Making an information security plan
Miettinen, Henrik (2021)
2021
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2021053012567
https://urn.fi/URN:NBN:fi:amk-2021053012567
Tiivistelmä
The development objective of this thesis was to create a working, efficient and solid information security plan for a small-sized company. This thesis used qualitative and development methods, such as qualitative interview, literature reviewing as well as researching of the company premises and practices, as well as understanding and awareness of security culture to establish and create the information security plan. The information security plan will consist of a risk management table, as well as an information security-related auditing template, that may and should be used regularly even after the completion of this project, to ensure that the information security of the case company will remain stable and secure.
The overall outcome of the thesis was to strengthen the overall understanding of the importance of the information security within the company, as well as how to avoid jeopardizing it. The information security plan offers cost efficient and simple solutions to strengthen the overall risk assessment and information security awareness of employees within the company, as well as the employer’s, from simple changes in attitude, behavior and habits to further raise awareness and to mitigate the likelihood of targeted attacks succeeding against the company and its employees, such as phishing attempts or malware attacks
The overall outcome of the thesis was to strengthen the overall understanding of the importance of the information security within the company, as well as how to avoid jeopardizing it. The information security plan offers cost efficient and simple solutions to strengthen the overall risk assessment and information security awareness of employees within the company, as well as the employer’s, from simple changes in attitude, behavior and habits to further raise awareness and to mitigate the likelihood of targeted attacks succeeding against the company and its employees, such as phishing attempts or malware attacks
Kokoelmat
Samankaltainen aineisto
Näytetään aineisto, joilla on samankaltaisia nimekkeitä, tekijöitä tai asiasanoja.
-
Cybersecurity development and business continuity plan for car dealership
(2022)The purpose of this thesis was to investigate the capability of the case company to meet the challenges of current and growing security threats and to come up with a development plan to increase the level of cyber security ... -
Maritime cybersecurity. Before the risks turn into attacks
Xamk Tutkii 18 (South-Eastern Finland University of Applied Sciences, 2021)Cyber-attacks have increased during the CoVID-19 pandemic. There is an urgent need to understand the threats posed by cyber-attacks and identify how to minimise the potential risks. This study provides best practices to ... -
Comprehensive cyber arena; the next generation cyber range
(IEEE, 2020)The cyber domain and all the interdependencies between networked systems form an extremely complex ensemble. Incidents in the cyber domain may have an abundance effect on the physical domain. For example, a cyber attack ...
