Cyber Security Assessment

Introduction Socià ©tà © Gà ©nà ©rale Bank was established in 1864 in France by a caucus of moguls and investors with the aim of improving and bolstering their commercial ventures. Over the years, the bank has tremendously improved its financial outlay. This has enabled it to extend its presence in many nations. Today, the bank is among the successful financial institutions globally. Advertising We will write a custom assessment sample on Cyber Security specifically for you for only $16.05 $11/page Learn More The bank offers retail banking, savings schemes and intercontinental banking services. Thus, the bank handles thousands of varied transactions daily. Despite its success in the corporate arena, it has experienced a myriad of fraudulent cases which have affected its corporate profile and are likely to retard its future growth. This paper identifies and discusses the policies, vulnerabilities, risks and internal controls of Socià ©tà © Gà ©nà ©rale. Fraudsters have pervaded the financial sector with the banking subsector being the hardest hit. It has been quite challenging to track fraudsters because they apply sophisticated technologies which banks cannot keep pace with. In simple terms, bank fraud refers to the unlawful mechanisms of accessing or being in possession of money or other properties that belong to a financial company. Bank fraud can also be practiced in form of receiving money from shareholders by purporting to be a genuine financial institution. Destabilization of the financial base of an organization is one the most devastating effects of fraud. With reference to the banking sector, fraud can lead to a mass exodus of potential depositors who may no longer trust the bank with their savings. Second, fraud can cause serious liability to a bank; hence, culminating into a collapsed bank situation. Fraud in the bank can either be conducted by the staff or outsiders. In some cases, the two can conspire to siph on out assets and money from the bank. â€Å"The most serious incidence of fraud that Socià ©tà © Gà ©nà ©rale has ever witnessed occurred on 24-1-2008, when Jà ©rà ´me Kerviel (a single futures dealer) allegedly lost close to US$7.2 billion† (NBC News, 2008). This was the worst case of fraud the bank has suffered since its inception (CBS News, 2009). Kerviel is believed to have coordinated and executed a chain of fake transactions, which the bank could not trace. The management of the bank revealed that Kerviel exploited every loophole to hack the computer operations at the bank. He mainly focused on tampering with security control systems to pave way for his illegal transactions. The changes Kerviel effected on the computer systems helped him to get rid of credit controls; hence, the risk personnel could not easily track his huge transactions. Advertising Looking for assessment on communications media? Let's see if we can help you! Get your first paper with 15% OFF Learn More He was also reported to have stolen the secret codes of his workmates that served at the trading section and department of technology. Kerviel possessed vast technical control procedures that enabled him to manipulate the security installations. Thus, he was able to access important information that was out of reach to many employees. Having served in the back office for roughly six years, Kerviel learnt how the control systems of the bank operated. Finally, he gained privileged access codes that he used to eliminate five control systems before executing his transactions. An in-depth security analysis of the fraud incident revealed that lack of proper information control systems prompted the hacking of the privilege codeword. Privileged user accounts are one of the most secure IT venture settings, and are used to secure sensitive databases and servers. The secret codes are â€Å"generic in character; they encompass, but are not restricted to generic accoun ts such as administrator on Wintel platforms, root on UNIX systems, and hard-coded passwords† (Bishop, 2009, p. 345). One disadvantage of this kind of data security system is that in case the secret code is revealed to many individuals, several operating systems can easily be hacked. The bank was probably using a single security code to secure several systems. This kind of security system creates loopholes, which can easily be misused by fraudsters. System prowlers apply authentic codes to access systems just like privileged users. They like attacking systems because they are often secured using weak secret codes that can easily be conjectured or have remained unchanged for a long time. An application like Weblogic that is secured with embedded privileged secret codes has high chances of being hacked. Reviewing Current Policies The establishment of appropriate and reliable security policies at Socià ©tà © Gà ©nà ©rale needs a clear approach that will facilitate the identif ication of the current computer vulnerabilities. The status of the current security policies can be established by analyzing current documents and detecting parts of the system that lack appropriate policies. â€Å"The critical areas of the system that need to be reviewed include: physical access controls, network security policies, data security policies and contingency and disaster recovery plans and tests† (Gollmann, 2011, p. 123). Advertising We will write a custom assessment sample on Cyber Security specifically for you for only $16.05 $11/page Learn More â€Å"In addition, documents that have confidential data like computer BIOS secret codes, router configuration secret codes and access control documents should also be reviewed† (Gollmann, 2011, p. 125). Examining the security requirements of Socià ©tà © Gà ©nà ©rale should also involve finding out the extent of its exposure to known threats. This analysis encompasses identifyin g the nature of the bank’s assets because they determine the type of risks it should be protected from. It is also important to list the potential risks because it enables the security personnel to determine techniques such as email hacking and viruses that can be applied in the attack. Therefore, the security personnel at Socià ©tà © Gà ©nà ©rale Bank should improve their skills of tackling such challenges. Improving Security Strategies A good security system is supposed to include both proactive and reactive approaches. A proactive strategy has a number of procedures that mitigate potential security risks and build up emergency plans. Determining the destruction that an onslaught will cause on a given data assists in creating a strategy that is proactive. On the other hand, a reactive plan assists in examining the extent of damage on a system after it has been hacked. This helps in making decisions such as repairing the corrupted system or implementing emergency plans. The first step towards securing the system is developing effective mechanisms for identifying potential risks and developing mechanisms to resist the potential risks. Start by securing the system against common threats. It is easier to prevent threats than to reconstruct the system after an attack. All potential threats that may destabilize the system should also be scrutinized by the security administrators. These potential threats include malevolent prowlers, non wicked threats, and natural calamities. Consider all of the possible threats that cause attacks on systems. Most of the attacks are caused by employees. Reactive Strategy A reactive strategy could offer the best solution to deal with the fraud case at Socià ©tà © Gà ©nà ©rale because the proactive strategy failed to secure the system. The reactive plan identifies the procedures that should be followed during and after intrusion. â€Å"This strategy detects the extent of the destruction caused and the loopholes tha t were taken advantage of in the attack, it establishes why it occurred, refurbish the spoilt systems, and execute an eventuality plan if available† (Pfleeger, 2008, p. 657). Reactive and proactive strategy work hand in hand to buildup security controls to mitigate intrusion and the destruction caused during such incidences.Advertising Looking for assessment on communications media? Let's see if we can help you! Get your first paper with 15% OFF Learn More Assess the Damage Identify the destruction that occurred during the intrusion. This process should be executed very quickly so that reconstruction of the system can commence as soon as possible. Establish the Source of the Damage This can be achieved by analyzing the system logs because they give clue about the origin of the attack. System and audit logs can also be examined because they are also instrumental in tracing the source of an attack. Repair the Damage Reconstruction of the system should be done immediately after detecting the source of the attack to facilitate the execution of usual operations and whatever information misplaced during the interruption. Document and Learn Where feasible, all attack situations must be analyzed and documented to identify the most appropriate security steps and controls that can secure the system. The security group should handle cases such as insider attacks and viruses. Such efforts generate skills that a company can apply and data to give out before and after incidents. In addition, the security team is supposed to examine any unfamiliar occurrence which may involve system controls. Documentation must encompass all the facets of the attack which can possibly be identified. Documentation will assist in adjusting proactive strategies for curbing potential intrusion or reducing destructions. Implement Contingency Plan If there is a contingency arrangement, it can be put into operation to avoid time wastage and to maintain business operations. In a situation whereby there is no emergency plan, create a suitable plan based on the evidence from the previous step. Review Outcome â€Å"Examining the outcome is important and should involve: loss in efficiency, information or mislaid, and the used to reorganize the system† (Pfleeger, 2008, p. 678). If possible, list the type of attack, its source, the mechanisms that were used to execute it, and the loopholes that were exploited. Review Policy Effectiveness If there ar e policies to guard against an intrusion that has occurred, they must be examined, reviewed and tested out for their efficiency. New polices must be created if they have not been used before to reduce potential attacks. Amend Policy Properly If the policy is of poor quality, it must be upgraded properly. Updating of polices should only be undertaken by an authorized personnel that deals with system securities. Moreover, a security policy can be configured in a manner that it only allows the users to access the system during the normal working hours. This reduces hacking incidences. Conclusion The security managers of Socià ©tà © Gà ©nà ©rale should determine the amount of time and resources that can enable them to create effective security controls. Apart from setting up an efficient security strategy, security auditors need to realize that security is a full time need in the organization. Hence, they should always update their security system regularly. This assessment on Cyber Security was written and submitted by user Vihaan Ingram to help you with your own studies. You are free to use it for research and reference purposes in order to write your own paper; however, you must cite it accordingly. You can donate your paper here.

Future Years ACT Test Dates 2019, 2020, and Beyond

Future Years' ACT Test Dates 2019, 2020, and Beyond SAT / ACT Prep Online Guides and Tips Future ACT dates are only confirmed a little more than a year in advance, but at PrepScholar, we’ve researched patterns from previous testing years to predict future ACT test dates. The ACT test dates for 2019-20 have been officially released, but I’ll also provide the confirmed and likely dates for 2020-21 and 2021-22. From the data we’ve looked at, we can predict these dates with a fair degree of confidence. 2019-2020 ACT Test Dates Here are all the ACT dates, registration deadlines, and score release dates for the current 2019-20 school year. All dates and deadlines have been confirmed by ACT, Inc. Test Date Deadline Late Deadline Online Score Release* Sept 14, 2019 Aug 16, 2019 Aug 30, 2019 Sept 24; Oct 10, 2019 Oct 26, 2019 Sept 20, 2019 Oct 4, 2019 Nov 12; Nov 26, 2019 Dec 14, 2019 Nov 8, 2019 Nov 22, 2019 Dec 24, 2019; Jan 7, 2020 Feb 8, 2020 Jan 10, 2020 Jan 17, 2020 Feb 18; Mar 3, 2020 Apr 4, 2020 Feb 28, 2020 Mar 13, 2020 Apr 14; Apr 28, 2020 June 13, 2020 May 8, 2020 May 22, 2020 June 23; July 7, 2020 July 18, 2020** June 19, 2020 June 26, 2020 July 28; Aug , 2020 *The first date is when multiple-choice scores come out, and the second date is when complete scores become available**No test centers scheduled in New York for this date. 2020-2021 ACT Test Dates This is the anticipated schedule for the ACT test dates, registration deadlines, and score release dates for the 2020-21 school year. All dates are based on our own projections. Test Date Deadline Late Deadline Online Score Release* Sept 12, 2020 Aug 7, 2020 Aug 21, 2020 Sept 22; Oct 6, 2020 Oct 24, 2020 Sept 20, 2020 Oct 4, 2020 Nov 3; Nov 17, 2020 Dec 12, 2020 Nov 6, 2020 Nov 20, 2020 Dec 22, 2020; Jan 5, 2021 Feb 6, 2021 Jan 8, 2021 Jan 15, 2021 Feb 16; Mar 1, 2021 Apr 10, 2021 Mar 5, 2021 Mar 19, 2021 Apr 20; May 4, 2021 June 12, 2021 May 7, 2021 May 21, 2021 June 22; July 6, 2021 July 17, 2021 June , 2021 June 25, 2021 July 27; Aug 10, 2021 *The first date is when multiple-choice scores come out, and the second date is when complete scores become available 2021-2022 ACT Test Dates Finally, let's take a look at the projected dates and deadlines for the 2021-22 ACT testing year. As noted above, all of these dates are our own projections. Test Date Deadline Late Deadline Online Score Release* Sept , 2021 Aug 6, 2021 Aug 20, 2021 Sept 21; Oct 5, 2021 Oct 23, 2021 Sept 19, 2021 Oct 3, 2021 Nov 2; Nov 16, 2021 Dec , 2021 Nov 5, 2021 Nov 19, 2021 Dec 21, 2021; Jan 4, 2022 Feb 5, 2022 Jan 7, 2022 Jan 14, 2022 Feb 15; Feb 28, 2022 Apr 9, 2022 Mar 4, 2022 Mar 18, 2022 Apr 19; May 3, 2022 June , 2022 May 6, 2022 May 20, 2022 June 21; July 5, 2022 July 16, 2022 June 10, 2022 June 24, 2022 July 26; Aug 9, 2022 *The first date is when multiple-choice scores come out, and the second date is when complete scores become available How Accurate Are These Future ACT Test Dates? The 2019-20 ACT test dates and registration deadlines have been confirmed by ACT, Inc. All other dates are our projections based on the testing patterns from previous years' schedules. The ACT test dates and registration deadlines for future years should be fairly accurate, as there's little variation from year to year. The score release dates for all years are less predictable, but scores should come out within a week of the anticipated score release dates. Also, note that not everyone receives their multiple-choice scores at the same time. How to Use These ACT Test Date Projections Most of the future ACT dates in this article should be correct. If you have an idea of the month and year you want to take the test, you can check to see whether your test date is on the same day as, say, prom or your birthday. Basically, these charts make it easy to figure out whether you’ll have any possible conflicts. If any of the test dates are off, they’ll most likely be exactly a week earlier or later. Remember, though, that there is some margin of error and these are still just projections. You can plan your ACT schedule using our projections, but definitely check again within a year of the test for the confirmed dates. Nevertheless, the above dates should give you a good idea of when future ACTs will take place. What's Next? Are you wondering when you should sign up to take the ACT for the first time? This guide to choosing the right ACT test date describes the most important considerations to help you choose the best test date for you. Starting your ACT prep? Check out our guide on the best ways to study for the ACT for all the tips you need to know to reach your goal score. In addition, learn how to make your own study plan. Practice tests are an important part of ACT prep, and our guide to using ACT practice tests will explain everything you need to know about how to use them correctly. Want to improve your ACT score by 4+ points? Download our free guide to the top 5 strategies you need in your prep to improve your ACT score dramatically.

History of wool Essay Example | Topics and Well Written Essays - 250 words

History of wool - Essay Example The origin of wool can be traced back in Asia Minor just like the story of human civilization. This happened during the Stone Age period, over 10,000 years ago. Sheep was used by the primitive man who lived on the Mesopotamian plain for shelter, clothing, and food. With time, man learned how to weave and spin, and woolen materials turned to be part of their riches. Romans, Persians, and Greeks distributed sheep over Europe between 3000 and 1000 B.C, which improved the breeds. King Henry VIII, who reigned between 1509 and 1547, seized the flocks of monasteries and gave them out to the court favorites (American Wool 2). The shepherds who were left unemployed were then sent to prison for failing to repay their debts. This was part of the incitement that led them to migrate into America. England through his Kings tried to discourage the wool industry in North America, however, some few sheep that had been smuggled there had multiplied into over 100,000 sheep by 1665. There was even a law passed by Massachusetts that required a young people to spin and weave. The American tradition and folklore grew together with the wool industry. The eldest unmarried daughters in the family were charged with the spinning duties, hence the name ‘spinster. They wound spun yarn on a reel that when a given yardage was arrived at, it made a popping sound. American Wool. "The History of Wool Fact Sheet." Division American Sheep Industry Association Inc. (2013): 1-2. Web. 28 January 2015.