SlideShare a Scribd company logo

DDHI Board Report.ppsx

Download as PPSX, PDF
L
LaurenCampbell84

The board report summarizes Diamond Hands Holdings Inc.'s (DHHI) current and intended security operations and provides a budget for improvements. It outlines DHHI's projected revenue of $150 million and current security measures, which include contingency planning, incident response, discovery recovery, and encryption. The presentation recommends strengthening risk management, physical/environmental security, compliance, and other areas. It proposes a $50,000 budget and five-year improvement program to address vulnerabilities and reduce risks to DHHI's information assets, operations, and compliance. The security plan is intended to protect the company, employees, clients, and stakeholders from threats, breaches, downtime and data loss.

1 of 12
DIAMOND HANDS HOLDINGS INC. (DHHI) B O A R D R E P O R T Lauren Campbell CYBR 7930 Dr. Mattord Summer 2023
Introduction Diamond Hands Holdings Inc. offers multiple customers with different services in the realm of information technology. Because they offer services in the realm of information technology, a continuous effort regarding the evaluation, protection, and service must be a priority for the company. The Security Services Plan (SSD) created for Diamond Hands Holdings Inc. covered all three racks in the Appendix B Asset Inventory. Because the DDHI Secured Server Data Center consists of different departments and uses different sources to perform day to day operations for the company, I had to deeply analyze each area. The receiver of service, frequency, justification, expenditure, and cost recovery for each service in the directory are crucial to the operations design needed to protect the organization’s assets and risks. The purpose of this Security Operations Design is to provide the customers of Diamond Hands Holding, Inc. (DHHI) with a comprehensive list of all security operations deliverables and the improvement of how they operate in using the platform. Threats to information and data are constantly occurring, and it is crucial that DHHI follows this plan to protect the company, the stakeholders, and all customers. 2
INTENDED AUDIENCE BOARD MEMBERS CEO SHAREHOLDER SHAREHOLDER EXECUTIVE BOARD MEMBER 3
AGENDA Projected Revenue Current Security Operations Intended Security Operations Budget Improvement Program Summary & Questions 4
Projected Revenue $150 MILLION • We project to continue to grow this number as our strategic plans are put into place. The budget allocation of only $50,000 to start our plans includes recruitment costs, training expenses, consultant fees, technology investments, and other relevant expenditures. Our appropriate resource allocation and implementation of all projects will only increase the revenue of DHHI.
Current Security Operations Contingency Planning, Incident Response, and Discovery Recovery Contingency planning involves the preparing for potential disruptions, disasters, or unforeseen events that could impact the normal operations of an organization. The Incident response is the process of effectively handling and managing security incidents or breaches when they occur. Disaster recovery focuses on restoring the organization's IT infrastructure and systems after a significant disruptive event, such as a natural disaster, hardware failure, or cyber-attack, that causes widespread system outages or data loss. DHHI has an established plan that incorporates all the above areas to ensure the integrity and confidentiality of the company. Encryption Encryption is the process of converting data into a coded form known as ciphertext and making it unintelligible to unauthorized users. This is essential for companies to have as it helps them protect sensitive information and ensure data confidentiality. DHHI has implement many solutions and detection services that detect and handle files that come in that are malware. Other Operations: Antivirus, Authentication Applications, Email and Messaging Use, Ethics Policy, and Firewall
Intended Security Operations Risk Management DHHI should assess the risk management of their infrastructure so they can assess the protentional threats, assists, vulnerability, and controls of the information systems they are using and compare it to the occurrence of certain threats they are at risk of. Risk management is the process of identifying, assessing, and prioritizing risks to an organization and then taking the appropriate actions to mitigate or manage those risks effectively. It involves understanding potential threats and vulnerabilities, evaluating the potential impact of risks, and implementing strategies to reduce or eliminate them. Physical and Environmental Security • Physical and environmental security focuses on protecting an organization's physical assets, facilities, and the surrounding environment from unauthorized access, damage, and disruptions. It involves implementing measures to secure the physical premises, equipment, data centers, and other critical infrastructure components. DHHI should make sure their server rooms are secured to only people who should be able to enter. They should hire security to protect the physical office, as well as a virtual security system that looks out for breaches and attacks. Camera, motion detectors, and security alarms are also very important features to be added. Compliance & Regulatory • Compliance and Regulatory compliance consists of multiple audits and assessment being performed to ensure the company and its staff members are staying up to date on all laws, regulations, and certification measures.
• Vulnerability Management • Create management team • Assess vulnerabilities and risk • Security Awareness and Training • Monitoring and Review • Application Security • Securing development practices • Creating a team to handle data encryption • Securing and assessing data • Access Control and Provisioning • Implement Single Sign on and Multi- factor authentication • Create a training program and access provision team • Analyze patch and vulnerability management 1.Physical and Environmental Security • Gain security • Purchase cameras, motion detectors, and security alarms • Development policies and procedures • Create training classes for employees • Threat Detection & Intelligence Develop threat intelligence prosecutes • Threat intelligence gathering and analysis • Monitoring, analysis, and adaption • Incidence Response • Threat detection and intelligence • Create a team that can understand the nature of the attack • Identify affected systems and create plan to mitigate the damage • Disaster Recovery • Develop disaster recovery team • Create playbook, testing, and exercise plans • Create strategies and procedures • Risk Management • Assess risks • Complete risk assessment • Document and treat risk areas
Budget
Improvement Program Subtitle • Open the Design Ideas pane for instant slide makeovers. • When we have design ideas, we’ll show them to you right there. The improvement program shows a breakdown over the next 5 years that analyzes which areas need to be improved upon. In each area the operations team will need to track the occurrences, the effects, ownership, resource estimates, due dates, completion, and status. In the span of five years, there should be a decrease in risk in the areas we are worried about in terms of security and compliance.
Summary The DDHI Security Operations Plan covers every area DHHI should consider mitigating risks, prevent breaches, reduce threats to information assets, reduce downtime/recovery time and data loss, and ensure compliance at all levels. The approach is created with the intent and understanding of DHHI’s services and information systems. The services are intended to protect the company, employees, clients, and stakeholders. Implementing these facilities will reduce risk, reduce overhead, reduce time, and act as an aid in the recovery and planning of potential attacks that could occur. The cyber security, physical security, and digital security DHHI and the implementation of the above services is critical and crucial to providing a secure environment to DHHI’s staff, contractors, vendors, and clients. These services will contribute to the feeling 11
THANK YOU Lauren Campbell Questions? You can reach me at Lcampb45@students.kennesaw.edu 12

Recommended

Cyber risk management-white-paper-v8 (2) 2015
Cyber risk management-white-paper-v8 (2) 2015Cyber risk management-white-paper-v8 (2) 2015
Cyber risk management-white-paper-v8 (2) 2015
Accounting_Whitepapers
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'a
Fahmi Albaheth
 
Dlp Methodology
Dlp MethodologyDlp Methodology
Dlp Methodology
tbeckwith
 
MCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationMCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service Presentation
William McBorrough
 
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
yoroflowproduct
 
MCGlobalTech Service Presentation
MCGlobalTech Service PresentationMCGlobalTech Service Presentation
MCGlobalTech Service Presentation
William McBorrough
 
Solution Spotlight IT Consulting Services
Solution Spotlight IT Consulting ServicesSolution Spotlight IT Consulting Services
Solution Spotlight IT Consulting Services
The TNS Group
 
Strategic Insights on IT & Cyber Risk Assessments.pdf
Strategic Insights on IT & Cyber Risk Assessments.pdfStrategic Insights on IT & Cyber Risk Assessments.pdf
Strategic Insights on IT & Cyber Risk Assessments.pdf
lilabroughton259
 

Recommended

Cyber risk management-white-paper-v8 (2) 2015
Cyber risk management-white-paper-v8 (2) 2015Cyber risk management-white-paper-v8 (2) 2015
Cyber risk management-white-paper-v8 (2) 2015
Accounting_Whitepapers
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'a
Fahmi Albaheth
 
Dlp Methodology
Dlp MethodologyDlp Methodology
Dlp Methodology
tbeckwith
 
MCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationMCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service Presentation
William McBorrough
 
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
yoroflowproduct
 
MCGlobalTech Service Presentation
MCGlobalTech Service PresentationMCGlobalTech Service Presentation
MCGlobalTech Service Presentation
William McBorrough
 
Solution Spotlight IT Consulting Services
Solution Spotlight IT Consulting ServicesSolution Spotlight IT Consulting Services
Solution Spotlight IT Consulting Services
The TNS Group
 
Strategic Insights on IT & Cyber Risk Assessments.pdf
Strategic Insights on IT & Cyber Risk Assessments.pdfStrategic Insights on IT & Cyber Risk Assessments.pdf
Strategic Insights on IT & Cyber Risk Assessments.pdf
lilabroughton259
 
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Richard Lawson
 
Connection can help keep your business secure!
Connection can help keep your business secure!Connection can help keep your business secure!
Connection can help keep your business secure!
Heather Salmons Newswanger
 
Step by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniStep by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohani
yaseraljohani
 
Step by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniStep by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohani
Yaser Alrefai
 
Cyber and information security operations and assurance
Cyber and information security operations and assurance Cyber and information security operations and assurance
Cyber and information security operations and assurance
EyesOpen Association
 
How to secure your company's financial data in 4 simple steps..pdf
How to secure your company's financial data in 4 simple steps..pdfHow to secure your company's financial data in 4 simple steps..pdf
How to secure your company's financial data in 4 simple steps..pdf
Jose thomas
 
CompTIA CySA Domain 5 Compliance and Assessment.pptx
CompTIA CySA Domain 5 Compliance and Assessment.pptxCompTIA CySA Domain 5 Compliance and Assessment.pptx
CompTIA CySA Domain 5 Compliance and Assessment.pptx
Infosectrain3
 
7 Steps To Developing A Cloud Security Plan
7 Steps To Developing A Cloud Security Plan7 Steps To Developing A Cloud Security Plan
7 Steps To Developing A Cloud Security Plan
Envision Technology Advisors
 
Security-Brochure
Security-BrochureSecurity-Brochure
Security-Brochure
Tyler Carlson
 
Security-Brochure
Security-BrochureSecurity-Brochure
Security-Brochure
Prahlad Reddy
 
Enhancing Data Security in Accounting and Bookkeeping Processes.pdf
Enhancing Data Security in Accounting and Bookkeeping Processes.pdfEnhancing Data Security in Accounting and Bookkeeping Processes.pdf
Enhancing Data Security in Accounting and Bookkeeping Processes.pdf
SA Consultants UAE
 
Trofi Security Service Catalogue (1)
Trofi Security Service Catalogue (1)Trofi Security Service Catalogue (1)
Trofi Security Service Catalogue (1)
Michael Trofi Jr. CISSP, CISM, CGEIT
 
Qatar Proposal
Qatar ProposalQatar Proposal
Qatar Proposal
Absar Husain
 
Laser App Conference 2017 - Sid Yenamandra, Entreda
Laser App Conference 2017 - Sid Yenamandra, EntredaLaser App Conference 2017 - Sid Yenamandra, Entreda
Laser App Conference 2017 - Sid Yenamandra, Entreda
Laser App Software
 
Achieving Enterprise Resiliency and Corporate Certification
Achieving Enterprise Resiliency and Corporate CertificationAchieving Enterprise Resiliency and Corporate Certification
Achieving Enterprise Resiliency and Corporate Certification
Thomas Bronack
 
Management of Risk and its integration within ITIL
Management of Risk and its integration within ITILManagement of Risk and its integration within ITIL
Management of Risk and its integration within ITIL
hdoornbos
 
IT WORK SAMPLES
IT WORK SAMPLESIT WORK SAMPLES
IT WORK SAMPLES
Michael F. Kehl
 
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
cyberprosocial
 
vertical in CISA certification and Five Domains are in CISA
vertical in CISA certification and Five Domains are in CISAvertical in CISA certification and Five Domains are in CISA
vertical in CISA certification and Five Domains are in CISA
arjunnegi34
 
Cybersecurity.pdf
Cybersecurity.pdfCybersecurity.pdf
Cybersecurity.pdf
PetaBytz Technologies
 
办(uts毕业证书)悉尼科技大学毕业证学历证书原版一模一样
办(uts毕业证书)悉尼科技大学毕业证学历证书原版一模一样办(uts毕业证书)悉尼科技大学毕业证学历证书原版一模一样
办(uts毕业证书)悉尼科技大学毕业证学历证书原版一模一样
apvysm8
 
Predictably Improve Your B2B Tech Company's Performance by Leveraging Data
Predictably Improve Your B2B Tech Company's Performance by Leveraging DataPredictably Improve Your B2B Tech Company's Performance by Leveraging Data
Predictably Improve Your B2B Tech Company's Performance by Leveraging Data
Kiwi Creative
 

More Related Content

Similar to DDHI Board Report.ppsx

Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Richard Lawson
 
Connection can help keep your business secure!
Connection can help keep your business secure!Connection can help keep your business secure!
Connection can help keep your business secure!
Heather Salmons Newswanger
 
Step by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniStep by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohani
yaseraljohani
 
Step by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniStep by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohani
Yaser Alrefai
 
Cyber and information security operations and assurance
Cyber and information security operations and assurance Cyber and information security operations and assurance
Cyber and information security operations and assurance
EyesOpen Association
 
How to secure your company's financial data in 4 simple steps..pdf
How to secure your company's financial data in 4 simple steps..pdfHow to secure your company's financial data in 4 simple steps..pdf
How to secure your company's financial data in 4 simple steps..pdf
Jose thomas
 
CompTIA CySA Domain 5 Compliance and Assessment.pptx
CompTIA CySA Domain 5 Compliance and Assessment.pptxCompTIA CySA Domain 5 Compliance and Assessment.pptx
CompTIA CySA Domain 5 Compliance and Assessment.pptx
Infosectrain3
 
7 Steps To Developing A Cloud Security Plan
7 Steps To Developing A Cloud Security Plan7 Steps To Developing A Cloud Security Plan
7 Steps To Developing A Cloud Security Plan
Envision Technology Advisors
 
Security-Brochure
Security-BrochureSecurity-Brochure
Security-Brochure
Tyler Carlson
 
Security-Brochure
Security-BrochureSecurity-Brochure
Security-Brochure
Prahlad Reddy
 
Enhancing Data Security in Accounting and Bookkeeping Processes.pdf
Enhancing Data Security in Accounting and Bookkeeping Processes.pdfEnhancing Data Security in Accounting and Bookkeeping Processes.pdf
Enhancing Data Security in Accounting and Bookkeeping Processes.pdf
SA Consultants UAE
 
Trofi Security Service Catalogue (1)
Trofi Security Service Catalogue (1)Trofi Security Service Catalogue (1)
Trofi Security Service Catalogue (1)
Michael Trofi Jr. CISSP, CISM, CGEIT
 
Qatar Proposal
Qatar ProposalQatar Proposal
Qatar Proposal
Absar Husain
 
Laser App Conference 2017 - Sid Yenamandra, Entreda
Laser App Conference 2017 - Sid Yenamandra, EntredaLaser App Conference 2017 - Sid Yenamandra, Entreda
Laser App Conference 2017 - Sid Yenamandra, Entreda
Laser App Software
 
Achieving Enterprise Resiliency and Corporate Certification
Achieving Enterprise Resiliency and Corporate CertificationAchieving Enterprise Resiliency and Corporate Certification
Achieving Enterprise Resiliency and Corporate Certification
Thomas Bronack
 
Management of Risk and its integration within ITIL
Management of Risk and its integration within ITILManagement of Risk and its integration within ITIL
Management of Risk and its integration within ITIL
hdoornbos
 
IT WORK SAMPLES
IT WORK SAMPLESIT WORK SAMPLES
IT WORK SAMPLES
Michael F. Kehl
 
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
cyberprosocial
 
vertical in CISA certification and Five Domains are in CISA
vertical in CISA certification and Five Domains are in CISAvertical in CISA certification and Five Domains are in CISA
vertical in CISA certification and Five Domains are in CISA
arjunnegi34
 
Cybersecurity.pdf
Cybersecurity.pdfCybersecurity.pdf
Cybersecurity.pdf
PetaBytz Technologies
 

Similar to DDHI Board Report.ppsx (20)

Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
 
Connection can help keep your business secure!
Connection can help keep your business secure!Connection can help keep your business secure!
Connection can help keep your business secure!
 
Step by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniStep by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohani
 
Step by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniStep by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohani
 
Cyber and information security operations and assurance
Cyber and information security operations and assurance Cyber and information security operations and assurance
Cyber and information security operations and assurance
 
How to secure your company's financial data in 4 simple steps..pdf
How to secure your company's financial data in 4 simple steps..pdfHow to secure your company's financial data in 4 simple steps..pdf
How to secure your company's financial data in 4 simple steps..pdf
 
CompTIA CySA Domain 5 Compliance and Assessment.pptx
CompTIA CySA Domain 5 Compliance and Assessment.pptxCompTIA CySA Domain 5 Compliance and Assessment.pptx
CompTIA CySA Domain 5 Compliance and Assessment.pptx
 
7 Steps To Developing A Cloud Security Plan
7 Steps To Developing A Cloud Security Plan7 Steps To Developing A Cloud Security Plan
7 Steps To Developing A Cloud Security Plan
 
Security-Brochure
Security-BrochureSecurity-Brochure
Security-Brochure
 
Security-Brochure
Security-BrochureSecurity-Brochure
Security-Brochure
 
Enhancing Data Security in Accounting and Bookkeeping Processes.pdf
Enhancing Data Security in Accounting and Bookkeeping Processes.pdfEnhancing Data Security in Accounting and Bookkeeping Processes.pdf
Enhancing Data Security in Accounting and Bookkeeping Processes.pdf
 
Trofi Security Service Catalogue (1)
Trofi Security Service Catalogue (1)Trofi Security Service Catalogue (1)
Trofi Security Service Catalogue (1)
 
Qatar Proposal
Qatar ProposalQatar Proposal
Qatar Proposal
 
Laser App Conference 2017 - Sid Yenamandra, Entreda
Laser App Conference 2017 - Sid Yenamandra, EntredaLaser App Conference 2017 - Sid Yenamandra, Entreda
Laser App Conference 2017 - Sid Yenamandra, Entreda
 
Achieving Enterprise Resiliency and Corporate Certification
Achieving Enterprise Resiliency and Corporate CertificationAchieving Enterprise Resiliency and Corporate Certification
Achieving Enterprise Resiliency and Corporate Certification
 
Management of Risk and its integration within ITIL
Management of Risk and its integration within ITILManagement of Risk and its integration within ITIL
Management of Risk and its integration within ITIL
 
IT WORK SAMPLES
IT WORK SAMPLESIT WORK SAMPLES
IT WORK SAMPLES
 
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
 
vertical in CISA certification and Five Domains are in CISA
vertical in CISA certification and Five Domains are in CISAvertical in CISA certification and Five Domains are in CISA
vertical in CISA certification and Five Domains are in CISA
 
Cybersecurity.pdf
Cybersecurity.pdfCybersecurity.pdf
Cybersecurity.pdf
 

Recently uploaded

办(uts毕业证书)悉尼科技大学毕业证学历证书原版一模一样
办(uts毕业证书)悉尼科技大学毕业证学历证书原版一模一样办(uts毕业证书)悉尼科技大学毕业证学历证书原版一模一样
办(uts毕业证书)悉尼科技大学毕业证学历证书原版一模一样
apvysm8
 
Predictably Improve Your B2B Tech Company's Performance by Leveraging Data
Predictably Improve Your B2B Tech Company's Performance by Leveraging DataPredictably Improve Your B2B Tech Company's Performance by Leveraging Data
Predictably Improve Your B2B Tech Company's Performance by Leveraging Data
Kiwi Creative
 
A presentation that explain the Power BI Licensing
A presentation that explain the Power BI LicensingA presentation that explain the Power BI Licensing
A presentation that explain the Power BI Licensing
AlessioFois2
 
Monthly Management report for the Month of May 2024
Monthly Management report for the Month of May 2024Monthly Management report for the Month of May 2024
Monthly Management report for the Month of May 2024
facilitymanager11
 
一比一原版巴斯大学毕业证(Bath毕业证书)学历如何办理
一比一原版巴斯大学毕业证(Bath毕业证书)学历如何办理一比一原版巴斯大学毕业证(Bath毕业证书)学历如何办理
一比一原版巴斯大学毕业证(Bath毕业证书)学历如何办理
y3i0qsdzb
 
一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理
一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理
一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理
nuttdpt
 
writing report business partner b1+ .pdf
writing report business partner b1+ .pdfwriting report business partner b1+ .pdf
writing report business partner b1+ .pdf
VyNguyen709676
 
一比一原版(harvard毕业证书)哈佛大学毕业证如何办理
一比一原版(harvard毕业证书)哈佛大学毕业证如何办理一比一原版(harvard毕业证书)哈佛大学毕业证如何办理
一比一原版(harvard毕业证书)哈佛大学毕业证如何办理
taqyea
 
一比一原版(CU毕业证)卡尔顿大学毕业证如何办理
一比一原版(CU毕业证)卡尔顿大学毕业证如何办理一比一原版(CU毕业证)卡尔顿大学毕业证如何办理
一比一原版(CU毕业证)卡尔顿大学毕业证如何办理
bmucuha
 
一比一原版(UMN文凭证书)明尼苏达大学毕业证如何办理
一比一原版(UMN文凭证书)明尼苏达大学毕业证如何办理一比一原版(UMN文凭证书)明尼苏达大学毕业证如何办理
一比一原版(UMN文凭证书)明尼苏达大学毕业证如何办理
nyfuhyz
 
Open Source Contributions to Postgres: The Basics POSETTE 2024
Open Source Contributions to Postgres: The Basics POSETTE 2024Open Source Contributions to Postgres: The Basics POSETTE 2024
Open Source Contributions to Postgres: The Basics POSETTE 2024
ElizabethGarrettChri
 
原版一比一弗林德斯大学毕业证(Flinders毕业证书)如何办理
原版一比一弗林德斯大学毕业证(Flinders毕业证书)如何办理原版一比一弗林德斯大学毕业证(Flinders毕业证书)如何办理
原版一比一弗林德斯大学毕业证(Flinders毕业证书)如何办理
a9qfiubqu
 
原版一比一利兹贝克特大学毕业证(LeedsBeckett毕业证书)如何办理
原版一比一利兹贝克特大学毕业证(LeedsBeckett毕业证书)如何办理原版一比一利兹贝克特大学毕业证(LeedsBeckett毕业证书)如何办理
原版一比一利兹贝克特大学毕业证(LeedsBeckett毕业证书)如何办理
wyddcwye1
 
Module 1 ppt BIG DATA ANALYTICS_NOTES FOR MCA
Module 1 ppt BIG DATA ANALYTICS_NOTES FOR MCAModule 1 ppt BIG DATA ANALYTICS_NOTES FOR MCA
Module 1 ppt BIG DATA ANALYTICS_NOTES FOR MCA
yuvarajkumar334
 
DSSML24_tspann_CodelessGenerativeAIPipelines
DSSML24_tspann_CodelessGenerativeAIPipelinesDSSML24_tspann_CodelessGenerativeAIPipelines
DSSML24_tspann_CodelessGenerativeAIPipelines
Timothy Spann
 
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
v7oacc3l
 
一比一原版(Unimelb毕业证书)墨尔本大学毕业证如何办理
一比一原版(Unimelb毕业证书)墨尔本大学毕业证如何办理一比一原版(Unimelb毕业证书)墨尔本大学毕业证如何办理
一比一原版(Unimelb毕业证书)墨尔本大学毕业证如何办理
xclpvhuk
 
一比一原版(UO毕业证)渥太华大学毕业证如何办理
一比一原版(UO毕业证)渥太华大学毕业证如何办理一比一原版(UO毕业证)渥太华大学毕业证如何办理
一比一原版(UO毕业证)渥太华大学毕业证如何办理
aqzctr7x
 
Palo Alto Cortex XDR presentation .......
Palo Alto Cortex XDR presentation .......Palo Alto Cortex XDR presentation .......
Palo Alto Cortex XDR presentation .......
Sachin Paul
 
一比一原版(UO毕业证)渥太华大学毕业证如何办理
一比一原版(UO毕业证)渥太华大学毕业证如何办理一比一原版(UO毕业证)渥太华大学毕业证如何办理
一比一原版(UO毕业证)渥太华大学毕业证如何办理
bmucuha
 

Recently uploaded (20)

办(uts毕业证书)悉尼科技大学毕业证学历证书原版一模一样
办(uts毕业证书)悉尼科技大学毕业证学历证书原版一模一样办(uts毕业证书)悉尼科技大学毕业证学历证书原版一模一样
办(uts毕业证书)悉尼科技大学毕业证学历证书原版一模一样
 
Predictably Improve Your B2B Tech Company's Performance by Leveraging Data
Predictably Improve Your B2B Tech Company's Performance by Leveraging DataPredictably Improve Your B2B Tech Company's Performance by Leveraging Data
Predictably Improve Your B2B Tech Company's Performance by Leveraging Data
 
A presentation that explain the Power BI Licensing
A presentation that explain the Power BI LicensingA presentation that explain the Power BI Licensing
A presentation that explain the Power BI Licensing
 
Monthly Management report for the Month of May 2024
Monthly Management report for the Month of May 2024Monthly Management report for the Month of May 2024
Monthly Management report for the Month of May 2024
 
一比一原版巴斯大学毕业证(Bath毕业证书)学历如何办理
一比一原版巴斯大学毕业证(Bath毕业证书)学历如何办理一比一原版巴斯大学毕业证(Bath毕业证书)学历如何办理
一比一原版巴斯大学毕业证(Bath毕业证书)学历如何办理
 
一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理
一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理
一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理
 
writing report business partner b1+ .pdf
writing report business partner b1+ .pdfwriting report business partner b1+ .pdf
writing report business partner b1+ .pdf
 
一比一原版(harvard毕业证书)哈佛大学毕业证如何办理
一比一原版(harvard毕业证书)哈佛大学毕业证如何办理一比一原版(harvard毕业证书)哈佛大学毕业证如何办理
一比一原版(harvard毕业证书)哈佛大学毕业证如何办理
 
一比一原版(CU毕业证)卡尔顿大学毕业证如何办理
一比一原版(CU毕业证)卡尔顿大学毕业证如何办理一比一原版(CU毕业证)卡尔顿大学毕业证如何办理
一比一原版(CU毕业证)卡尔顿大学毕业证如何办理
 
一比一原版(UMN文凭证书)明尼苏达大学毕业证如何办理
一比一原版(UMN文凭证书)明尼苏达大学毕业证如何办理一比一原版(UMN文凭证书)明尼苏达大学毕业证如何办理
一比一原版(UMN文凭证书)明尼苏达大学毕业证如何办理
 
Open Source Contributions to Postgres: The Basics POSETTE 2024
Open Source Contributions to Postgres: The Basics POSETTE 2024Open Source Contributions to Postgres: The Basics POSETTE 2024
Open Source Contributions to Postgres: The Basics POSETTE 2024
 
原版一比一弗林德斯大学毕业证(Flinders毕业证书)如何办理
原版一比一弗林德斯大学毕业证(Flinders毕业证书)如何办理原版一比一弗林德斯大学毕业证(Flinders毕业证书)如何办理
原版一比一弗林德斯大学毕业证(Flinders毕业证书)如何办理
 
原版一比一利兹贝克特大学毕业证(LeedsBeckett毕业证书)如何办理
原版一比一利兹贝克特大学毕业证(LeedsBeckett毕业证书)如何办理原版一比一利兹贝克特大学毕业证(LeedsBeckett毕业证书)如何办理
原版一比一利兹贝克特大学毕业证(LeedsBeckett毕业证书)如何办理
 
Module 1 ppt BIG DATA ANALYTICS_NOTES FOR MCA
Module 1 ppt BIG DATA ANALYTICS_NOTES FOR MCAModule 1 ppt BIG DATA ANALYTICS_NOTES FOR MCA
Module 1 ppt BIG DATA ANALYTICS_NOTES FOR MCA
 
DSSML24_tspann_CodelessGenerativeAIPipelines
DSSML24_tspann_CodelessGenerativeAIPipelinesDSSML24_tspann_CodelessGenerativeAIPipelines
DSSML24_tspann_CodelessGenerativeAIPipelines
 
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
 
一比一原版(Unimelb毕业证书)墨尔本大学毕业证如何办理
一比一原版(Unimelb毕业证书)墨尔本大学毕业证如何办理一比一原版(Unimelb毕业证书)墨尔本大学毕业证如何办理
一比一原版(Unimelb毕业证书)墨尔本大学毕业证如何办理
 
一比一原版(UO毕业证)渥太华大学毕业证如何办理
一比一原版(UO毕业证)渥太华大学毕业证如何办理一比一原版(UO毕业证)渥太华大学毕业证如何办理
一比一原版(UO毕业证)渥太华大学毕业证如何办理
 
Palo Alto Cortex XDR presentation .......
Palo Alto Cortex XDR presentation .......Palo Alto Cortex XDR presentation .......
Palo Alto Cortex XDR presentation .......
 
一比一原版(UO毕业证)渥太华大学毕业证如何办理
一比一原版(UO毕业证)渥太华大学毕业证如何办理一比一原版(UO毕业证)渥太华大学毕业证如何办理
一比一原版(UO毕业证)渥太华大学毕业证如何办理
 

DDHI Board Report.ppsx

  • 1. DIAMOND HANDS HOLDINGS INC. (DHHI) B O A R D R E P O R T Lauren Campbell CYBR 7930 Dr. Mattord Summer 2023
  • 2. Introduction Diamond Hands Holdings Inc. offers multiple customers with different services in the realm of information technology. Because they offer services in the realm of information technology, a continuous effort regarding the evaluation, protection, and service must be a priority for the company. The Security Services Plan (SSD) created for Diamond Hands Holdings Inc. covered all three racks in the Appendix B Asset Inventory. Because the DDHI Secured Server Data Center consists of different departments and uses different sources to perform day to day operations for the company, I had to deeply analyze each area. The receiver of service, frequency, justification, expenditure, and cost recovery for each service in the directory are crucial to the operations design needed to protect the organization’s assets and risks. The purpose of this Security Operations Design is to provide the customers of Diamond Hands Holding, Inc. (DHHI) with a comprehensive list of all security operations deliverables and the improvement of how they operate in using the platform. Threats to information and data are constantly occurring, and it is crucial that DHHI follows this plan to protect the company, the stakeholders, and all customers. 2
  • 3. INTENDED AUDIENCE BOARD MEMBERS CEO SHAREHOLDER SHAREHOLDER EXECUTIVE BOARD MEMBER 3
  • 4. AGENDA Projected Revenue Current Security Operations Intended Security Operations Budget Improvement Program Summary & Questions 4
  • 5. Projected Revenue $150 MILLION • We project to continue to grow this number as our strategic plans are put into place. The budget allocation of only $50,000 to start our plans includes recruitment costs, training expenses, consultant fees, technology investments, and other relevant expenditures. Our appropriate resource allocation and implementation of all projects will only increase the revenue of DHHI.
  • 6. Current Security Operations Contingency Planning, Incident Response, and Discovery Recovery Contingency planning involves the preparing for potential disruptions, disasters, or unforeseen events that could impact the normal operations of an organization. The Incident response is the process of effectively handling and managing security incidents or breaches when they occur. Disaster recovery focuses on restoring the organization's IT infrastructure and systems after a significant disruptive event, such as a natural disaster, hardware failure, or cyber-attack, that causes widespread system outages or data loss. DHHI has an established plan that incorporates all the above areas to ensure the integrity and confidentiality of the company. Encryption Encryption is the process of converting data into a coded form known as ciphertext and making it unintelligible to unauthorized users. This is essential for companies to have as it helps them protect sensitive information and ensure data confidentiality. DHHI has implement many solutions and detection services that detect and handle files that come in that are malware. Other Operations: Antivirus, Authentication Applications, Email and Messaging Use, Ethics Policy, and Firewall
  • 7. Intended Security Operations Risk Management DHHI should assess the risk management of their infrastructure so they can assess the protentional threats, assists, vulnerability, and controls of the information systems they are using and compare it to the occurrence of certain threats they are at risk of. Risk management is the process of identifying, assessing, and prioritizing risks to an organization and then taking the appropriate actions to mitigate or manage those risks effectively. It involves understanding potential threats and vulnerabilities, evaluating the potential impact of risks, and implementing strategies to reduce or eliminate them. Physical and Environmental Security • Physical and environmental security focuses on protecting an organization's physical assets, facilities, and the surrounding environment from unauthorized access, damage, and disruptions. It involves implementing measures to secure the physical premises, equipment, data centers, and other critical infrastructure components. DHHI should make sure their server rooms are secured to only people who should be able to enter. They should hire security to protect the physical office, as well as a virtual security system that looks out for breaches and attacks. Camera, motion detectors, and security alarms are also very important features to be added. Compliance & Regulatory • Compliance and Regulatory compliance consists of multiple audits and assessment being performed to ensure the company and its staff members are staying up to date on all laws, regulations, and certification measures.
  • 8. • Vulnerability Management • Create management team • Assess vulnerabilities and risk • Security Awareness and Training • Monitoring and Review • Application Security • Securing development practices • Creating a team to handle data encryption • Securing and assessing data • Access Control and Provisioning • Implement Single Sign on and Multi- factor authentication • Create a training program and access provision team • Analyze patch and vulnerability management 1.Physical and Environmental Security • Gain security • Purchase cameras, motion detectors, and security alarms • Development policies and procedures • Create training classes for employees • Threat Detection & Intelligence Develop threat intelligence prosecutes • Threat intelligence gathering and analysis • Monitoring, analysis, and adaption • Incidence Response • Threat detection and intelligence • Create a team that can understand the nature of the attack • Identify affected systems and create plan to mitigate the damage • Disaster Recovery • Develop disaster recovery team • Create playbook, testing, and exercise plans • Create strategies and procedures • Risk Management • Assess risks • Complete risk assessment • Document and treat risk areas
  • 10. Improvement Program Subtitle • Open the Design Ideas pane for instant slide makeovers. • When we have design ideas, we’ll show them to you right there. The improvement program shows a breakdown over the next 5 years that analyzes which areas need to be improved upon. In each area the operations team will need to track the occurrences, the effects, ownership, resource estimates, due dates, completion, and status. In the span of five years, there should be a decrease in risk in the areas we are worried about in terms of security and compliance.
  • 11. Summary The DDHI Security Operations Plan covers every area DHHI should consider mitigating risks, prevent breaches, reduce threats to information assets, reduce downtime/recovery time and data loss, and ensure compliance at all levels. The approach is created with the intent and understanding of DHHI’s services and information systems. The services are intended to protect the company, employees, clients, and stakeholders. Implementing these facilities will reduce risk, reduce overhead, reduce time, and act as an aid in the recovery and planning of potential attacks that could occur. The cyber security, physical security, and digital security DHHI and the implementation of the above services is critical and crucial to providing a secure environment to DHHI’s staff, contractors, vendors, and clients. These services will contribute to the feeling 11
  • 12. THANK YOU Lauren Campbell Questions? You can reach me at Lcampb45@students.kennesaw.edu 12