptcy of Lehman Brothers and Bernard Madoff in 2008. In fact, these companies
became the largest companies in times of revenues and asset size to file for bankruptcy at the
time. The law has also been attributed to the low number of initial public offering (IPO)
during the late 2000s global financial crisis (Gingrich & Kralik, 2008). This is as a result of
the strict requirements that it imposed to companies and particularly those owned by
foreigners. As a result, the above factors have led to the Sarbanes-Oxley Act resulting to the
largest financial impact on companies in the US. In fact, SEC (2003) further reports that
Worldcom, one of the largest companies to file for bankruptcy, agreed to pay a fine of $2.5
billion to SEC and a further $500 million to investors due to the violation of fraud policies.
The Sarbanes-Oxley Act also has the strictest punitive damages in comparison to the
National Information Infrastructure Protection Act and the Computer Fraud and Abuse Act.
Policies such as the Computer Fraud and Abuse Act have loopholes that have been used due
to its lack of proper definition of its requirements. On the other hand, corporates can easily
lose their licensure, have their staff imprisoned, and be forced to close businesses altogether.
In fact, this is one of the issues that led to the closure of Arthur Andersen, which was
INFORMATION SECURITY
3
considered as one of the five largest auditing firms in the world during the early 2000s
(Rusell, 2014).
The Sarbanes-Oxley Act protects business assets, shareholders’ equity, and
information pertaining the running of the business. In this case, companies are required to
comply with the SEC policies on disclosure of financial information and the standardization
of auditing and accounting processes (Amadeo, 2017). As such, no company should mislead
the public, and more so the shareholders, when reporting its financial information for the
purpose of fraud. At the same time, no auditor should collude with the business management
to mislead the public and neither should they destroy any information that may incriminate a
company.
The Sarbanes-Oxley Act, the National Information Infrastructure Protection Act, and
the Computer Fraud and Abuse Act critically guarantee the confidentiality of all private
information. In the Computer Fraud and Abuse Act, for example, no one should access private
information from other people’s computers without authorization. On the other hand, the
National Information Infrastructure Protection Act extends the Computer Fraud and Abuse
Act by making it illegal not just to access computers without authorization but also to access
restricted information and share the information for the purposes of harming the owner or the
state (US Congress, n.d). Added to the Sarbanes-Oxley Act, these policies thus protect the
confidentiality of personal, corporate, and state information.
INFORMATION SECURITY
4
References
Amadeo, K. (2017). Sarbanes-Oxley Summary: How It Stops Fraud. The Balance. Available
from https://www.thebalance.com/sarbanes-oxley-act-of-2002-3306254
Drawbaugh, K. & Aubin, D. (2012). Analysis: A decade on, is Sarbanes-Oxley working?
Reuters. Available from https://www.reuters.com/article/us-financial-sarbox/analysisa-decade-on-is-sarbanes-oxley-working-idUSBRE86Q1BY20120730
Gingrich, N. & Kralik, D. (2008). Repeal Sarbanes-Oxley. SF Gate. Available from
http://www.sfgate.com/politics/article/Repeal-Sarbanes-Oxley-3186747.php
McGowan, B. (January 01, 2017). Eject the Floppy Disk: How to Modernize the Computer
Fraud and Abuse Act to Meet Cybersecurity Needs. Ssrn Electronic Journal.
Russell, G. (2014). Andersen, Auditing And Atonement — The accounting profession 10
years after Enron. The Journal Of The Global Accounting Alliance. Available from
http://www.gaaaccounting.com/andersen-auditing-and-atonement-the-accountingprofession-10-years-after-enron/
SEC (2003). The Honorable Jed Rakoff Approves Settlement of SEC’S Claim for a Civil
Penalty Against Worldcom. SEC. Available from
https://www.sec.gov/news/press/2003-81.htm
The US Congress (n.d). H.R.4095 – National Information Infrastructure Protection Act of
1996. The US Congress. Available from https://www.congress.gov/bill/104thcongress/house-bill/4095
US
Strategical
Tactical
Abuse Act and
Computer Fraud
prohibits computer’s
unauthorized access
their interference,
and data obtaining
Electronic
Communications
Privacy Act governs
data interception,
access to data
RUSSIA
Organisations or
Individuals should be
responsible for their
network usage should
not set up
communication groups
or websites due to
fraudulent purposes
and illegal activities.
Any person who
violates Article 27 is
engaging in activities
that endanger cyber
security and may be
imprisoned for
between 5 to 15 days
be detained for 5 to
15. This depends on
the severity of the
case.
CHINA
All government levels
shall organize, carry
out security of
network and
publically regularly.
Network providers
shall provide and
maintain their
products and services
for time limits agreed
upon between them
and clients.
Operators of Network
Operational
The Paperwork
Reduction Act 1995
This law gave
Management office
and Budget the
mandate and
responsibility to
develop cyber
policies.
shall cooperate with
People have a right to
have the errors in their
personal information
corrected by their
network operators.
network departments
on lawful supervision
and implementation
tasks.
CYBER SECURITY
Important Concepts in Security
Gabrielle Briscoe
CYB/100
University of Phoenix
The differences between Espionage,
Intelligence gathering, and Cyber warfare.
• Cyber espionage work can be termed as unapproved spying via PC. The term
alludes to the channeling of infections that secretly watch or decimate
information in the PC frameworks of government offices and expansive
endeavors.
• An intelligence gathering system or essentially intelligence gathering is a
framework through which data about a specific substance is gathered for the
advantage of another using more than one, between related source.[according
to whom?] Such data might be assembled by a military intelligence,
government intelligence, or business intelligence arrange.
• Cyberwarfare additionally named as cyber war is any unreal clash started as a
politically spurred assault on an adversary’s PC and data frameworks. Pursued
by means of the Internet, these assaults handicap budgetary and authoritative
frameworks by taking or modifying characterized information to undermine
systems, sites and administrations.
Military Influence on Intelligence Gathering,
Cyber Warfare, and Physical Assets.
• Military has been influenced by intelligence gathering
through extraction of information related to the
battlefield, and tactical information extraction in
relation to specific battle campaign strengths and
units. A good example that this applied is during the
Napoleonic wars.
• Cyber warfare has always been a great topic when it
comes to Cyber Security. Many countries have
invested on military cyber warfare. Cyber’s impact on
methodology can be inspected from a long haul point
of view. The military’s key level manages long haul
Military Influence on Intelligence Gathering,
Cyber Warfare, and Physical Assets.
• Vital designs tend to address questions leading to a whole war crusades. From
this viewpoint, new cyber capacities will require little re-examination of the
essential systems the military utilizes. The Department of Defense’s central
goal is general national resistance fundamentally from outside enemies.
• Physical Assets. The U.S. Armed force needs to monitor a considerable
measure of assets. There are expensive things like planes and rockets, guns,
essential IT gear and PCs. Burning through cash on new supplies is
dependably an issue to any militiary. In any case, this isn’t an issue for IT
resources at Fort Hood, one of the biggest U.S. Armed force posts. They’ve set
up resource administration best practices that guarantee they generally know
the condition of their advantages. In any case, this wasn’t generally the case.
Before executing Wasp MobileAsset, the base was utilizing a manual
framework that was tedious, blunder inclined, and not refreshed progressively.
Timeline of a Recent Incident Involving
Personal Privacy
• In February 2017, the Cloudflare Web Framework said that an error at this
stage caused an arbitrary disclosure of sensitive and sensitive customer
information. CloudFlare provides runtime and security authorities on six million
client sites (counting hitters such as Fitbit and OkCupid devastators), so that
occasional outages included only small amounts of information extracted from
a giant data set.
• On March 7, WikiLeaks distributed an information file containing 8,761 reports
allegedly stolen by the CIA, containing several documents on espionage and
piracy. The revelations included iOS and Android vulnerabilities, Windows
bugs, and the ability to turn some enthusiastic TVs into listening devices.
• On May 12, a variety of ransomware, called WannaCry, spread throughout the
world, influencing a wide range of goals, including open public services and
substantial partnerships. Ransomware has hit the clinics and offices of the UK’s
National Health Service, wrapped in crisis cells, postponing key restorative
systems and causing problems in some British patients.
•
•
•
•
•
•
•
Five Physical Assets of the Cyber
Domain
The five physical assets of Cyber Domain are:
Hardware
Software
Data
Peopleware
Networks
Physical resource are innately profitable but powerless against a wide
assortment of dangers, both malevolent and coincidental/characteristic. On the
off chance that dangers emerge and abuse those vulnerabilities influencing
occurrences, there are probably going to be antagonistic effects on the
associations or people who honestly claim and use the advantages, changing
from insignificant to obliterating as a result. Security controls are planned to
diminish the likelihood or recurrence of event as well as the seriousness of the
effects emerging from occurrences, in this manner ensuring the estimation of
the advantages.
Conclusion
• Cyber, similar to any other type of innovation, has
influenced all parts of our lives, and the military isn’t
resistant from its impact. PC innovation has been
incorporated into the lives of everybody from
presidential perspective down to the enrolled Soldier
on a watch. How far this mix goes on is truly up to the
creative energy of innovation designers and
trailblazers. For the time being, cyber looks to make
the lives of Soldiers less demanding, more proficient
and more secure.
References
Baiardi F, Sgandurra S (2013) Assessing ICT risk through a Monte Carlo method.
Cam H, Mouallem P (2013) Mission assurance policy and risk management in cybersecurity.
Kelic A, Collier ZA, Brown C, Beyeler WE, Outkin AV, Vargas VN, Ehlen MA, Judson C, Zaidi A,
Leung B, Linkov I (2013) Decision framework for evaluating the macroeconomic risks and policy
impacts of cyber attacks.
Lambert JH, Keisler JM, Wheeler WE, Collier ZA, Linkov I (2013) Multiscale approach to the
security of hardware.
Linkov I, Eisenberg DA, Plourde K, Seager TP, Allen J, Kott A (2013) Resilience metrics for cyber
systems.
Pawlak P, Wendling C (2013) Trends in cyberspace: can governments keep up?
Rosoff H, Cui J, John RS (2013) Heuristics and biases in cyber security dilemmas.
Sheppard B, Crannell M, Moulton J (2013) Cyber first aid: proactive risk management and
decision-making.
Vaishnav C, Choucri N, Clark D (2013) Cyber international relations as an integrated system.
Running head: PAPER AND STORY BOARD
Microsoft Word Essentials
Name:
Course Number:
Instructor:
Date:
1
PAPER AND STORY BOARD
2
Microsoft Word Essentials
Cyberspace alludes to the virtual PC world, particularly, it is an electronic medium used
to shape a worldwide PC system to encourage online correspondence. It is a huge PC made up of
numerous overall PC organizes that utilize TCP/IP convention to help in correspondence and
information trade exercises (Gasser, 1988). Maritime domain mindfulness (MDA) is
characterized by the International Maritime Organization as the successful comprehension of
anything related to the maritime domain that could affect the security, wellbeing, economy, or
condition. Space domain suggests a circumstance in which the abundance of a flag differs with
position (for the most part in two measurements, as in a photo) instead of with time. A physical
domain gives a situation, characterized basically by it is a cross and through factors, for
interfacing the segments in a Physical Network.
The most difficult territories for U.S. organizations working together abroad is adjusting
U.S. staff contracting laws with those of different nations. Nations, for example, Saudi Arabia,
for instance, declined to give visas to workforce in these classifications: single ladies, Jews, gay
people and those with specific sorts of handicap.
Cybersecurity is a political issue since administrations and lawmakers everywhere
perceive national intrigue is intensely affected by the impact of cyber. In a period of distributed
computing and associated gadgets, systems have turned out to be more mind-boggling than any
time in recent memory. Security groups now confront the test of securing cloud situations. This
growing assault surface has presented a large group of new open doors for on-screen risk
characters, from trading off brilliant TVs and associated angles of taking information through
Dropbox or AWS (Cashell et al, 2004). Complexity diminishes security in a few ways. In the
PAPER AND STORY BOARD
3
first place, unpredictability makes vulnerabilities harder for designers and analyzers to reveal.
Each element, capacity is a potential danger vector.
The two benefits of cloud computing are: Cost savings. The cloud can also improve cost
control by coordinating your cost model more closely with your revenue/requirements project,
moving your business from a low-cost capital model to an Opex display. Adaptation upon
request advantage. As your business grows, a cloud situation must develop with you. Also, when
the request is fanciful, or you should try another application, you have the activation limit up or
down, paying only for what you use.
PAPER AND STORY BOARD
4
References
Gasser, Morrie (1988). Building a Secure Computer System (PDF). Van Nostrand Reinhold. p. 3.
Cashell, B., Jackson, W. D., Jickling, M., & Webel, B. (2004). The Economic Impact of CyberAttacks. Congressional Research Service, Government, and Finance Division.
Washington DC: The Library of Congress

Purchase answer to see full
attachment