Global Cybersecurity Environment Report
Abstract
CMP 620 5041 Cybersecurity Governance
Table of Contents
Introduction....................................................................................................................................3
Analyze Global Approaches to Cybersecurity............................................................................3
Analyze critical issues in global cybersecurity management and policy....................................3
Analyze critical issues in global cybersecurity technology policy..............................................4
Analyze the principles of warfare that underpin cyberwarfare theory and application..............4
International Cybersecurity Threat Matrix................................................................................5
Threat Matrix...............................................................................................................................5
Compare and contrast international cybersecurity standards bodies.........................................8
International Environmental Scan...............................................................................................9
Environmental Scan: Africa.........................................................................................................9
Identify key initiatives in international cybersecurity policy.....................................................10
Regional Cybersecurity Threat Fact Sheet................................................................................11
Africa Fact Sheet........................................................................................................................11
Assess cybersecurity policies and procedures for transnational legal compliance...................13
Assess and critique cybersecurity programs..............................................................................14
Assess the cross-cutting effects of policy, budget, and technological capabilities upon the
ability to address cyberthreats at the enterprise, national, and international levels................15
Assess policy and technology trade-offs that must be considered and made when addressing
cyberthreats at the enterprise, national, and international levels.............................................15
Assess and critique cybersecurity programs..............................................................................16
Botnet Evaluation........................................................................................................................16
Evaluation of Botnets.................................................................................................................16
Botnet Key Features...............................................................................................................16
Issues associated with Botnets............................................................................ ...
REPORT Risk Nexus - Global Cyber Governance: Preparing for New Business Risks ESADE
The process of globalization, the emergence of new powers, and the increasing relevance of non-state actors are creating a multipolar and interconnected world. In the international arena, political and ideological diversity among the most relevant parties, diffusion of power, and the impact of changing global economics have added complexity to the geopolitical landscape. Businesses now operate in a much more difficult, heterogeneous environment.
This publication has been prepared by Zurich Insurance Group Ltd and ESADE.
Section 1: Emerging technologies will fundamentally change the nature of cyber risk.
Section 2: An inadequate global cyber governance framework.
Section 3: Toward a new governance framework: challenges and opportunities.
International Cybersecurity Threat MatrixCountryCyb.docxvrickens
International Cybersecurity Threat Matrix
Country:
Cyber Culture
(i.e., How does the country view cyber threats? Is this consistent with the general country culture?)
Cybersecurity Threats
Cyber Legal Perspective/Cyber Economic Perspective
Response to Cyberterrorism/Recruiting
Country:
Cyber Culture
(i.e., How does the country view cyber threats? Is this consistent with the general country culture?)
Cybersecurity Threats
Cyber Legal Perspective/Cyber Economic Perspective
Response to Cyberterrorism/Recruiting
Country:
Cyber Culture
(i.e., How does the country view cyber threats? Is this consistent with the general country culture?)
Cybersecurity Threats
Cyber Legal Perspective/Cyber Economic Perspective
Response to Cyberterrorism/Recruiting
International Cybersecurity Environmental Scan Template
Country: _________________________
A. What are some unique characteristics of the country’s culture that make cyberspace issues more challenging?
B. If you projected forward into the next decade, what things do you think will change?
C. What could be the catalyst(s) for change?
D. From an economic perspective, is there a possibility that the country will take a different approach with regard to cyberspace than it has in the past?
E. From the criminality perspective, does the country do enough in the cyberspace area?
F. What changes would you suggest if you were the US ambassador to these countries?
G. Describe and discuss the potential impact of your recommendations.
Global Approaches to Cybersecurity
Instructions for Final Report
Review the work you have done throughout the project. If necessary, review the eLearning modules in steps 6 and 9 and your Simtray Report completed in Step 3 along with the feedback from your instructor.
Be sure to address the following items at some point in your report.
· Analyze critical issues in global cybersecurity management and policy.
· Analyze critical issues in global cybersecurity technology policy.
· Analyze the principles of warfare that underpin cyberwarfare theory and application.
· Assess cybersecurity policies and procedures for transnational legal compliance.
· Compare and contrast international cybersecurity standards bodies.
· Identify key initiatives in international cybersecurity policy.
· Assess the cross-cutting effects of policy, budget, and technological capabilities upon the ability to address cyberthreats at the enterprise, national, and international levels.
· Assess policy and technology trade-offs that must be considered and made when addressing cyberthreats at the enterprise, national, and international levels.
· Assess and critique cybersecurity programs.
· Assess emerging cybersecurity issues, risks, and vulnerabilities.
· Assess key cyberattack technologies.
· Assess how the theories and principles of war apply to cyberwarfare, and apply those theories to understand cyberoffense and cyberdefense challe ...
A SYSTEMATIC REVIEW ON MACHINE LEARNING INSIDER THREAT DETECTION MODELS, DATA...IJNSA Journal
Computers are crucial instruments providing a competitive edge to organizations that have adopted them. Their pervasive presence has presented a novel challenge to information security, specifically threats emanating from privileged employees. Various solutions have been tried to address the vice, but no exhaustive solution has been found. Due to their elusive nature, proactive strategies have been proposed of which detection using Machine Learning models has been favoured. The choice of algorithm, datasets and metrics are cornerstones of model performance and hence, need to be addressed. Although multiple studies on ML for insider threat detection have been done, none has provided a comprehensive analysis of algorithms, datasets and metrics for development of Insider Threat Detection models. This study conducts a comprehensive systematic literature review using reputable databases to answer the research questions posed. Search strings, inclusion and exclusion criteria were set for eligibility of articles published in the last decade.
IMPROVE SECURITY IN SMART CITIES BASED ON IOT, SOLVE CYBER ELECTRONIC ATTACKS...IJNSA Journal
Smart cities are expected to significantly improve people's quality of life, promote sustainable development, and enhance the efficiency of operations. With the implementation of many smart devices, c problems have become a serious challenge that needs strong treatments, especially the cyber-attack, which most countries suffer from it.
My study focuses on the security of smart city systems, which include equipment like air conditioning, alarm systems, lighting, and doors. Some of the difficulties that arise daily may be found in the garage. This research aims to come up with a simulation of smart devices that can be and reduce cyber attach. Use of Cisco Packet tracer Features Simulated smart home and c devices are monitored. Simulation results show that smart objects can be connected to the home portal and objects can be successfullymonitored which leads to the idea of real-life implementation and see. In my research make manysolutions for attachingissues,which was great, and apply some wirelessprotocol.
Information Sharing of Cyber Threat Intelligence with their Issue and Challengesijtsrd
Today threat landscape growing at the rapid rate with much organization continuously face complex and malicious cyber threats. In today's Internet connected world where technologies support almost every feature of our society, cyber security and forensic specialists are increasingly distributing with wide ranging cyber threats in almost. real time conditions. The capability to detect, analyze, and defend against such threats in near real time conditions is not possible without the employment of threat intelligence, big data, and machine learning techniques. Cyber Threat Intelligence CTI has become a hot topic and being under consideration for many organizations to counter the rise of cyber attacks. The vast majority of information security challenges we face today are the result of serendipitous and naive decisions made in the early stages of the Internet. Khin Myat Nwe Win | Yin Myo Kay Khine Thaw "Information Sharing of Cyber Threat Intelligence with their Issue and Challenges" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-5 , August 2019, URL: https://www.ijtsrd.com/papers/ijtsrd26504.pdfPaper URL: https://www.ijtsrd.com/computer-science/computer-security/26504/information-sharing-of-cyber-threat-intelligence-with-their-issue-and-challenges/khin-myat-nwe-win
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxbagotjesusa
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INFORMATION SYSTEMS 1
Security and safety of the power grid and its related computer information systems
Name of the student:
Name of the institution:
There have been increased use and application of information and communication technologies in most of critical infrastructures and departments of the government. They have proved to be fundamentally significant in helping the various departments to carry out their daily activities with a lot of ease and proficiency. However, these systems have also opened quite a considerable unforeseen opportunity both positive and negative. The infrastructures have become highly efficient and flexible and this has been very beneficial to the people. On the other hand, there have been persistent problems with cybercrimes and hackers who have outsmarted the government and the set securities protocols every now and then. This has made the state lose billions of dollars in a theft of its secrets and high-level information. In this case, it is right to analyze all the general impacts that can be put in place to prevent cybercrimes as well as threats. It is hence important to validate all the necessary measures that need to be put in place in every organization. The paper will hence give recommendations that can help the named organization solve the issues mentioned.
To address this issue, proper precautions needs to be put in place. The government has to demonstrate preparedness in combating this crime both in terms of systems put in place and also the legal jurisprudence (Higgins, 2016). The US power grid system is an interconnected system that is made up of power generation, transmissions software, and its distribution with a capacity to bring down the whole economy if not well protected. The nation's department of defense (DoD) is one of the most critical and sensitive institutions that can paralyze the state if tampered with by unscrupulous individuals. The situation is even worse if there is an advanced persistent threat (APT) against computers and software that operates the western interconnection power grid. This needs an urgent measure to remove the threat immediately and avoid its reoccurrence. We recommend the following security and safety of the power grid and its related computer information systems are taken by the concerned departments:
a. Creation of a special branch that is specifically dedicated to cyber security
It is high time for the government to come up with a special branch of the military personnel that will be dedicated to fighting cybercrimes (Higgins, 2016). Its main function will be to detect cybercrime activities, to develop mechanisms to prevent cybercrimes, apprehend, arrest and align cyber criminals in a court of law.
b. Creation of special court to determine cybercrime cases
Security and safety of the power grid and its related computer information systems and those crimes associated w.
REPORT Risk Nexus - Global Cyber Governance: Preparing for New Business Risks ESADE
The process of globalization, the emergence of new powers, and the increasing relevance of non-state actors are creating a multipolar and interconnected world. In the international arena, political and ideological diversity among the most relevant parties, diffusion of power, and the impact of changing global economics have added complexity to the geopolitical landscape. Businesses now operate in a much more difficult, heterogeneous environment.
This publication has been prepared by Zurich Insurance Group Ltd and ESADE.
Section 1: Emerging technologies will fundamentally change the nature of cyber risk.
Section 2: An inadequate global cyber governance framework.
Section 3: Toward a new governance framework: challenges and opportunities.
International Cybersecurity Threat MatrixCountryCyb.docxvrickens
International Cybersecurity Threat Matrix
Country:
Cyber Culture
(i.e., How does the country view cyber threats? Is this consistent with the general country culture?)
Cybersecurity Threats
Cyber Legal Perspective/Cyber Economic Perspective
Response to Cyberterrorism/Recruiting
Country:
Cyber Culture
(i.e., How does the country view cyber threats? Is this consistent with the general country culture?)
Cybersecurity Threats
Cyber Legal Perspective/Cyber Economic Perspective
Response to Cyberterrorism/Recruiting
Country:
Cyber Culture
(i.e., How does the country view cyber threats? Is this consistent with the general country culture?)
Cybersecurity Threats
Cyber Legal Perspective/Cyber Economic Perspective
Response to Cyberterrorism/Recruiting
International Cybersecurity Environmental Scan Template
Country: _________________________
A. What are some unique characteristics of the country’s culture that make cyberspace issues more challenging?
B. If you projected forward into the next decade, what things do you think will change?
C. What could be the catalyst(s) for change?
D. From an economic perspective, is there a possibility that the country will take a different approach with regard to cyberspace than it has in the past?
E. From the criminality perspective, does the country do enough in the cyberspace area?
F. What changes would you suggest if you were the US ambassador to these countries?
G. Describe and discuss the potential impact of your recommendations.
Global Approaches to Cybersecurity
Instructions for Final Report
Review the work you have done throughout the project. If necessary, review the eLearning modules in steps 6 and 9 and your Simtray Report completed in Step 3 along with the feedback from your instructor.
Be sure to address the following items at some point in your report.
· Analyze critical issues in global cybersecurity management and policy.
· Analyze critical issues in global cybersecurity technology policy.
· Analyze the principles of warfare that underpin cyberwarfare theory and application.
· Assess cybersecurity policies and procedures for transnational legal compliance.
· Compare and contrast international cybersecurity standards bodies.
· Identify key initiatives in international cybersecurity policy.
· Assess the cross-cutting effects of policy, budget, and technological capabilities upon the ability to address cyberthreats at the enterprise, national, and international levels.
· Assess policy and technology trade-offs that must be considered and made when addressing cyberthreats at the enterprise, national, and international levels.
· Assess and critique cybersecurity programs.
· Assess emerging cybersecurity issues, risks, and vulnerabilities.
· Assess key cyberattack technologies.
· Assess how the theories and principles of war apply to cyberwarfare, and apply those theories to understand cyberoffense and cyberdefense challe ...
A SYSTEMATIC REVIEW ON MACHINE LEARNING INSIDER THREAT DETECTION MODELS, DATA...IJNSA Journal
Computers are crucial instruments providing a competitive edge to organizations that have adopted them. Their pervasive presence has presented a novel challenge to information security, specifically threats emanating from privileged employees. Various solutions have been tried to address the vice, but no exhaustive solution has been found. Due to their elusive nature, proactive strategies have been proposed of which detection using Machine Learning models has been favoured. The choice of algorithm, datasets and metrics are cornerstones of model performance and hence, need to be addressed. Although multiple studies on ML for insider threat detection have been done, none has provided a comprehensive analysis of algorithms, datasets and metrics for development of Insider Threat Detection models. This study conducts a comprehensive systematic literature review using reputable databases to answer the research questions posed. Search strings, inclusion and exclusion criteria were set for eligibility of articles published in the last decade.
IMPROVE SECURITY IN SMART CITIES BASED ON IOT, SOLVE CYBER ELECTRONIC ATTACKS...IJNSA Journal
Smart cities are expected to significantly improve people's quality of life, promote sustainable development, and enhance the efficiency of operations. With the implementation of many smart devices, c problems have become a serious challenge that needs strong treatments, especially the cyber-attack, which most countries suffer from it.
My study focuses on the security of smart city systems, which include equipment like air conditioning, alarm systems, lighting, and doors. Some of the difficulties that arise daily may be found in the garage. This research aims to come up with a simulation of smart devices that can be and reduce cyber attach. Use of Cisco Packet tracer Features Simulated smart home and c devices are monitored. Simulation results show that smart objects can be connected to the home portal and objects can be successfullymonitored which leads to the idea of real-life implementation and see. In my research make manysolutions for attachingissues,which was great, and apply some wirelessprotocol.
Information Sharing of Cyber Threat Intelligence with their Issue and Challengesijtsrd
Today threat landscape growing at the rapid rate with much organization continuously face complex and malicious cyber threats. In today's Internet connected world where technologies support almost every feature of our society, cyber security and forensic specialists are increasingly distributing with wide ranging cyber threats in almost. real time conditions. The capability to detect, analyze, and defend against such threats in near real time conditions is not possible without the employment of threat intelligence, big data, and machine learning techniques. Cyber Threat Intelligence CTI has become a hot topic and being under consideration for many organizations to counter the rise of cyber attacks. The vast majority of information security challenges we face today are the result of serendipitous and naive decisions made in the early stages of the Internet. Khin Myat Nwe Win | Yin Myo Kay Khine Thaw "Information Sharing of Cyber Threat Intelligence with their Issue and Challenges" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-5 , August 2019, URL: https://www.ijtsrd.com/papers/ijtsrd26504.pdfPaper URL: https://www.ijtsrd.com/computer-science/computer-security/26504/information-sharing-of-cyber-threat-intelligence-with-their-issue-and-challenges/khin-myat-nwe-win
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxbagotjesusa
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INFORMATION SYSTEMS 1
Security and safety of the power grid and its related computer information systems
Name of the student:
Name of the institution:
There have been increased use and application of information and communication technologies in most of critical infrastructures and departments of the government. They have proved to be fundamentally significant in helping the various departments to carry out their daily activities with a lot of ease and proficiency. However, these systems have also opened quite a considerable unforeseen opportunity both positive and negative. The infrastructures have become highly efficient and flexible and this has been very beneficial to the people. On the other hand, there have been persistent problems with cybercrimes and hackers who have outsmarted the government and the set securities protocols every now and then. This has made the state lose billions of dollars in a theft of its secrets and high-level information. In this case, it is right to analyze all the general impacts that can be put in place to prevent cybercrimes as well as threats. It is hence important to validate all the necessary measures that need to be put in place in every organization. The paper will hence give recommendations that can help the named organization solve the issues mentioned.
To address this issue, proper precautions needs to be put in place. The government has to demonstrate preparedness in combating this crime both in terms of systems put in place and also the legal jurisprudence (Higgins, 2016). The US power grid system is an interconnected system that is made up of power generation, transmissions software, and its distribution with a capacity to bring down the whole economy if not well protected. The nation's department of defense (DoD) is one of the most critical and sensitive institutions that can paralyze the state if tampered with by unscrupulous individuals. The situation is even worse if there is an advanced persistent threat (APT) against computers and software that operates the western interconnection power grid. This needs an urgent measure to remove the threat immediately and avoid its reoccurrence. We recommend the following security and safety of the power grid and its related computer information systems are taken by the concerned departments:
a. Creation of a special branch that is specifically dedicated to cyber security
It is high time for the government to come up with a special branch of the military personnel that will be dedicated to fighting cybercrimes (Higgins, 2016). Its main function will be to detect cybercrime activities, to develop mechanisms to prevent cybercrimes, apprehend, arrest and align cyber criminals in a court of law.
b. Creation of special court to determine cybercrime cases
Security and safety of the power grid and its related computer information systems and those crimes associated w.
An Analytical Study on Attacks and Threats in Cyber Security and its Evolving...ijtsrd
In today’s dynamic and technologically advanced world, the Internet has become one of the most innovative and rapidly growing technologies. With its rise, it has also become vulnerable to a significant increase in occurrences of cyber attacks, with detrimental effects. Typically, these cyber attacks are targeted at accessing, manipulating, or damaging confidential data, extracting users money, or extorting an organization’s or user’s private information. Sensitive information, whether intellectual property, financial data, confidential information, or other forms of private data are exposed to unauthorized access or disclosure, which can have adverse consequences. Protecting data has become one of the greatest obstacles today as cyber attacks are constantly escalating. Along with the growth of internet services and the advancement of information technology, the importance of cybersecurity is crucial. Cybersecurity aims to ensure that the security interests of the company and users assets are protected and preserved against relevant cyber threats in the digital world. The data and confidentiality of computing assets pertaining to the network of an organization are protected by cybersecurity. This paper mainly focuses on threats and issues in cybersecurity facing modern technologies. It also focuses on the latest cybersecurity strategies and developments that are transforming the face of cybersecurity. Omkar Veerendra Nikhal "An Analytical Study on Attacks and Threats in Cyber Security and its Evolving Trends on Modern Technologies" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-1 , December 2020, URL: https://www.ijtsrd.com/papers/ijtsrd38195.pdf Paper URL : https://www.ijtsrd.com/computer-science/computer-security/38195/an-analytical-study-on-attacks-and-threats-in-cyber-security-and-its-evolving-trends-on-modern-technologies/omkar-veerendra-nikhal
6APPLYING GENEVA CONVENTION STRATEGIES TOWARDS ACCOMPL.docxalinainglis
6
APPLYING GENEVA CONVENTION STRATEGIES TOWARDS ACCOMPLISHING CYBER PEACE
December 17, 2017
INTRODUCTION
The emergence of technology and its steady advancement has greatly impacted aspects of individuals, business, and institutional activities. The discovery technology has been felt in different aspects of the economy one notable impact is cyberspace – "a notional environment under which communication occurs with the use of computer networks and systems." [footnoteRef:1] Cyberspace, which is as a result of the internet, an element of technology, has seen information sharing take place, millions of money being transacted over computer networks, business deals struck and much more. All these benefits of cyberspace have attracted criminal, known in the cyber world as cybercriminals, who have, and continue to negatively impact the use of the internet in a variety of creative and innovative ways. There also have been rising cases of cyber warfare between countries that have been causing major worries among global cybersecurity professionals. In an attempt to minimize and solve the issues cyber threats and cybercrimes, several studies have been conducted to discover and create ways of curbing the problem. However, a majority of these studies have failed to acknowledge that the problem has gone global.[footnoteRef:2] However, no studies have been conducted on how to settle for cyber peace by incorporating Geneva convention to creating a treaty specifically for cyberspace. Therefore, the paper will explore how to achieve peace in the cyberspace by exploring the possibilities of treaties on cyberspace by Geneva convention. [1: David Smahel and Kristian Daneback, "Editorial: Researching Bright And Dark Sides Of The Cyberspace," Cyberpsychology: Journal of Psychosocial Research on Cyberspace 7, no. 3 (2013).] [2: Filippo PARODI, "The Concept Of Cybercrime And Online Threats Analysis," International Journal of Information Security and Cybercrime 2, no. 1 (2013): 59-66.]
Statement of the Problem
The growth of cyberspace due to the effect of globalization has turned cybercrime and cyber attacks to one of the major talked about concerns across the globe. Cybercrimes has evolved to become a form of terrorism with major security agencies and institutions such as Homeland Security being victims of the attack. With such agencies with an immeasurable amount of security system and responsible for the safety of people and resources being non-immune to such attacks puts enterprises and individuals at a greater risk. Consequently, cyberspace has seen countries attack each other over computer networks. The severity of the problem has proven other measures such as confronting cyber attackers ineffective thus the need to change the strategies employed to solve the problem. The worst part is that close to 74% of global business expected to be hacked each year with estimations of economic losses amounting to cybercrimes totaling to $3 trillion by the year.
A presentation to the 2019 meeting of the Global Forum on Cyber Expertise (GFCE) in Addis Ababa, October 2019, entitled 'The Shaping and Impacts of Cyber Security Capacity'. The slides are updated since the conference to reflect revised multivariate path analyses.
State Management Mechanisms for the Exchange of Information Regarding Cyberat...Igor Britchenko
The main purpose of the study is to determine the key aspects of the mechanisms of state management of the exchange of information about cyberattacks, cyber incidents, and information security incidents. The methodology includes a set of theoretical methods. Modern government, on the one hand, must take into account the emergence of such a new weapon as cyber, which can break various information systems, can be used in hybrid wars, influence political events, pose a threat to the national security of any state. As a result of the study, key elements of the mechanisms of state management of the exchange of information about cyberattacks, cyber incidents, and information security incidents were identified.
A Study of Cyber Security Threats, Challenges in Different Fields and its Pro...ssuser793b4e
This paper reviewed the implications, challenges and the effects of cybercrimes and cybersecurity in the society. It fully defined cybersecurity based on governmental and national view, industrial view and academic view. From this it was concluded that cyber security and cyber-attack is best defined and prevented based on the field of research. This paper review 27 articles on cyber security and cybercrimes and it showed that cyber security is a complex task that relies on domain knowledge and requires cognitive abilities to determine possible threats from large amounts of network data. This study investigates how knowledge in network operations and information security influence the detection of intrusions in a simple network. This research paper also reviewed different strategies used by different researchers to prevent cyber-attack in different areas of work and also exposed the most recent used cyber security attacks, preventions, future threats and prospective ways to avoid cyber-attacks
Running head: CYBER SECURITY
1
CYBER SECURITY/EMERGENCY MANAGEMENT POLICY
2
The term "Running head" is formatted as Running head:
Cyber Security/Emergency Management Policy
American Public University (EDMG 600)
Dr. Darrell Dantzler
05/09/2018
Cyber Security/Emergency Management Policy
Begin the paper with an introduction of your topic. An introduction has an attention getter, purpose or thesis statement, and an overview. An attention getter can begin with any of the 6 ways: (1) Anecdote, (2) Question, (3) Quotation, (4) Humor, (5) Shocking Statistic, or a (6) combination of them (http://classroom.synonym.com/5-types-attention-getters-essays-2877.html). After you introduce the topic, state the purpose of the paper. The purpose can be as simple as restating the objective of the assignment. The purpose of this paper is to (state purpose). (Overview) The paper will address the following: (List topics)
Part 1
After reading Moore at al. (2010), Goodyear, Portillo, Goerdel & Williams (2010) and Deloitte-NASCIO (2013), develop a cyber security/EM Policy Analytical model in which you will recommend and justify the most effective way to manage emergency management related cyber security issues at the state level.
Cyber Security
Cybercrimes are increasingly becoming more common in all sectors in the world. This has made cyber
security a top agenda for everyone in the world. This has resulted in the conventions and creation of agencies and structures that will facilitate cyber security (Deloitte-NASCIO. 2013, p 16).According to the author, a number of cyber laws have been formulated and more are being formulated to handle this challenge. For this matter, protecting our companies from various incidences of cyber-crimes, we will need to formulate clear and organised policies that will pit every structure in place to check the menace (Deloitte-NASCIO. 2013, p 34).Since internet is a gala for vast information in which everyone and business navigate through, with different intentions, protecting personal and company sensitive information is increasingly becoming a challenge (Moore et al., 2010, p 56). Cyber security policy will try to track the paths of the internet users in order to control their navigation and keep it on the recommended or acceptable tracks. Allowing internet users to deviate from the pre-determined and acceptable paths, as are stipulated in the policy, will lead to discrepancy in the use of information on the internet thus risking accessibility and sharing of sensitive information without permission (illegal). When personalised or sensitive information reached the public pages of the internet, it becomes irretrievable and loses secrecy. This is the major concern of most governments. Hackers have been able to exploit the Operating System (OS) of people’s computers, accessing and leaving the gathered information in the public dom ...
Lessons Learned from Implementing the Cybersecurity Capacity Maturity Model f...Carolin Weisser
This presentation was given by Prof Michael Goldsmith and Dr Patricia Esteve-González, both from the Global Cyber Security Capacity Centre (GCSCC), University of Oxford, at the 2020 Global Cybersecurity Capacity Building Conference in Melbourne, 18 February 2020.
The presentation includes:
- Mission, purpose and impact of the GCSCC
- Lessons learned from implementing the Cybersecurity Capacity Maturity Model for Nations (CMM) around the world
- The shaping and impacts of cybersecurity capacity: What is the status of cybersecurity capacity building? What factors are shaping capacity building within nations? What are the implications of capacity building for nations?
talks about the present status of the cyber security in India. The policy of cyber security is also discussed. the general principles of the cyber security is highlighted.
Legal position of cyber security and instances of breach of information technology code is also discussed.
Assignment Application Adoption of New Technology SystemsAs a nu.docxMatthewTennant613
Assignment: Application: Adoption of New Technology Systems
As a nurse, you can have a great impact on the success or failure of the adoption of EHRs. It is important for nurses to understand their role as change agents and the ways they can influence others when addressing the challenges of changing to a drastically different way of doing things.
Everett Rogers, a pioneer in the field of the diffusion of innovations, identified five qualities that determine individual attitudes towards adopting new technology (2003). He theorized that individuals are concerned with:
Relative advantage: The individual adopting the new innovation must see how it will be an improvement over the old way of doing things.
Compatibility with existing values and practices: The adopter must understand how the new innovation aligns with current practices.
Simplicity: The adopter must believe he or she can easily master the new technology; the more difficult learning the new system appears, the greater the resistance that will occur.
Trialability: The adopter should have the opportunity to “play around’ with the new technology and explore its capabilities.
Observable results: The adopter must have evidence that the proposed innovation has been successful in other situations.
Note:
You are not required to purchase Rogers’ book or pursue further information regarding his list of five qualities. The information provided here is sufficient to complete this Assignment. The full reference for Rogers’ work is provided below the due date on this page.
For this Assignment, you assume the role of a nurse facilitator in a small hospital in upstate New York. You have been part of a team preparing for the implementation of a new electronic health records system. Decisions as to the program that will be used have been finalized, and you are now tasked with preparing the nurses for the new system. There has been an undercurrent of resistance expressed by nurses, and you must respond to their concerns. You have a meeting scheduled with the nurses 1 week prior to the training on the new EHR system. Consider how you can use the five qualities outlined by Rogers (2003) to assist in preparing the nurses for the upcoming implementation.
To prepare
Review the Learning Resources this week about successful implementations of EHRs.
Consider how you would present the new EHR system to the nurses to win their approval.
Reflect on the five qualities outlined by Rogers. How would addressing each of those areas improve the likelihood of success?
By Day 7 of Week 6
Write a 3- to 5-page paper which includes the following:
Using Rogers’ (2003) theory as a foundation, outline how you would approach the meeting with the nurses. Be specific as to the types of information or activities you could provide to address each area and include how you would respond to resistance.
Analyze the role of nurses as change agents in facilitating the adoption of new technology.
McGonigle, D., & Mastrian, K. G. (2015). .
Assignment Accreditation and Quality EnhancementThe purpose of ac.docxMatthewTennant613
Assignment: Accreditation and Quality Enhancement
The purpose of accreditation is to ensure that institutions meet academic, fiscal, and ethical standards. Institutions also use the review process as part of their continuous improvement efforts.
To prepare:
For this Assignment, select two different regional accrediting bodies of higher education. Next, select an institution in each region so that each has similar characteristics, such as size, focus, or other attributes. Compare the institutions and their accrediting commission.
To complete:
Write a 3- to 4-page paper in which you respond to the following:
Briefly describe each accrediting body and each institution you selected.
Describe the type of accreditation that each institution has, how long they have had it, and if they have any other forms of accreditation (such as specialty or program).
Analyze the institutions, and describe at least three reasons why accreditation is important to each.
Analyze how accreditation might contribute to these institutions’ continuous improvement efforts.
Analyze how the accreditation process differs and is similar in each region and for each institution.
Your paper should be written using scholarly language and in APA style. Provide URL links to the institutions and accrediting commissions.
.
More Related Content
Similar to Global Cybersecurity Environment ReportAbstractCMP 620
An Analytical Study on Attacks and Threats in Cyber Security and its Evolving...ijtsrd
In today’s dynamic and technologically advanced world, the Internet has become one of the most innovative and rapidly growing technologies. With its rise, it has also become vulnerable to a significant increase in occurrences of cyber attacks, with detrimental effects. Typically, these cyber attacks are targeted at accessing, manipulating, or damaging confidential data, extracting users money, or extorting an organization’s or user’s private information. Sensitive information, whether intellectual property, financial data, confidential information, or other forms of private data are exposed to unauthorized access or disclosure, which can have adverse consequences. Protecting data has become one of the greatest obstacles today as cyber attacks are constantly escalating. Along with the growth of internet services and the advancement of information technology, the importance of cybersecurity is crucial. Cybersecurity aims to ensure that the security interests of the company and users assets are protected and preserved against relevant cyber threats in the digital world. The data and confidentiality of computing assets pertaining to the network of an organization are protected by cybersecurity. This paper mainly focuses on threats and issues in cybersecurity facing modern technologies. It also focuses on the latest cybersecurity strategies and developments that are transforming the face of cybersecurity. Omkar Veerendra Nikhal "An Analytical Study on Attacks and Threats in Cyber Security and its Evolving Trends on Modern Technologies" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-1 , December 2020, URL: https://www.ijtsrd.com/papers/ijtsrd38195.pdf Paper URL : https://www.ijtsrd.com/computer-science/computer-security/38195/an-analytical-study-on-attacks-and-threats-in-cyber-security-and-its-evolving-trends-on-modern-technologies/omkar-veerendra-nikhal
6APPLYING GENEVA CONVENTION STRATEGIES TOWARDS ACCOMPL.docxalinainglis
6
APPLYING GENEVA CONVENTION STRATEGIES TOWARDS ACCOMPLISHING CYBER PEACE
December 17, 2017
INTRODUCTION
The emergence of technology and its steady advancement has greatly impacted aspects of individuals, business, and institutional activities. The discovery technology has been felt in different aspects of the economy one notable impact is cyberspace – "a notional environment under which communication occurs with the use of computer networks and systems." [footnoteRef:1] Cyberspace, which is as a result of the internet, an element of technology, has seen information sharing take place, millions of money being transacted over computer networks, business deals struck and much more. All these benefits of cyberspace have attracted criminal, known in the cyber world as cybercriminals, who have, and continue to negatively impact the use of the internet in a variety of creative and innovative ways. There also have been rising cases of cyber warfare between countries that have been causing major worries among global cybersecurity professionals. In an attempt to minimize and solve the issues cyber threats and cybercrimes, several studies have been conducted to discover and create ways of curbing the problem. However, a majority of these studies have failed to acknowledge that the problem has gone global.[footnoteRef:2] However, no studies have been conducted on how to settle for cyber peace by incorporating Geneva convention to creating a treaty specifically for cyberspace. Therefore, the paper will explore how to achieve peace in the cyberspace by exploring the possibilities of treaties on cyberspace by Geneva convention. [1: David Smahel and Kristian Daneback, "Editorial: Researching Bright And Dark Sides Of The Cyberspace," Cyberpsychology: Journal of Psychosocial Research on Cyberspace 7, no. 3 (2013).] [2: Filippo PARODI, "The Concept Of Cybercrime And Online Threats Analysis," International Journal of Information Security and Cybercrime 2, no. 1 (2013): 59-66.]
Statement of the Problem
The growth of cyberspace due to the effect of globalization has turned cybercrime and cyber attacks to one of the major talked about concerns across the globe. Cybercrimes has evolved to become a form of terrorism with major security agencies and institutions such as Homeland Security being victims of the attack. With such agencies with an immeasurable amount of security system and responsible for the safety of people and resources being non-immune to such attacks puts enterprises and individuals at a greater risk. Consequently, cyberspace has seen countries attack each other over computer networks. The severity of the problem has proven other measures such as confronting cyber attackers ineffective thus the need to change the strategies employed to solve the problem. The worst part is that close to 74% of global business expected to be hacked each year with estimations of economic losses amounting to cybercrimes totaling to $3 trillion by the year.
A presentation to the 2019 meeting of the Global Forum on Cyber Expertise (GFCE) in Addis Ababa, October 2019, entitled 'The Shaping and Impacts of Cyber Security Capacity'. The slides are updated since the conference to reflect revised multivariate path analyses.
State Management Mechanisms for the Exchange of Information Regarding Cyberat...Igor Britchenko
The main purpose of the study is to determine the key aspects of the mechanisms of state management of the exchange of information about cyberattacks, cyber incidents, and information security incidents. The methodology includes a set of theoretical methods. Modern government, on the one hand, must take into account the emergence of such a new weapon as cyber, which can break various information systems, can be used in hybrid wars, influence political events, pose a threat to the national security of any state. As a result of the study, key elements of the mechanisms of state management of the exchange of information about cyberattacks, cyber incidents, and information security incidents were identified.
A Study of Cyber Security Threats, Challenges in Different Fields and its Pro...ssuser793b4e
This paper reviewed the implications, challenges and the effects of cybercrimes and cybersecurity in the society. It fully defined cybersecurity based on governmental and national view, industrial view and academic view. From this it was concluded that cyber security and cyber-attack is best defined and prevented based on the field of research. This paper review 27 articles on cyber security and cybercrimes and it showed that cyber security is a complex task that relies on domain knowledge and requires cognitive abilities to determine possible threats from large amounts of network data. This study investigates how knowledge in network operations and information security influence the detection of intrusions in a simple network. This research paper also reviewed different strategies used by different researchers to prevent cyber-attack in different areas of work and also exposed the most recent used cyber security attacks, preventions, future threats and prospective ways to avoid cyber-attacks
Running head: CYBER SECURITY
1
CYBER SECURITY/EMERGENCY MANAGEMENT POLICY
2
The term "Running head" is formatted as Running head:
Cyber Security/Emergency Management Policy
American Public University (EDMG 600)
Dr. Darrell Dantzler
05/09/2018
Cyber Security/Emergency Management Policy
Begin the paper with an introduction of your topic. An introduction has an attention getter, purpose or thesis statement, and an overview. An attention getter can begin with any of the 6 ways: (1) Anecdote, (2) Question, (3) Quotation, (4) Humor, (5) Shocking Statistic, or a (6) combination of them (http://classroom.synonym.com/5-types-attention-getters-essays-2877.html). After you introduce the topic, state the purpose of the paper. The purpose can be as simple as restating the objective of the assignment. The purpose of this paper is to (state purpose). (Overview) The paper will address the following: (List topics)
Part 1
After reading Moore at al. (2010), Goodyear, Portillo, Goerdel & Williams (2010) and Deloitte-NASCIO (2013), develop a cyber security/EM Policy Analytical model in which you will recommend and justify the most effective way to manage emergency management related cyber security issues at the state level.
Cyber Security
Cybercrimes are increasingly becoming more common in all sectors in the world. This has made cyber
security a top agenda for everyone in the world. This has resulted in the conventions and creation of agencies and structures that will facilitate cyber security (Deloitte-NASCIO. 2013, p 16).According to the author, a number of cyber laws have been formulated and more are being formulated to handle this challenge. For this matter, protecting our companies from various incidences of cyber-crimes, we will need to formulate clear and organised policies that will pit every structure in place to check the menace (Deloitte-NASCIO. 2013, p 34).Since internet is a gala for vast information in which everyone and business navigate through, with different intentions, protecting personal and company sensitive information is increasingly becoming a challenge (Moore et al., 2010, p 56). Cyber security policy will try to track the paths of the internet users in order to control their navigation and keep it on the recommended or acceptable tracks. Allowing internet users to deviate from the pre-determined and acceptable paths, as are stipulated in the policy, will lead to discrepancy in the use of information on the internet thus risking accessibility and sharing of sensitive information without permission (illegal). When personalised or sensitive information reached the public pages of the internet, it becomes irretrievable and loses secrecy. This is the major concern of most governments. Hackers have been able to exploit the Operating System (OS) of people’s computers, accessing and leaving the gathered information in the public dom ...
Lessons Learned from Implementing the Cybersecurity Capacity Maturity Model f...Carolin Weisser
This presentation was given by Prof Michael Goldsmith and Dr Patricia Esteve-González, both from the Global Cyber Security Capacity Centre (GCSCC), University of Oxford, at the 2020 Global Cybersecurity Capacity Building Conference in Melbourne, 18 February 2020.
The presentation includes:
- Mission, purpose and impact of the GCSCC
- Lessons learned from implementing the Cybersecurity Capacity Maturity Model for Nations (CMM) around the world
- The shaping and impacts of cybersecurity capacity: What is the status of cybersecurity capacity building? What factors are shaping capacity building within nations? What are the implications of capacity building for nations?
talks about the present status of the cyber security in India. The policy of cyber security is also discussed. the general principles of the cyber security is highlighted.
Legal position of cyber security and instances of breach of information technology code is also discussed.
Assignment Application Adoption of New Technology SystemsAs a nu.docxMatthewTennant613
Assignment: Application: Adoption of New Technology Systems
As a nurse, you can have a great impact on the success or failure of the adoption of EHRs. It is important for nurses to understand their role as change agents and the ways they can influence others when addressing the challenges of changing to a drastically different way of doing things.
Everett Rogers, a pioneer in the field of the diffusion of innovations, identified five qualities that determine individual attitudes towards adopting new technology (2003). He theorized that individuals are concerned with:
Relative advantage: The individual adopting the new innovation must see how it will be an improvement over the old way of doing things.
Compatibility with existing values and practices: The adopter must understand how the new innovation aligns with current practices.
Simplicity: The adopter must believe he or she can easily master the new technology; the more difficult learning the new system appears, the greater the resistance that will occur.
Trialability: The adopter should have the opportunity to “play around’ with the new technology and explore its capabilities.
Observable results: The adopter must have evidence that the proposed innovation has been successful in other situations.
Note:
You are not required to purchase Rogers’ book or pursue further information regarding his list of five qualities. The information provided here is sufficient to complete this Assignment. The full reference for Rogers’ work is provided below the due date on this page.
For this Assignment, you assume the role of a nurse facilitator in a small hospital in upstate New York. You have been part of a team preparing for the implementation of a new electronic health records system. Decisions as to the program that will be used have been finalized, and you are now tasked with preparing the nurses for the new system. There has been an undercurrent of resistance expressed by nurses, and you must respond to their concerns. You have a meeting scheduled with the nurses 1 week prior to the training on the new EHR system. Consider how you can use the five qualities outlined by Rogers (2003) to assist in preparing the nurses for the upcoming implementation.
To prepare
Review the Learning Resources this week about successful implementations of EHRs.
Consider how you would present the new EHR system to the nurses to win their approval.
Reflect on the five qualities outlined by Rogers. How would addressing each of those areas improve the likelihood of success?
By Day 7 of Week 6
Write a 3- to 5-page paper which includes the following:
Using Rogers’ (2003) theory as a foundation, outline how you would approach the meeting with the nurses. Be specific as to the types of information or activities you could provide to address each area and include how you would respond to resistance.
Analyze the role of nurses as change agents in facilitating the adoption of new technology.
McGonigle, D., & Mastrian, K. G. (2015). .
Assignment Accreditation and Quality EnhancementThe purpose of ac.docxMatthewTennant613
Assignment: Accreditation and Quality Enhancement
The purpose of accreditation is to ensure that institutions meet academic, fiscal, and ethical standards. Institutions also use the review process as part of their continuous improvement efforts.
To prepare:
For this Assignment, select two different regional accrediting bodies of higher education. Next, select an institution in each region so that each has similar characteristics, such as size, focus, or other attributes. Compare the institutions and their accrediting commission.
To complete:
Write a 3- to 4-page paper in which you respond to the following:
Briefly describe each accrediting body and each institution you selected.
Describe the type of accreditation that each institution has, how long they have had it, and if they have any other forms of accreditation (such as specialty or program).
Analyze the institutions, and describe at least three reasons why accreditation is important to each.
Analyze how accreditation might contribute to these institutions’ continuous improvement efforts.
Analyze how the accreditation process differs and is similar in each region and for each institution.
Your paper should be written using scholarly language and in APA style. Provide URL links to the institutions and accrediting commissions.
.
ASSIGNMENT A
Op
e
r
a
t
i
o
n
s
Ma
n
ageme
n
t-
Y
o
u h
a
v
e
b
e
en req
u
e
st
e
d
t
o pr
o
v
i
d
e a
d
v
i
c
e a
n
d
ju
s
t
i
f
i
ed
r
e
c
om
m
en
d
at
i
o
n
s, as a
n
ew gr
adu
ate
o
f
m
a
n
a
g
e
m
ent s
t
ud
ies,
t
o
t
h
e
m
a
n
a
g
e
m
ent
o
f TOYS(C
yp
r
u
s)
L
td. R
e
g
ar
d
i
n
g their
p
r
o
b
l
e
m
s with
t
h
eir
p
r
o
du
cts and p
r
o
ce
s
ses. They a
r
e
p
artic
u
la
r
l
y in
t
ere
s
t
ed in
y
o
u
r
o
b
se
r
v
at
i
o
n
s r
e
g
ar
d
i
n
g
t
h
eir
p
r
o
p
o
sals
t
o
ov
e
rc
om
e the
i
r po
o
r per
f
o
r
m
a
n
ce in the
m
ar
k
e
t
s they are i
n
.
They h
a
v
e as
k
ed
t
h
at
y
o
u pro
v
i
d
e
t
h
e
m with justif
i
ed
r
eas
o
n
s f
o
r r
e
c
o
m
m
en
d
ati
on
s.
Y
o
u a
r
e
t
o write
y
o
u
r r
e
c
om
m
en
d
at
i
o
n
s, fi
nd
i
ng
s and
o
b
se
r
v
at
i
o
n
s with fu
l
ly ju
s
tified ar
gum
ents.
ASSIGNMENTB - Project Output
1. Project Output 1: A pilot study or a small scale exploratory research. 4,800 words (80% of module marks)
Students will be required to select a topic relevant to their professional/ business interests and needs. Students will be expected to formulate a specific research question, identify, describe and justify the methods they will use and conduct a small scale research project in their chosen topic.
2. Report 1: A reflective journal. 1,200 words (20% of module marks)
.
Assignment Adaptive ResponseAs an advanced practice nurse, you wi.docxMatthewTennant613
Assignment: Adaptive Response
As an advanced practice nurse, you will examine patients presenting with a variety of disorders. You must, therefore, understand how the body normally functions so that you can identify when it is reacting to changes. Often, when changes occur in body systems, the body reacts with compensatory mechanisms. These compensatory mechanisms, such as adaptive responses, might be signs and symptoms of alterations or underlying disorders. In the clinical setting, you use these responses, along with other patient factors, to lead you to a diagnosis.
Consider the following scenarios:
Scenario 1:
Jennifer is a 2-year-old female who presents with her mother. Mom is concerned because Jennifer has been “running a temperature” for the last 3 days. Mom says that Jennifer is usually healthy and has no significant medical history. She was in her usual state of good health until 3 days ago when she started to get fussy, would not eat her breakfast, and would not sit still for her favorite television cartoon. Since then she has had a fever off and on, anywhere between 101oF and today’s high of 103.2oF. Mom has been giving her ibuprofen, but when the fever went up to 103.2oF today, she felt that she should come in for evaluation. A physical examination reveals a height and
weight
appropriate 2-year-old female who appears acutely unwell. Her skin is hot and dry. The tympanic membranes are slightly reddened on the periphery, but otherwise normal in appearance. The throat is erythematous with 4+ tonsils and diffuse exudates. Anterior cervical nodes are readily palpable and clearly tender to touch on the left side. The child indicates that her throat hurts “a lot” and it is painful to swallow. Vital signs reveal a temperature of 102.8oF, a pulse of 128 beats per minute, and a respiratory rate of 24 beats per minute.
Scenario 2:
Jack is a 27-year-old male who presents with redness and irritation of his hands. He reports that he has never had a problem like this before, but about 2 weeks ago he noticed that both his hands seemed to be really red and flaky. He denies any discomfort, stating that sometimes they feel “a little bit hot,” but otherwise they feel fine. He does not understand why they are so red. His wife told him that he might have an allergy and he should get some steroid cream. Jack has no known allergies and no significant medical history except for recurrent ear infections as a child. He denies any traumatic injury or known exposure to irritants. He is a maintenance engineer in a newspaper building and admits that he often works with abrasive solvents and chemicals. Normally he wears protective gloves, but
lately
they seem to be in short supply so sometimes he does not use them. He has exposed his hands to some of these cleaning
fluids,
but says that it never hurt and he always washed his hands when he was finished.
Scenario 3:
Martha is a 65-year-old woman who recently retired from her job as an administrative assista.
Assignment 5 Senior Seminar Project Due Week 10 and worth 200 poi.docxMatthewTennant613
Assignment 5: Senior Seminar Project
Due Week 10 and worth 200 points
In Week 1, you chose a topic area and problem or challenge within that area. Throughout this course, you have researched the dynamics of the problem. The final piece of your project is to develop a viable solution that considers resources, policy, stakeholders, organizational readiness, administrative structures and other internal and external factors, as applicable. Using the papers you have written throughout this course, consolidate your findings into a succinct project.
Write a ten (10) page paper that as a minimum, your project should include:
Identify the topical area (e.g., local police department, community jail, border patrol)
Define a problem or challenge within your topical area that you understand in some depth or have an interest in (examples include high crime rate, poor morale, high levels of violence or recidivism, high number of civilian complaints of harassment, inadequate equipment). Outline the context of the problem or challenge, including the history and any policy decisions that have contributed to the situation.
Describe how internal or external stakeholders have influenced the situation in a positive or negative way. How will you consider stakeholders in your solution to the problem? How will you motivate individuals to buy into your solution?
Discuss how technologies or information systems have contributed to the problem and how you will propose technology be implemented into the solution.
Discuss what data you have collected or researched to indicate there is a problem. Include at least two sources of data and how each is relevant to the problem.
Develop an effective and efficient solution(s) and a course of action (i.e., plan) that addresses the problem or challenge.
Explain what methods of assessment you will employ to measure the effectiveness of your solutions.
Develop a 10-15 slide PowerPoint Presentation that summarizes the seven items above.
Use at least 8 quality references. Note: Wikipedia and other Websites do not qualify as academic resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
Assess a policy or problem and develop solutions based on available resources, taking into account the political and global implications.
Use technology and information resources to research issues in criminal justice.
Write clearly and concisely about criminal justice using proper writing mechanics.
Grading for t.
Assignment 5 Federal Contracting Activities and Contract Types Du.docxMatthewTennant613
Assignment 5: Federal Contracting Activities and Contract Types
Due Week 10 and worth 240 points
Note
: Refer to scenarios and readings from previous weeks in order to complete this assignment.
The Department of Defense plans to issue a $400,000 government contract to a company that specializes in drone navigation technologies. As a result, a government auditor has been contacted to examine the operational data VectorCal and one competitor (previously identified as “your company”) in order to decide which company should win the government contract.
Note
: You may create and /or make all necessary assumptions needed for the completion of this assignment.
Write a six to eight (6-8) page paper in which you:
Create a one-page overview of the history and background of each company vying for the government contract.
Specify at least one (1) of the recent major contracts that was awarded to both companies. Explain the fundamental reasons why both companies were awarded the contract(s) that you specified.
Determine the type(s) of contract for which both companies might be eligible (e.g., fixed-price, cost reimbursement, etc.). Justify your response.
Discuss at least three (3) direct costs and three (3) indirect costs that each company incurred during the production of its navigation system. Explain the manner in which this data would factor into your decision as to which company would be more eligible to receive the contract.
Suggest which company should be awarded this government contract based on the data that was presented for each company. Next, provide three to five (3-5) reasons to support your stance.
Use at least three (3) quality resources in this assignment.
Note
: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
Specify the government policies regarding profit and pricing adjustments for contracts.
Evaluate the role played by contract auditors.
Use technology and information resources to research issues in cost and price analysis.
Write clearly and concisely about cost and price analysis using proper writing mechanics.
Points: 240
Assignment 5: Federal Contracting Activities and Contract Types
Criteria
Unacceptable
Below 60% F
Meets Minimum Expectations
60-69% D
Fair
70-79% C
Proficient
80-89% B
Exemplary
90-100% A
1. Createa one-page overview of the history and background of each company vying for the government contract.
Weight: 15%
.
Assignment 5 CrowdsourcingDue 06102017 At 1159 PMCrowdso.docxMatthewTennant613
Assignment 5: Crowdsourcing
Due 06/10/2017 At 11:59 PM
Crowdsourcing in the field of interface design takes tasks traditionally performed by specific individuals and spreads them out among a group of people or a community. These assignments are usually done through an open call. Crowdsourcing has become increasingly popular with the growth of Web 2.0 and online communities.
Write a fifteen to eighteen (15-16) page paper in which you:
Examine the invention and growth of crowdsourcing in the field of interface design.
Describe the impact that crowdsourcing has had on the field of interface design.
Analyze and discuss at least three (3) benefits of incorporating crowdsourcing in a design project.
Analyze and discuss at least three (3) challenges of incorporating crowdsourcing in a design project.
Propose a solution for generating interest in your design project from an online community.
Suggest a solution for evaluating the skill set and quality of the code submitted by potentially unknown users.
Describe how crowdsourcing may affect the budget and timeline of a design project.
Assess crowdsourcing in regard to the legal, societal, and ethical issues it raises, and suggest methods to alleviate these concerns.
Use at least five (5) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
Compare and contrast the design and development processes in HCI.
Describe legal, societal, and ethical issues in HCI design.
Describe the inherent design issues across HCI environments.
Analyze and evaluate interface design models.
Use technology and information resources to research issues in human-computer interaction.
Write clearly and concisely about HCI topics using proper writing mechanics and technical style conventions.
.
Assignment 4What are the power motivators of police leaders Expla.docxMatthewTennant613
Assignment 4
What are the power motivators of police leaders? Explain with examples.
What is the Leadership Skill Mix? Explain each category with examples.
Your text identifies three models derived from decision-making theory. Identify those models with examples of each.
List the steps, and explain the rationale, that decision makers should take when confronted with an ethical issue.
.
Assignment 4Project ProgressDue Week 9 and worth 200 points.docxMatthewTennant613
Assignment 4:
Project Progress
Due Week 9 and worth 200 points
Note:
The assignments are a series of papers that are based on the same case, which is located in the Student Center of the course shell. The assignments are dependent upon one another.
During the project life cycle, project risk reviews and reports are required as previously identified in the risk management plan. Two months after the project started, the following events have taken place.
The top-two (2) threats have occurred.
The top opportunity has been realized.
The project’s risk budget is already exhausted.
The risk management schedule has been shortened by two (2) months.
Write a five to seven (5-7) page paper in which you:
Analyze the impact of those events on the project.
Determine if any mitigation activities are required and explain why.
Determine if budget / schedule changes are necessary and explain why.
Update the risk register and highlight the changes made. Provide the justification for the changes.
Use at least four (4) quality resources in this assignment.
Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
.
Assignment 4 PresentationChoose any federal statute that is curre.docxMatthewTennant613
Assignment 4: Presentation
Choose any federal statute that is currently in the news. You will have to research that statute and at least two court cases pertaining to the statute. Then, prepare a PowerPoint Presentation of 6 to 8 slides addressing the following:
Provide a summary perspective of the statute.
From the two cases relevant to the statute you researched, analyze and evaluate each case separately by providing the following (about two paragraphs per case):
Facts of the case
Issues
Rule
Identify and discuss the legal ramifications and violations of any legal subjects and/or decisions related to any constitutional principles and/or administrative agency.
Make an argument for or against the statute. Discuss and persuade the audience of your position as a public administrator for or against it.
Your assignment must:
Include ten (10) PowerPoint slides, with two (2) devoted to each of the topics in items 2–4 above. Slides should abbreviate the information in no more than five or six (5 or 6) bullet points each.
In the Notes View of each PowerPoint slide, incorporate the notes you would use when presenting the slides to an audience.
Slide titles should be based on the criteria described above (e.g., “Four Major Changes,” “Major Court Cases,” etc.)
In addition to the ten (10) content slides required, a title slide and a reference slide are to be included. The title slide is to contain the title of the assignment, your name, the instructor’s name, the course title, and the date. The reference slide should list, in APA format, the sources you consulted in writing the paper.
The specific course learning outcomes associated with this assignment are:
Interpret the language of the U.S. Constitution and the U.S. legal system in order to explain the principles and process of constitutional, regulatory, and administrative laws at the federal and state levels.
Use the “case” approach to the U.S. legal system for researching cases, laws, and other legal communications using technology and information resources.
Evaluate legal subjects relevant to public administration to include property, government contracts, employment, and torts.
Relate the administrative process, constitutional and statutory requirements, to the scope of judicial review of administrative agency decisions.
Assess legal decisions related to the administration of public goods.
Apply and rule on moral and ethical analysis to issues relevant to the public administration decision-making process.
Use technology and information resources to research issues in constitution and administrative law.
Write clearly and concisely about issues in constitution and administrative law using proper writing mechanics.
.
Assignment 4 The Perfect ManagerWrite a one to two (1–2) page pap.docxMatthewTennant613
Assignment 4: The Perfect Manager
Write a one to two (1–2) page paper in which you describe the characteristics of the perfect manager to see a company through all stages of organizational growth.
The format of the paper is to be as follows:
Typed, double-spaced, New Times Roman font (size 12), one-inch margins on all sides. APA format.
In addition to the one to two (1–2) pages required, a title page is to be included. The title page is to contain the title of the assignment, your name, the instructor’s name, the course title, and the date
.
Assignment 4 Presentation Choose any federal statute that is cu.docxMatthewTennant613
Assignment 4: Presentation
Choose any federal statute that is currently in the news. You will have to research that statute and at least two court cases pertaining to the statute. Then, prepare a PowerPoint Presentation of 6 to 8 slides addressing the following:
Provide a summary perspective of the statute.
From the two cases relevant to the statute you researched, analyze and evaluate each case separately by providing the following (about two paragraphs per case):
Facts of the case
Issues
Rule
Identify and discuss the legal ramifications and violations of any legal subjects and/or decisions related to any constitutional principles and/or administrative agency.
Make an argument for or against the statute. Discuss and persuade the audience of your position as a public administrator for or against it.
Your assignment must:
Include ten (10) PowerPoint slides, with two (2) devoted to each of the topics in items 2–4 above. Slides should abbreviate the information in no more than five or six (5 or 6) bullet points each.
In the Notes View of each PowerPoint slide, incorporate the notes you would use when presenting the slides to an audience.
Slide titles should be based on the criteria described above (e.g., "Four Major Changes," "Major Court Cases," etc.)
In addition to the ten (10) content slides required, a title slide and a reference slide are to be included. The title slide is to contain the title of the assignment, your name, the instructor’s name, the course title, and the date. The reference slide should list, in APA format, the sources you consulted in writing the paper.
The specific course learning outcomes associated with this assignment are:
Interpret the language of the U.S. Constitution and the U.S. legal system in order to explain the principles and process of constitutional, regulatory, and administrative laws at the federal and state levels.
Use the "case" approach to the U.S. legal system for researching cases, laws, and other legal communications using technology and information resources.
Evaluate legal subjects relevant to public administration to include property, government contracts, employment, and torts.
Relate the administrative process, constitutional and statutory requirements, to the scope of judicial review of administrative agency decisions.
Assess legal decisions related to the administration of public goods.
Apply and rule on moral and ethical analysis to issues relevant to the public administration decision-making process.
Use technology and information resources to research issues in constitution and administrative law.
Write clearly and concisely about issues in constitution and administrative law using proper writing mechanics.
.
Assignment 4 Inmates Rights and Special CircumstancesDue Week 8 a.docxMatthewTennant613
Assignment 4: Inmates Rights and Special Circumstances
Due Week 8 and worth 150 points
According to the preamble to the U.S. Constitution, one (1) of the founding philosophies of the United States is that each person, citizen or not, is endowed with certain permanent rights. This philosophy extends even to people who have committed crimes that warrant prison sentences. Imagine that you are a commissioner on the Board of State Prison, and you are responsible for making recommendations regarding inmate rights and special circumstances. Use the Internet to research costs that an inmate could incur if he or she chooses to challenge his or her confinement.
Write a three to five (3-5) page paper in which you:
Analyze the legal mechanisms in which an inmate can challenge his or her confinement. Support or refute the cost of such challenges to the state and / or federal government. Provide a rationale for your response.
Examine the four (4) management issues that arise as a result of inmates with special needs. Prepare one (1) recommendation for each management issue that effectively neutralizes each concern. Provide a rationale for your response.
Determine whether the use of supermax housing violates offenders’ rights against “cruel and unusual punishment,” as guaranteed by the Eighth Amendment to the U.S. Constitution. Justify your response.
Use at least three (3) quality references.
Note:
Wikipedia and other Websites do not qualify as academic resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
Recommend improvements to selected areas of corrections.
Analyze various issues in corrections, including effective community corrections programs, probation and parole, and reentry strategies.
Propose specific components of an institutional facility model based on effective management policies and procedures for a specified group of inmates.
Analyze key issues involved with the correctional staff.
Use technology and information resources to research issues in correctional facility policies.
Write clearly and concisely about correctional facility policies using proper writing mechanics.
.
Assignment 4 Part D Your Marketing Plan – Video Presentation.docxMatthewTennant613
Assignment 4: Part D: Your Marketing Plan –
Video Presentation
Assignment 4: Part D: Your Marketing Plan - Video Presentation
my Assignment 4: Part 4 -
GRAVITY TECHNOLOGY
MARKETING PLAN-video presentation
( 1 ,2 and 3 are my first 3 Assignments) for PART D.
.
Assignment 4 DUE Friday 72117 @ 1100amTurn in a written respon.docxMatthewTennant613
Assignment 4: DUE Friday 7/21/17 @ 11:00am
Turn in a written response of a minimum 250 words for each item( R, E, O, S) below. Be sure to fully address all the implications of each item. Although some level of personal commitment to your response is expected, try to avoid excessive use of “I feel…” or “I think…” statements. Attempt to imagine you are writing for a broader group of people; i.e., not just what you would do, but what all of mankind should do. The rubric for grading responses is the REOS method, where R stands for Reasoning (your logic should tie together), E stands for Evidence (Your arguments which need support should be supported by mentioning the name of someone usually cited), O stands for Observation (your unique contributions, if any), and S stands for Substance (you say something meaningful and significant, in the instructor’s opinion). ON YOUR PAPER PUT: R, then write this answer. Under the R put an E, then write this answer. Under the E, put the O, then write this answer and under the O put the S, then write this answer.
R: answer
E: answer
O: answer
S: answer
Imagine you are a community corrections (probation) officer assigned an overwhelming juvenile caseload in a jurisdiction where the age of consent is 18. One weekend while you are out at a college bar with your friends, you spot one of your probationers, Jill, obviously drunk and dancing with a man twice her age (Jill is 16). You go over to talk, but she tells you to mind your own business and leaves with the man. Sometime later, she comes back and begs you not to report anything. She explains that she has had several violations lately, and one more will send her away. You also know she has been doing better in school and has a chance at going to college. Do you report her?
Textbook: Close, D. & Meier, N. (2003). Morality in criminal justice: An introduction to ethics.
Belmont, CA. Wadsworth Publishing
.
Assignment 4 Database Modeling and NormalizationImagine that yo.docxMatthewTennant613
Assignment 4: Database Modeling and Normalization
Imagine that you work for a consulting firm that offers information technology and database services. Part of its core services is to optimize and offer streamline solutions for efficiency. In this scenario, your firm has been awarded a contract to implement a new personnel system for a government agency. This government agency has requested an optimized data repository for its system which will enable the management staff to perform essential human resources (HR) duties along with the capability to produce ad hoc reporting features for various departments. They look forward to holding data that will allow them to perform HR core functions such as hiring, promotions, policy enforcement, benefits management, and training.
Using this scenario, write a three to four (3-4) page paper in which you:
Determine the steps in the development of an effective Entity Relationship Model (ERM) Diagram and determine the possible iterative steps / factors that one must consider in this process with consideration of the HR core functions and responsibilities of the client.
Analyze the risks that can occur if any of the developmental or iterative steps of creating an ERM Diagram are not performed.
Select and rank at least five (5) entities that would be required for the development of the data repositories.
Specify the components that would be required to hold time-variant data for policy enforcement and training management.
Diagram a possible 1:M solution that will hold salary history data, job history, and training history for each employee through the use of graphical tools.
Note:
The graphically depicted solution is not included in the required page length.
Plan each step of the normalization process to ensure the 3NF level of normalization using the selected five (5) entities of the personnel database solution. Document each step of the process and justify your assumptions in the process.
Diagram at least five (5) possible entities that will be required to sustain a personnel solution. The diagram should include the following:
Dependency diagrams
Multivalued dependencies
Note:
The graphically depicted solution is not included in the required page length.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
Include charts or diagrams created in a drawing tool with which you are familiar. The completed diagrams / charts must be imported into the Word document before the paper is submitted.
The specific course learning outcomes associated with this as.
Assignment 3 Inductive and Deductive ArgumentsIn this assignment,.docxMatthewTennant613
Assignment 3: Inductive and Deductive Arguments
In this assignment, you will apply key concepts covered in the module readings. You will identify the component parts of arguments and differentiate between various types of arguments such as inductive and deductive. You will then construct specific, original arguments.
There are
two
parts to the assignment. Complete both parts. The following is a summary of the assignment tasks.
Part 1
1a: Identify Components of Arguments
Identify the component parts of the argument, premises and conclusion, for the passages. Where applicable, highlight key words or phrases that identify a claim as a premise or a conclusion. Part 1a has three questions.
1b: Identify Arguments as Inductive or Deductive
Identify the arguments as inductive or deductive for given passages. Offer a brief explanation why each argument is either inductive or deductive. 1b has three questions.
Part 2
2a:
Argument Identification and Analysis
In these longer text passages, identify the key components of each argument. For each argument, list the main conclusion and the reasons (or premises) that support the conclusion.
2b: Constructing Original Arguments
Construct one original inductive argument. Using 75
–
100 words, explain why the argument is an inductive one. Then, construct one original deductive argument. Using 75
–
100 words, explain why the argument is a deductive one.
2c: Finding Native Argument Examples
Find one example of an argument from contemporary media; this can be a short argument. Include or reproduce the original passage of the argument, paraphrase the conclusion(s), and identify the argument as either inductive or deductive. Using 75
–
100 words, explain why the argument is either inductive or deductive.
Download
details for this assignment here and respond to each item thoroughly.
Submit your assignment in Word format. Apply APA standards to citation of sources. Use the following file naming convention: LastnameFirstInitial_M1_A3.doc. For example, if your name is John Smith, your document will be named SmithJ_M1_A3.doc.
By
Wednesday, March 29, 2017
, deliver your assignment to the
M1: Assignment 3 Dropbox
.
Assignment 3 Grading Criteria
Maximum Points
Identified and explained types and component parts of arguments displaying analysis and application of research.
24
Accurately identified key component parts of arguments in longer text passages, reflecting comprehension and critical thinking.
12
Constructed original inductive and deductive arguments demonstrating in-depth understanding of concepts.
30
Evaluated and explained instances from contemporary media to identify arguments as representative of inductive or deductive reasoning.
20
Wrote in a clear, concise, and organized manner; demonstrated ethical scholarship in accurate representation and attribution of sources; displayed accurate spelling, grammar, and punctuation.
14
Total:
Recognizing Arguments
In this assignment, you will apply key concepts .
Assignment 3 Wireless WorldWith the fast-moving technology, the w.docxMatthewTennant613
Assignment 3: Wireless World
With the fast-moving technology, the world has adopted wireless technology and has become reliant on it. You nearly use your wireless devices to do everything such as checking your grocery lists to handling complicated business decisions through third-party services. The need for high bandwidth and greater capacity has never been important, unless you shifted to wireless technology.
In this assignment, you will conduct research on a wireless network and compare it with another wireless network.
Tasks:
Create a 4- to 5-page paper and address the following:
Identify and describe any three uses for a wireless network. Two common wireless networks are Voice over Internet Protocol (VoIP) and wireless network interface cards (wireless NICs). Smartphones and personal digital assistants (PDAs) also rely on Wi-Fi networks for network connectivity. Many of these devices have mobile broadband connectivity as well.
Compare and contrast the identified uses of the wireless network chosen by you with the other one, out of the ones mentioned above.
Explain how RFID tags might be used in conjunction with product identification or inventory systems.
Compare and contrast RFID with any another technology that is similar in nature.
Note
: Utilize at least three scholarly or professional sources (beyond your textbook) in your paper. Your paper should be written in a clear, concise, and organized manner; demonstrate ethical scholarship in accurate representation and attribution of sources (i.e., in APA format); and display accurate spelling, grammar, and punctuation.
Submission Details:
By
Wednesday, February 8, 2017
, save your paper as M1_A3_Lastname_Firstname.doc and submit it to the
M1 Assignment 3 Dropbox
.
Assignment 3 Grading Criteria
Maximum Points
Identified and described three uses for a wireless network chosen by you, out of the mentioned wireless networks (VoIP and wireless NICs). Utilized scholarly or professional resources in support.
16
Compared and contrasted the identified uses of the wireless network chosen by you with the other network. Utilized scholarly or professional resources in support.
24
Explained how RFID tags might be used in conjunction with product identification or inventory systems. Included many meaningful details; utilized scholarly or professional resources in support.
16
Compared and contrasted RFID with any another technology that is similar in nature. Included many relevant details; utilized scholarly or professional resources in support.
24
Wrote in a clear, concise, and organized manner; demonstrated ethical scholarship in accurate representation and attribution of sources; displayed accurate spelling, grammar, and punctuation.
20
Total:
100
.
Assignment 3 Web Design Usability Guide PresentationBefore you .docxMatthewTennant613
Assignment 3: Web Design Usability Guide Presentation
Before you learn how to use web-authoring software to design, edit, and update web-based content, you need to understand basic concepts regarding user interface design and usability. For this assignment, you will create a Web Design Usability Guide Presentation of approximately 3–5 slides that identifies the main interface design criteria for the website of an organization with which you are familiar (i.e., current or past employer) following the directions below.
Directions:
After you have identified an organization, analyze the website and in 3–5 slides (including detailed speaker’s notes):
Describe the interface and UX criteria (include a diagram).
Explain the page navigation preferences, such as:
Features
Location
Look and Feel
Naming Conventions
Other
Identify mobile website considerations (include a diagram), such as:
Available features
Content and design
Responsive design
Supported browsers
Other
Identify the preferred programming language(s):
ASP
HTML
Javascript
PHP
Other
Identify the supported browsers, such as:
Chrome
Firefox
Internet Explorer
Opera
Safari
Outline the testing protocol.
Define specific steps and systems one should take to review a website and test its features.
Include steps to resolve any potential problems.
Your completed assignment should consist of a 3- to 5-slide PowerPoint presentation (including detailed speaker’s notes). Use at least two scholarly articles to complete your research, referencing them in text as you use them and at the end in a reference list. Your writing should be clear, concise, and organized; demonstrate ethical scholarship in accurate representation and attribution of resources; and display accurate spelling, grammar, and punctuation.
Submission Details:
By
Wednesday, August 2, 2017
, save the document as M1_A3_Lastname_Firstname.doc and submit it to the
M1 Assignment 3 Dropbox
.
Assignment 3 Grading Criteria
Maximum Points
Create a Web Design Usability Guide for an organization that describes the interface and UX criteria. Include a diagram.
16
Create a Web Design Usability Guide for an organization that explains the page navigation components.
20
Create a Web Design Usability Guide for an organization that identifies the mobile website considerations.
8
Create a Web Design Usability Guide for an organization that identifies the programming language.
8
Create a Web Design Usability Guide for an organization that identifies supported browsers.
8
Create a Web Design Usability Guide for an organization that outlines the testing protocol.
20
Write in a clear, concise, and organized manner; demonstrate ethical scholarship in accurate representation and attribution of sources (i.e., APA); and display accurate spelling, grammar, and punctuation.
20
Total:
100
.
Assignment 3 Understanding the Prevalence of Community PolicingAs.docxMatthewTennant613
Assignment 3: Understanding the Prevalence of Community Policing
As a backlash, the professional model, which reflects a "we are the experts and you are not" attitude, alienated the police from the public. Problems and crime kept growing, and people wanted to be more involved in their communities. Therefore, community members started to work closely with the police. The police saw their resources diminish and decided it was critical to engage the communities to more effectively combat rising crime.
Today, the vast majority of law enforcement agencies state that they subscribe to the community policing philosophy. The implementation of the philosophy is varied, but most agencies acknowledge the value of having a positive working relationship within the community.
Thus, it is important to understand the history of modern policing to comprehend some possible conclusions as to why agencies began adopting the community policing philosophy.
Tasks:
Prepare a three to four page report answering the following questions.
What are the main reasons for the majority of US law enforcement agencies to adopt the community policing philosophy?
What is the most important aspect of community policing that is attractive to the community?
What is the most important aspect of community policing that is attractive to the police?
What aspects of prior policing models are not acceptable in today's communities?
Note
: Use at least three scholarly sources, with at least one source that is not part of the assigned readings. Include a separate page at the end of the report, in APA format, that links back to your in-text citations and supports your recommendations.
Submission Details:
Save the final report as M1_A3_Lastname_Firstname.doc.
By
Week 1, Day 7
, submit your final report to the
M1: Assignment 3 Dropbox
.
Assignment 3 Grading Criteria
Maximum Points
Analyzed the main reasons that led the majority of US law enforcement agencies to adopt the community policing philosophy.
28
Evaluated the most important aspect of community policing that is attractive to the community and the police.
28
Evaluated various aspects of prior policing models that are not acceptable in today's communities.
24
Wrote in a clear, concise, and organized manner; demonstrated ethical scholarship in the accurate representation and attribution of sources; and used accurate spelling, grammar, and punctuation.
20
Total:
100
.
Embracing GenAI - A Strategic ImperativePeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
Acetabularia Information For Class 9 .docxvaibhavrinwa19
Acetabularia acetabulum is a single-celled green alga that in its vegetative state is morphologically differentiated into a basal rhizoid and an axially elongated stalk, which bears whorls of branching hairs. The single diploid nucleus resides in the rhizoid.
Normal Labour/ Stages of Labour/ Mechanism of LabourWasim Ak
Normal labor is also termed spontaneous labor, defined as the natural physiological process through which the fetus, placenta, and membranes are expelled from the uterus through the birth canal at term (37 to 42 weeks
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Dr. Vinod Kumar Kanvaria
Exploiting Artificial Intelligence for Empowering Researchers and Faculty,
International FDP on Fundamentals of Research in Social Sciences
at Integral University, Lucknow, 06.06.2024
By Dr. Vinod Kumar Kanvaria
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
Biological screening of herbal drugs: Introduction and Need for
Phyto-Pharmacological Screening, New Strategies for evaluating
Natural Products, In vitro evaluation techniques for Antioxidants, Antimicrobial and Anticancer drugs. In vivo evaluation techniques
for Anti-inflammatory, Antiulcer, Anticancer, Wound healing, Antidiabetic, Hepatoprotective, Cardio protective, Diuretics and
Antifertility, Toxicity studies as per OECD guidelines
Francesca Gottschalk - How can education support child empowerment.pptxEduSkills OECD
Francesca Gottschalk from the OECD’s Centre for Educational Research and Innovation presents at the Ask an Expert Webinar: How can education support child empowerment?
Francesca Gottschalk - How can education support child empowerment.pptx
Global Cybersecurity Environment ReportAbstractCMP 620
1. Global Cybersecurity Environment Report
Abstract
CMP 620 5041 Cybersecurity Governance
Table of Contents
Introduction............................................................................
........................................................3
Analyze Global Approaches to
Cybersecurity..........................................................................
..3
Analyze critical issues in global cybersecurity management and
policy....................................3
Analyze critical issues in global cybersecurity technology
policy..............................................4
Analyze the principles of warfare that underpin cyberwarfare
theory and application..............4
International Cybersecurity Threat
Matrix................................................................................5
Threat
Matrix......................................... ............................................
..........................................5
2. Compare and contrast international cybersecurity standards
bodies.........................................8
International Environmental
Scan........................................................................................
.......9
Environmental Scan:
Africa.....................................................................................
....................9
Identify key initiatives in international cybersecurity
policy.....................................................10
Regional Cybersecurity Threat Fact
Sheet................................................................................11
Africa Fact
Sheet......................................................................................
..................................11
Assess cybersecurity policies and procedures for transnational
legal compliance...................13
Assess and critique cybersecurity
programs..............................................................................1
4
Assess the cross-cutting effects of policy, budget, and
technological capabilities upon the
ability to address cyberthreats at the enterprise, national, and
international levels................15
Assess policy and technology trade-offs that must be considered
and made when addressing
cyberthreats at the enterprise, national, and international
3. levels.............................................15
Assess and critique cybersecurity
programs..............................................................................1
6
Botnet
Evaluation...............................................................................
.........................................16
Evaluation of
Botnets...................................................................................
..............................16
Botnet Key
Features..................................................................................
.............................16
Issues associated with
Botnets...................................................................................
............17
Global Cybersecurity
Policy.....................................................................................
.............17
Botnets Evolved over the
Years......................................................................................
........18
Botnets Impact on
Policy.....................................................................................
..................18
Assess emerging cybersecurity issues, risks, and
vulnerabilities..............................................19
4. Botnet
Discussion...............................................................................
..........................................19
Botnet
Discussion...............................................................................
...................................19
How Botnets have emerged, changed, over past 5-10
years.............................................19
Key Technical Features of
Botnets...................................................................................
..19
What Contributing Factors may cause Botnets to change, over
the next 10 years.......20
Assess key cyberattack
technologies......................................................... ...................
..............20
Botnet
Conclusion..............................................................................
..........................................22
Conclusion.................................................................... ..........
......................................................23
Assess how the theories and principles of war apply to
cyberwarfare and apply those theories
to understand cyberoffense and cyberdefense
challenges........................................ .................23
5. References..............................................................................
........................................................24
Table of Contents
Introduction
Global Approaches to Cybersecurity
There is no need to buy more resources and products, we will
never manage every single
threat, and there will be security gaps between products.
Concerning detection, malware moves
to quickly and it could take days, months to remedy the
problem. The correct approach,
“prevention and consolidation, it looks at the entire
organization and focuses on creating a single
architecture that covers all environments and is managed by a
unified platform”. It “keeps every
entry point to the organization secured all the time, be it the
traditional network, the data center,
mobile devices or the cloud server”. The “attack indicators are
shared among all environments”.
All “technologies are synchronized to provide multiple-layers of
protections, and all entry points
are protected with no security gaps between”. There is also a
need to deliver actionable threat
intelligence between every device, network, branch office or
endpoint, so that even if one
environment will be targeted – all the others will be able to
identify the same threats and block
it” [ CITATION For17 l 1033 ].
The “Global Conference on Cyberspace (GCCS), recommended
6. a cybersecurity approach
that includes the three cyberspace powers, the United States,
China & Russia”. In this approach,
the “multi-stakeholder model mirrors the traditional technical
management of the Internet, which
has proven to be very effective in maintaining the resilience of
cyberspace”. It is a “bottom-up
consensus, fosters a collective sense of management, and
stresses the promotion of trust and
international cooperation”. At this present time, the United
States, China & Russia “have not
agreed on a common treaty to harmonize national laws or
facilitate cooperation in cyberspace”
[ CITATION wef15 l 1033 ].
Analyze Global Approaches to Cybersecurity
Analyze critical issues in global cybersecurity management and
policy
There are no global cybersecurity policies to manage or stop
Nation-states
associated with cyberthreat actors, like, Russia, China, and Iran
(UMUC, 2019).
The United States policies for cybercrime and cyberwarfare do
not apply to state
actors. Cybersecurity policies have no international legal
frameworks that can be
managed globally and with trust. Some of the critical issues at
hand are the absence
of “international frameworks and standards, the lack of sharing
global data about
security incidents, an international approach to developing
offensive cyber
capabilities by both state and non-state actors, and the
importance of global
7. government decision-makers” collaborating on cybersecurity,
cybercrime,
cyberdefense, and cyber awareness [ CITATION Ter17 l 1033
].
Analyze critical issues in global cybersecurity technology
policy
The Information Technology Industry Council (ITI) “supports
policies that
increase security while maintaining the benefits of cyberspace”.
ITI “works to
ensure that cybersecurity policies in the United States and
around the world reflect
the interconnected and interoperable global nature of today’s
digital
environment”.” In order to secure cyberspace, ITI advocates for
cybersecurity
policies that are adaptable to rapidly emerging threats,
technologies, and business
models” [ CITATION iti19 l 1033 ]. Cybersecurity Tech
Accord (CTA) “promotes
a safer online world by fostering collaboration among global
technology
companies committed to protecting their customers and users
and helping them
defend against malicious threats” [ CITATION cyb19 l 1033 ].
Some critical
issues are lack of global tools to assist with cyberthreats, no
global policies that
“prioritize security, privacy, integrity and reliability, and in
turn reduce the
likelihood, frequency, exploitability and severity of
8. vulnerabilities” [ CITATION
cyb19 l 1033 ].
Analyze the principles of warfare that underpin cyberwarfar e
theory and
application
Concerning theory, “all state-sponsored military operations are
conducted
for the purpose of accomplishing nation-state political or
military objectives,
cyberspace, inherent to the initial design of the Internet, is
formulated upon lines of
communication designed to transport information from point A
to point B, and
there are key targets within cyberspace for which position and
possession yield a
decisive military advantage”. “Any comprehensive theory that
seeks to develop a
national strategy to conduct cyberwarfare should include as a
primary objective the
need to secure critical cyber lines of communication, both
physical (fiber optic
cable, SATCOM, ISPs, etc.) and logical (network domains,
routers, servers, etc.)” [
CITATION Geo14 l 1033 ]. Concerning application, Nation-
state and non-state
actors must be willing to collaborate and agree on cybersecurity
terminology and
concepts. The “application of cyber war capabilities has become
increasingly
prominent due primarily to the fact that as many as 120
international governments
are pursuing information warfare programs” [ CITATION Far10
l 1033 ]. In
9. response to other nation-states’ cyber programs, the 2006
Quadrennial Defense
Review (QDR) requested that the Department of Defense (DoD)
develop a
capability to shape and defend cyberspace” [ CITATION Far10
l 1033 ].
International Cybersecurity Threat Matrix
Threat Matrix
Country: China
Cyber Culture
(i.e., How does the country view
cyber threats? Is this consistent
with the general country
culture?)
Cybersecurity
Threats
Cyber Legal
Perspective/Cyber Economic
Perspective
Response to Cyberterrorism/Recruiting
A practice of “defending forward”
can look a lot like attacking
forward when one is on the
10. receiving end of a hacking
operation. One nation’s
development of additional cyber
capabilities and loosening of
authorities can be seen by other
nations as an unavoidable threat.
Interactions in cyberspace can
foster trust and cooperation, but
they also have the potential to
provoke suspicion, competition
and conflict. The deepening
cybersecurity dilemma is due not
just to American action. It is in
part due to threats the United
States perceives from China, a
topic her account largely glosses
over.
Points of
aggregations refer to
managed service
providers (MSPs),
which are companies
that manage other
firms’ information
technology (IT)
infrastructure
systems. These could
include small and
medium-sized MSPs,
as well as large
technology firms
such as IBM
[ CITATION Fan19 l
1033 ].
China’s national
11. intelligence law, also
effective in 2017,
requires every
Chinese organization
and citizen to assist
and cooperate with
Beijing’s national
intelligence efforts.
The broad and vague
definition of
“national
intelligence” means
that companies and
citizens must answer
to the Chinese regime
when called upon
(Fang, 2019).
In 2010, “Chinese
actors attacked Adobe
Systems, Yahoo,
Symantec, Northrop
Grumman, Morgan
Stanley, and Dow
Chemical (Bengali,
et. al) using an
advanced persistent
threat (APT) that
appeared to be based
in Beijing”. The
“massive theft of tens
of millions records
China’s national intelligence
law, also effective in 2017,
requires every Chinese
organization and citizen to
12. assist and cooperate with
Beijing’s national intelligence
efforts. The broad and vague
definition of “national
intelligence” means that
companies and citizens must
answer to the Chinese regime
when called upon [ CITATION
Fan19 l 1033 ].
Most Chinese have the same concerns as
much of the rest of the world about harmful
cyberactivity’s, including: efforts to crash,
slow, or paralyze vital cyber-based
Infrastructure; the promulgation of
information or images harmful to the polity,
society, or the economy (such as
pornography, false or misleading commercial
information, and the advocacy of violent
political revolution); espionage; the theft of
proprietary commercial data or information;
and specific actions designed to weaken the
capacity of the state to defend itself through
military and other means. Thus, both
authoritative and other Chinese observers
believe that “cyber security is an international
. . . issue and hacker attack is a common
challenge facing the whole world”
[ CITATION Swa13 l 1033 ].
from the Office of
Personnel
Management (OPM)
in 2014 is attributed
13. to the Chinese, as is
the 2015 theft of
millions of records
from Anthem. This
represented the most
significant theft of
healthcare records to
date”. “Chinese
attacks against US
interests became so
prolific and bold that
the US took the
unprecedented step of
publicly accusing
China of attacking
US government
systems”
[ CITATION
UMU1914 l 1033 ].
The 2015 agreement between the
United States and China on
commercial cybertheft seems to
have failed to appreciably slow the
widespread hacking of American
targets by state-affiliated Chinese
operators, though it may have
caused them to increase their
operational security in a bid to
evade detection.
Global dominance,
arms races,
Preparations for
Military Struggle
(PMS), international
14. strategic competition
in cyberspace
[ CITATION Jin19 l
1033 ]
The new law sets forward,
important network equipment
and software will have to
receive government
certifications. This means that
specific pieces of intellectual
property or technical features
will have to be divulged,
which could easily be passed
on to Chinese companies by
the regulators behind
cybersecurity [ CITATION
Hao16 l 1033 ].
China is taking action to “protect its state
interest in the event of cyberattacks, new
rules will mandate strict data surveillance and
storage for firms working in the country”
[ CITATION Hun17 l 1033 ].
With diplomacy and deterrence
not working as well as the
Pentagon would like, disruption of
malicious cyber activity has
become an option that is attractive
to policymakers, even if it carries
risks of its own.
cyberspace situation
awareness, cyber
defense, support for
15. the country’s
endeavors in
cyberspace, and
participation in
international cyber
cooperation
[ CITATION Jin19 l
1033 ]
This law is also
counterproductive because
companies gathering data in
so-called “critical areas” will
have to store that data inside
China. At this stage, the
definition of “critical” is
worryingly broad. Complying
with this requirement will
force international firms to
make expensive investments to
build duplicate facilities within
China [ CITATION Hao16 l
The “West really does not know how China
might handle
a nuclear terrorism crisis. There are some
scholars who believe Chinese
decision making is purposely vague. In fact,
the Chinese may have no plans
for crisis management. For example, it is not
clear to this writer whether
the Chinese believe a nuclear terrorism
incident would be a law enforcement
or a military problem. True, that kind of
concern mirrors a Western way of
thinking. And it is possible in a tightly
16. controlled society, like China’s, there
may be little time or inclination for any
1033 ]. bureaucratic or turf battles about
such a matter” [ CITATION Gro09 l 1033 ].
China likely sees U.S. cyber
activities—whether intended to be
defensive or offensive—as
intrusive and threatening. It may
well launch hacking operations to
attempt to disrupt American
efforts.
The Chinese
government’s
monitoring of the
internet and social
media is based on its
potential use as a
platform to
disseminate
information that
could cause similar
social unrest to
spread, which could
lead to large-scale
social and political
instability
[ CITATION Jin19 l
1033 ].
International companies will
have to weigh this risk against
17. the opportunity to do business
in China. China has had a long
reputation for ‘copying’
without getting insider access,
and this law could only open
the ease to which China’s
business sector can review
competition. For international
companies there is no easy
way forward as the choice is
black or white. Either foreign
companies will comply,
knowing China has a way to
peek into what previously was
private, or they will chose to
stand by principles of privacy
at the risk of being excluded
from the Chinese market
[ CITATION Hao16 l 1033 ].
The Chinese actors are not concerned with
the United States view concerning
cyberterrorism. “An increase in Chinese
capability has opened the way "for bigger
data storage, for bigger data theft," he said.
"And when you can gain it in bulk, you take it
in bulk" [ CITATION Nak15 l 1033 ].
or all the dangers of the
cybersecurity dilemma, the United
States and China do have areas of
mutual interest in the digital
domain. For example, they share
interests in the integrity and
stability of the global financial
system, in not being misled into
18. great-power conflict with one
another by a third-party
malefactor, in not letting cyber
weapons get into the hands of
malicious non-state actors, in
better understanding how each side
approaches cyber-policy questions
such as the definitions of “armed
conflict” or “critical
infrastructure,” and in cooperating
to combat transnational
cybercrime [ CITATION Buc18 l
1033 ].
Yes, this is consistent with the
general country culture.
China is more and
more dependent on
information networks
in all aspects,
including in defense.
China uses the term
“eight King Kongs”
to describe the top
internet companies in
its domestic supply
chain: Apple, Cisco,
Google, IBM, Intel,
Microsoft, Oracle,
and Qualcomm.
Heavy dependence on
these companies’
products makes it
necessary to work
towards developing
the domestic
19. technology industry
and its capabilities,
and to thereby make
the country’s internal
internet infrastructure
more secure
U.S. companies have already
began to strongly lobby against
the law, as well as China’s
position that the Internet must
be managed by authorities. But
despite the efforts of any
company, Chinese or other, the
cybersecurity law is just a
piece in a larger ongoing
political puzzle that companies
will have to deal with
[ CITATION Hao16 l 1033 ].
China is a persistent collector of data,
especially rom the United States, it is my
belief that China will do whatever it takes to
protect and defend itself from the United
States, even if it means cyberterrorism
[ CITATION AnI13 l 1033 ].
[ CITATION Jin19 l
1033 ].
Compare and contrast international cybersecurity standards
bodies
When identifying the most useful best-practice standards and
20. guidance for
implementing effective cybersecurity, it is important to
establish the role that each
fulfils, its scope, and how it interacts (or will interact) with
other standards and
guidance. The “Cybersecurity Framework (CSF) is a voluntary
framework
primarily intended for critical infrastructure organizations to
manage and mitigate
cybersecurity risk based on existing standards, guidelines, and
practices, while
ISO/IEC 27001 is the international Standard for best-practice
information security
management systems (ISMSs)”. The “NIST SP 800-53 “Security
and Privacy
Controls for Federal Information Systems and Organizations”
details which
controls it recommends for all US federal information systems
(excluding those in
national security), while ISO/IEC 27032 is the international
Standard focusing
explicitly on cybersecurity”. HIPAA “established a national
standard for the
security of electronic health information, including the
protection of individually
identifiable health information, the rights granted to
individuals, breach
notification requirements, and the role of the OCR (Office of
Civil Rights), while
ISO/IEC 27035 is the international Standard for incident
management, and
ISO/IEC 27031 is the international Standard for ICT readiness
for business
continuity” [ CITATION itg19 l 1033 ].
International Environmental Scan
21. Environmental Scan: Africa
Unique characteristics, that make cyberspace issues more
challenging. Africa’s cybersecurity
measures are underdeveloped. African networks are easy targets
because their networks are not
well protected. African-inspired cyber threats are mostly
associated with financial gains (UMUC,
2019).
Role of NATO. The North Atlantic Treaty Organization (NATO)
“has made clear its objective to
ensure that its operational and mission-related information
systems are protected from
cyberthreats while the organization continues to help member
nations increase the security of
their own national networks” (UMUC, Cybersecurity
International Policy, 2019). NATO offers
education, training, and exercises to support member nation
needs. It is important that each
member nation raises the bar on its own cyberdefense
capabilities because the alliance as a
whole is only as strong as its weakest member nation (UMUC,
Cybersecurity International
Policy, 2019).
Role of United Nations. The “mission of the United Nations is
as follows: maintain
international peace and security develop friendly relations
among member nations based on
respect for equal rights achieve international cooperation in
solving international problems to be
22. a center for harmonizing actions of nations in attaining common
goals” (United Nations
Cybersecurity Approaches, 2019).
Cybersecurity Changes in the Next Decade. Based on current
African cybersecurity threats,
my predictions for the next decade, center around improved
protection measures for financial
transactions, implementation of technology that protects data
and networks, and the ability to
collaborate with the United States cybersecurity programs,
education and regulations to support
their internal industries.
Catalyst(s) for change. A catalyst for change could be the
continued onslaught of State
sponsored attacks, organized crime, risks, threats, and
vulnerabilities leading to serious financial
problems and a failure in protecting the countries government
and infrastructure as a whole
(3tsconsulting.com, 2017).
Economic Perspective; Africa’s approach about cyberspace.
Africa will change with the rest
of the world. Cybersecurity issues are global issues. “We live in
a connected world made smaller
each day by the exponential growth of technology. Individuals,
companies and countries rely on
cyberspace for everything from cell phone card recharge
transactions to business partnership
arrangements or the movement of military forces from one
country to the other”. “Safeguarding
cyberspace is a crucial discipline” for all countries
(3tsconsulting.com, 2017).
Criminality Perspective; Africa can do more in the cyberspace
23. area. African networks are
not protected; therefore “Cybercriminals are using the path of
least resistance, thus bypassing
security investments that organizations have made in their
infrastructure”. A “first defense” for
Africa would be “security awareness and public training”
(3tsconsulting.com, 2017). The
“ultimate goal is to enable all countries in the region to have
adequate legislation in place in
order to achieve a higher level of legal and policy
interoperability” (3tsconsulting.com, 2017).
Changes and Suggestions, if I were the US ambassador to
Africa. My first meeting would be
to develop a team of serious technicians and technical engineers
to review the United Nations
policies, NATO, and the United States recommendations to
improve information systems. I
would look at developing a version of African National Institute
Standards and Technology
publications and set up some Federal Information Security
Management Acts specific to Africa,
along with enacting new laws for cybercrime and
cybercriminals.
Potential Impact of My recommendations. The “2017 cyber
security survey shockingly
reveals that over 95% of African businesses are operating below
the cybersecurity “poverty line”
(Kaimba, 2017). My recommendations can limit and control the
number of would be cyber
criminals and adversaries. Lower the number of Denial-of-
Service attacks (Dos) and Distributed-
24. Denial of service attacks (DDoS). Positively affect the nations
cyber debt. The new NISTs,
African FISMA, Standards and training will bring the cyber
security poverty line above the line
and allow African business to compete with other countries. The
financial, manufacturing,
hospitality, government institutions and other private
organizations will benefit and function at a
higher level, and consumer confidence will be at its highest.
Identify key initiatives in international cybersecurity policy
The key initiatives in cybersecurity policy are the “International
Telecommunication Union (ITU) an agency of the United
Nations (UN) whose
purpose is to coordinate telecommunication operations and
services throughout the
world”; ITU “Global Cybersecurity Agenda (GCA) a framework
for international
cooperation aimed at enhancing confidence and security in the
information
society” [ CITATION UMU1921 l 1033 ].
The “GCA is designed for cooperation and efficiency,
encouraging
collaboration with and between all relevant partners and
building on existing
initiatives to avoid duplicating efforts”; the “ITU Toolkit for
Cybercrime
Legislation, which addresses the first of the seven strategic
goals of the ITU Global
Cybersecurity Agenda (GCA), also includes the elaboration of
strategies for the
development of cybercrime legislation that is globally
applicable and interoperable
with existing national and regional legislative measures by
25. providing a model law
for countries” (cyberdialogue.ca, 2010). Regional law
enforcement and
multinational government groups like the European Police
Office (Europol), the
Association of Southeast Asian Nations (ASEAN), and the
Organization for
Economic Co-Operation and Development (OECD) have also
developed initiatives
to cooperate on cybercrime” [ CITATION UMU19 l 1033 ].
The E-government initiatives are the Federal Information
Security
management Act, the National Science Foundation, the
Computer Fraud and Abuse
Act, the Electronic Signatures in Global and National
Commerce Act, and the
Federal Desktop Computer Configuration
Regional Cybersecurity Threat Fact Sheet
Africa Fact Sheet
Cybersecurity threat experienced in Africa. “Attacks range from
simple email scams to large-
scale theft of customer data using malware, ransom attacks and
disinformation or fake news”.
Africa’s cyber-attacks effect financial institutions destroys their
business reputation and
interferes with corporate and government operations (Yusuf,
2019).
Evolution of the associated malware and implications. Dorkbot
has been a problem for Africa
for several years. “Dorkbot is designed to steal passwords for
26. online accounts, including such
social networks as Facebook and Twitter, as well as to install
additional malware that can turn
infected endpoints into nodes in a DDoS attack or part of a
spam relay” (Schwartz, 2015).
“African businesses, specifically, find themselves at a
crossroads, where they must balance
digital transformation with a greater focus on security policies
and how to protect customer data”
(Croock, 2016). With Africa's digital economy continuing to
scale up rapidly, the need is
becoming more apparent for regulation and legislation to match
(Croock, 2016). South Africa
has introduced a number of legislative measures to address the
growing threat of cyber terrorism
and terrorist financing such as the Prevention of Organized
Crime Act 38 of 1999 (“POCA”), the
Financial Intelligence Centre Act 38 of 2001 (“FICA”), the
Electronic Communications and
Transactions Act 25 of 2002 (“ECT), the Regulation of
Interception of Communications and
Provision of Communications-Related Information Act 70 of
2002 (“RICA”) and the Protection
of Constitutional Democracy against Terrorism and Related
Activities Act 33 of 2004
(“PCDTRA”) (Cassim, 2012).
The “international community, must devote more attention to
the development of central
authorities in critical regions such as the Middle East, North
Africa, and the Sahel”. The “engines
that give life to the international treaty framework must be
built, serviced, and properly
maintained”. Otherwise, efforts to address transnational crime
and terrorism through a rule of
law framework will remain stymied” (Stigall, 2016).
27. Global cybersecurity policies might be used to counter the
effects. The president's
International Strategy for Cyberspace, which is to promote a
strategic framework of international
cyber stability. This framework is designed to achieve and
maintain a peaceful cyberspace
environment where all states are able to fully realize its
benefits, where there are advantages to
cooperating against common threats and avoiding conflict, and
where there is little incentive for
states to engage in disruptive behavior or to attack one another
(US-Cert.gov, 2003). The
International Strategy for Cyberspace, spelled out key global
policy areas that will promote
international standards, build relationships, and safeguard the
free flow of information, and
promote the global interoperability of networks (International
Strategy for Cyberspace:
Prosperity, Security, and Openness in a Networked World,
2011).
Characteristics of Dorkbot Malware. A “family of malware
worms that typically spreads
through instant messaging, USB removable drives, websites or
social media channels like
Facebook and Twitter. Downloading and installing Dorkbot
malware results in its opening a
backdoor on infected computers, allowing for remote access and
potentially turning the computer
into a botnet” (Stroud, 2019). The “Dorkbot worm gained
publicity in late 2011 for an attack on
Facebook’s chat system, with users receiving a message with a
bogus link that appeared to come
28. from one of their Facebook friends” (Stroud, 2019). In “2012,
Dorkbot targeted Skype users, by
installing ransomware, that would threaten to lock a user out of
being able to use their computer
and demand a payment of several hundreds of dollars be made
within a limited timeframe or
have files on the computer deleted” (Stroud, 2019) . Attribution
is difficult, since Dorkbot can
use backdoors, steal information from victims, and post
malicious links in instant messages and
social media sites (F-secure.com, 2016).
Contributing factors to change characteristics over the next 10
years. 5G Security will
contribute change to all networks, by cross-layer security, end-
to-end security, cross-domain
security, and secure-by-design measures (sdxcentral.com, 2012-
2019). The “5G standard
promises to embody a mobile-connectivity revolution, providing
enhanced broadband
connectivity and speed for a wide swath of customers”
(sdxcentral.com, 2012-2019).
Technologies will counter global cybersecurity policy controls
in the future. The “Center for
Strategic & International Studies (CSIS) Technology Policy
Program has compiled an index of
existing cyber strategies and laws by country and territory. The
index includes national strategies
addressing civilian and military national cyber defense, digital
content, data privacy, critical
infrastructure protection, e-commerce, and cybercrime. This
provides policymakers and
diplomatic officials a unified, at-a-glance database of global
legal and policy frameworks to help
the global community understand, track, and harmonize
29. regulations internationally” (CSIS.org,
2019).
“National regulations obviously do not replace the need for
international negotiations and
agreements on measures to increase stability and security in
cyberspace. CSIS, in partnership
with the UN Institute for Disarmament Research, organized
three expert workshops to open and
broaden the discussion of international norms for responsible
State behavior in cyberspace and to
identify new ideas to support further progress by the
international community” (CSIS.org, 2019).
If countries and territories are willing to collaborate and work
with trust, technologies will
improve with security.
Recommendations. Cybersecurity policy is important because
government, military, corporate,
financial, and medical organizations collect, process, and store
unprecedented amounts of data on
computers and other devices. Policy determine how an
organization will protect its information
and information assets. Best security practices are generally
accepted as superior to any other
methods or means.
In my opinion, there would be no need for security,
cybersecurity, physical security,
information security, application security, operational security
and any other security, if man
would could, consider other as themselves or treat one as one
would like to be treated in return.
30. Assess cybersecurity policies and procedures for transnational
legal compliance.
Global policies are needed for Internet governance, the
decision-making
process for developing secure architectures, technical standards,
administrative
procedures, and best practices at the international level and to
ensure the secure,
resilient operation of the Internet” [ CITATION acl19 l 1033 ].
“Cyberspace now
constitutes the primary domain for global communications and
commerce, it has
become a critical national asset for many nations”. This
“criticality may lead to
reexamination of traditional questions of public international
law and military
doctrine”. The “global nature of communications networks, an
array of public
policy, regulatory, and law enforcement issues that are being
addressed within
independent domestic jurisdictions have wider ramifications for
the United States
and other countries” [ CITATION acl19 l 1033 ]. Transnational
legal compliance
issues must start at the federal government level, and include
the Federal
Information Security Act (FISMA), the Office of Management
and Budget (OMB),
and the NIST Cybersecurity Framework, which provides a
policy framework for
computer security guidance, and how private sector
organizations in the United
States can assess and improve their ability to prevent, detect,
and respond to
31. domestic and global cyber-attacks.
The North Atlantic Treaty Organization (NATO) is a “formal
alliance
between the territories of North American and Europe”.
NATO’s “main purpose is
to defend against the possibility of communist Soviet Union
taking control of their
nation” [ CITATION col19 l 1033 ]. The following
organizations are
“cybersecurity policy making and decision making under
NATO:
The North Atlantic Council,
Defence Policy and Planning Committee,
NATO Consultation, Command and Control Board,
NATO Military Authorities and Consultation, Command and
Control Agency,
NATO Communication and Information Systems Services
Agency” [ CITATION
UMU1925 l 1033 ].
Cybersecurity “challenges for international bodies like NATO,
the United
Nations or the European Union--are unique as determined by the
governing
principles and membership of each body” [ CITATION
UMU1924 l 1033 ]. The
“NATO Policy on Cyber Defence will be implemented by
NATO’s political,
military and technical authorities, as well as by individual
allies” [ CITATION
UMU1925 l 1033 ].
32. Assess and critique cybersecurity programs.
The benefits of a cybersecurity program are “common grounds
for
cybersecurity risk management measures, provides a list of
cybersecurity activities
that can be customized to meet the needs of any organization,
provides a risk-based
approach to identifying cybersecurity vulnerabilities, provides a
systematic way to
prioritize and communicate cost-effective improvement
activities among
stakeholders, and provides a frame of reference on how an
organization views
managing cybersecurity risk management” [ CITATION Cha18
l 1033 ]. No
matter how great our cybersecurity programs are, “The United
States is not close to
raising its defenses adequately and likely will not in the
foreseeable future. Offense
has too great an advantage over defense” [ CITATION aei18 l
1033 ]. The “United
States has the most powerful military in the world, including the
greatest capacities
in offensive cyber. . . [But] the United States significant digital
dependencies mean
that it loses in escalation in cyber because, as President Obama
explained, “our
economy is more digitalized and it is more vulnerable, partly
because we are a
wealthier nation and we are more wired” [ CITATION aei18 l
1033 ].
“Maintaining and improving U.S. technical expertise would be
an effective
33. step towards countering cyberterrorism” [ CITATION
UMU1921 l 1033 ]. The
present cybersecurity programs must educate users, and would
be victims, if we
are going to get ahead of cybercriminals and stop
cyberterrorism.
Assess the cross-cutting effects of policy, budget, and
technological capabilities
upon the ability to address cyberthreats at the enterprise,
national, and
international levels.
“Cross-border enforcement policies, cross-border collaboration
policies and
cross border global enterprise frameworks can limit and
mitigate cyberthreats. The
international levels require more collaboration and
understanding between, states,
nation-states and non-state actors. “Global issues are typically
handled either
through the establishment of a member-state treaty that governs
the issues or
through the formation of a global body that directs activities” [
CITATION
UMU1921 l 1033 ].
The “Internet is a conduit for crime, terrorism, espionage,
intellectual
property theft, and international offensive maneuvers”. The
“Tallinn Manual
provides some broad guiding principles to assist NATO towards
developing
34. strategies and polices, along with the Law of Armed Conflict
(LOAC), the
International Court of Justice (ICJ) and the Permanent
International Court of
Justice (PICJ)” [ CITATION UMU1925 l 1033 ].
Assess policy and technology trade-offs that must be considered
and made when
addressing cyberthreats at the enterprise, national, and
international levels.
Every decision involves trade-offs. “Some of the tradeoffs for
enterprise
would include direct or indirect cyber-security related losses”.
“Direct impact
comes from “successful” breaches achieved by hackers, while
indirect impacts
come from displaced resources, increased caution of moving
forward with the new
technology-enabled innovations and inefficiencies caused by the
necessary cyber-
security reviews” [ CITATION Nel17 l 1033 ]. At the “national
level, tradeoffs
include acknowledging difficulties of defining covered
activities and the technical
difficulties of attribution and verification” [ CITATION aei18 l
1033 ]. At the
International level, tradeoffs might include measures to “reduce
use of offensive
operations in cyberspace as an instrument to advance U.S.
interest” [ CITATION
Dav14 l 1033 ]. The “need to manage multiple common
interests with China or
Russia or any other nation generally requires policy makers to
make tradeoffs”
35. [ CITATION Dav14 l 1033 ].
Assess and critique cybersecurity programs.
The benefits of a cybersecurity program are “common grounds
for
cybersecurity risk management measures, provides a list of
cybersecurity activities
that can be customized to meet the needs of any organization,
provides a risk-based
approach to identifying cybersecurity vulnerabilities, provides a
systematic way to
prioritize and communicate cost-effective improvement
activities among
stakeholders, and provides a frame of reference on how an
organization views
managing cybersecurity risk management” [ CITATION Cha18
l 1033 ]. No
matter how great our cybersecurity programs are, “The United
States is not close to
raising its defenses adequately and likely will not in the
foreseeable future. Offense
has too great an advantage over defense” [ CITATION aei18 l
1033 ]. The “United
States has the most powerful military in the world, including the
greatest capacities
in offensive cyber. . . [But] the United States significant digital
dependencies mean
that it loses in escalation in cyber because, as President Obama
explained, “our
economy is more digitalized and it is more vulnerable, partly
because we are a
wealthier nation and we are more wired” [ CITATION aei18 l
36. 1033 ].
Humans are the weakest link, “Break the people, break the
system”
[ CITATION UMU1921 l 1033 ]. Northrop Grumman, “believes
and recommends
intensive training for organizations with the goal of creating a
global, integrated
battle-management network composed of virtual, real-time,
geographically
distributed battlefield down to the desk level” [ CITATION
UMU1921 l 1033 ].
Anything connected to the Internet is on the frontline. For
example, U.S.
electrical grids, water supply systems, transportation networks,
covered entities,
entertainment, and major broadcasting networks are on the front
line. The United
States cybersecurity program is not up to par, and will not be
able to stop a huge
cyberspace attack, we will just respond and try to recover.
Botnet Evaluation
Evaluation of Botnets.
Botnet Key Features.
A botnet is a “network of computers, or "bots," that are
maliciously infected
with malware that allows them to be controlled as part of a
network”. Botnets “are
used to infect other networks or systems, to launch malicious e-
mail (spam), and to
conduct distributed denial-of-service (DDoS) attacks”. Botnets
“generally leverage
37. computers without the knowledge of the owner, using the
computers to increase the
capacity of the botnet to wreck damages”. As with other
networks, botnets can
operate using several different configurations, including peer -
to-peer, hierarchical,
or hub and spoke”. Botnets “operate under the command and
control of a lead or
central computer”. A “botnet has a bot herder, or botmaster, that
controls botnets
remotely, usually through an Internet Relay Chat (IRC), which
is a means of real-
time communication over the Internet or through peer-to-peer
(P2P) networking
communications”. The “command and control (C&C) occurs at
the server, a typical
bot runs without being detected using covert channel standards,
such as Instant
Messaging to communicate with the (C&C) server” [ CITATIO N
UMU1919 l
1033 ].
Issues associated with Botnets.
The “use of botnets is on the rise. Industry experts estimate that
botnets
attacks have resulted in the overall loss of millions of dollars
from financial
institutions and other major US businesses”. Once “the malware
is on your
computer, it's hard to detect. In addition to your computer being
commanded to
link up with other compromised computers to facilitate criminal
activity, the bot
38. can also collect and send out your personally identifiable
information—like credit
card numbers, banking information, and passwords—to the
criminals running it”
[ CITATION UMU1920 l 1033 ]. Through the “NCIJTF and in
alliance with its
US government (USG) partners, international partners, and
private sector
stakeholders, the FBI has worked collaboratively in developing
a multipronged
effort aimed at defeating the world's most dangerous botnets” [
CITATION
UMU1920 l 1033 ]. It is difficult to combat Internet organized
crime with the
rapid development of mobile devices and their inability to
prevent hackers from
linking them to “botnets and crimeware toolkits” [ CITATION
UMU1918 l 1033 ].
The goal is to educate users, so they are aware of suspicious
links and illegal
Internet activity.
Global Cybersecurity Policy.
Global law enforcement activities can help combat some of the
cybercrimes,
but countries must be willing to work together. The “Council of
Europe
Convention on Cybercrime is the first treaty to cover network
security violations,
copyright infringement, computer-related fraud, and child
pornography”
[ CITATION UMU1921 l 1033 ]. The United Nations Office on
Drugs and Crime
(UNODC) has focused much attention on cybercrime. Its
position is that
39. cybercrime is transnational, and that active transnational
cooperation is needed to
make the investigation of criminal cases feasible, but the
disagreements on matters
such as privacy, intellectual privacy, and criminal prosecution
vary from country to
country, which means years before laws are passed and agreed
upon.
The “ITU created a Global Cybersecurity Agenda (GCA) in
2007 to initiate
a global approach to increasing cybersecurity effectiveness and
reducing risks and
threats in cyberspace”. The “ITU has also created a toolkit for
cybercrime
legislation, to promote strategies for developing cybercrime
legislation that is
globally applicable and interoperable with existing legislative
measures”
[ CITATION UMU1921 l 1033 ].
The United States must work hard and fast to face the number of
cyberthreats critical to the infrastructure. One way is by
“partnership with private
and government sectors, and creation of global agreements” [
CITATION
UMU1921 l 1033 ].
Botnets Evolved over the Years.
There was a time when botnets were a difficult task, but now
“putting
together a botnet is as easy as ABC,123, IoT”. With the
40. “availability and
vulnerability of IoT devices and new advances in malware, it’s
now relatively easy
for botnet owners who know what they’re doing to build botnets
that consist of
hundreds of thousands of devices, allowing hackers to create
massive botnets and
launch massive cyber-attacks” [ CITATION IoT18 l 1033 ].
Botnets Impact on Policy.
Regulatory policies are a must, “but the rapid spread and
evolution of
Internet technologies around the world, make building
consensus on regulatory
policies impossible” [ CITATION UMU1921 l 1033 ]. The
question isn’t if we
need global law enforcement, but how and who will regulate
policy around the
world. The use of bots and botnets have created an emergency
need for the Federal
Bureau of Investigations (FBI), the Secret Service, the National
Counterterrorism
center (NCTC), the Central Intelligence Agency (CIA), the
Department of
Homeland Security (DHS), the National Coordinati ng Center for
Telecommunications (NCC) and the United States Computer
Emergency Readiness
Team (US-CERT) to come together and work together, to solve
these issues.
Assess emerging cybersecurity issues, risks, and vulnerabilities.
The major issue, no one is really concerned with ransom attacks
until they
hit close to home. The average Internet user knows little about
41. cybersecurity, let
alone security. Some of the risk associated with the lack of
concern for security is
no security awareness training for your average user, which
means more personal
cyberattacks, distributed denial of service (DDoS) attacks,
malware attacks, and
Internet of Things (IoT) attacks. In 2019, as technology move to
5G (fifth
generation cellular network technology that provides broadband
access) more
vulnerabilities will hit the market, and attacks will include
“crypto jacking, cross-
site scripting, and mobile malware” [ CITATION DeN19 l
1033 ].
Botnet Discussion
Botnet Discussion
Global Nature of Botnets. The “botnet begins with the infection
process, were codes attach
spam to email or instant messages. The next step is rallying,
were the bot connects to a C&C
server and establishes a zombie. The next stage is commands
and reports, were the bots get new
commands and execute orders and the results are reported to the
C&C server. If the bandwidth is
too low, the bot will abandon by the botmaster. If the bandwidth
is acceptable, the next step is to
secure the botnet, bots and botnets are dynamic and flexible in
nature. Botnets are continuously
being updated and their codes change day to day” [ CITATION
Esl19 l 1033 ]. The stages are
42. sometime referred to as spreading and injection,
communications stage, and the attack stage
[ CITATION Rah14 l 1033 ].
How Botnets have emerged, changed, over past 5-10 years.
Botnet
strategies, technologies, and techniques are constantly evolving
and adapting in response to
mitigation measures [ CITATION int15 l 1033 ].
Key Technical Features of Botnets. Bots “lengths of command
packets are
typically very small, and bots reply to the Botmaster’s command
very fast” [ CITATION
Rah14 l 1033 ]. Botnets are “perfect for striking DDoS attacks,
and attribution or tracing botnet
masters is difficult”. The “cheap and lazy botnets get
dismantled, meaning the ones we have left
are highly resilient against technical and legal take down” [
CITATION Mon16 l 1033 ].
Example Botnets.
1. “Star Wars, known as a twitter botnet. Star Wars sends
unsolicited spam, creates fake trending
topics to sway public opinion, and launches certain
cyberattacks,
2. Hajime, known as a Malware botnet. This Japanese botnet is
protecting IoT devices from
being infected by additional malware,
3. WireX Android Botnet, a malicious app that has been
rampant for years, because the apps
themselves do not appear malicious after users install them,
they evade initial detection,
43. 4. The Reaper IoT Botnet, known to quietly target
vulnerabilities in wireless IP-based cameras
and other IoT devices by running a list of known usernames and
passwords against the device,
5. Satori IoT Botnet, Japanese botnet, Satori botnet spreads by
exploiting a zero-day
vulnerability in routers and use a “remote code” execution bug
instead of relying on a Telnet
scanner to find vulnerable devices to infect with malware” [
CITATION pen17 l 1033 ].
6. “Mirai is a malware botnet known to compromise Internet of
Things (IoT) devices in order to
conduct large-scale DDoS attacks. Mirai is dropped after an
exploit has allowed the attacker to
gain access to a machine” [ CITATION cis19 l 1033 ].
What Contributing Factors may cause Botnets to change, over
the next
10 years. “Cross-border enforcement, cross-border collaboration
can be facilitated by laws that
make botnets and their malicious activity illegal and permit
appropriate information collection
and sharing for mitigation and enforcement”[ CITATION int15
l 1033 ]. “Anti-Botnet Initiatives
like botfrei.de from Germany which detects and notifies
infected customers and provides
disinfection assistance” [ CITATION UMU1919 l 1033 ]. The
“Dutch Anti-Botnet Treaty from
the Netherlands, and the Danish Botnet Memorandum of
Understanding, which recommends the
exchange of relevant tools and information among Internet
44. Service Providers (ISPs), and the use
of quarantine tools to isolate infected computers and the
requirement to notify end users of the
ISPs when botnets are found in their networks” [ CITATION
UMU1919 l 1033 ].
Assess key cyberattack technologies.
The Top ten most common cyber-attacks:
1. Denial-of-service (DoS) and distributed denial-of-service
(DDoS)
attacks. A denial-of-service attack overwhelms a system’s
resources so that it
cannot respond to service requests [ CITATION Mel18 l 1033
].
2. Man-in-the-middle (MitM) attacks
A MitM attack occurs when a hacker inserts itself between the
communications of a client and a server [ CITATION Mel18 l
1033 ].
3. Phishing and spear phishing attacks
Phishing attack is the practice of sending emails that appear to
be from
trusted sources with the goal of gaining personal information or
influencing
users to do something. It combines social engineering and
technical trickery
[ CITATION Mel18 l 1033 ].
4. Drive-by attacks
Drive-by download attacks are a common method of spreading
malware.
Hackers look for insecure websites and plant a malicious script
into HTTP or
PHP code on one of the pages. This script might install malware
directly
onto the computer of someone who visits the site, or it might re-
direct the
45. victim to a site controlled by the hackers. Drive-by downloads
can happen
when visiting a website or viewing an email message or a pop-
up window
[ CITATION Mel18 l 1033 ].
5. Password attacks
Brute-force password guessing means using a random approach
by trying
different passwords and hoping that one work Some logic can be
applied by
trying passwords related to the person’s name, job title, hobbies
or similar
items [ CITATION Mel18 l 1033 ].
A dictionary attack, a dictionary of common passwords is used
to attempt to
gain access to a user’s computer and network. One approach is
to copy an
encrypted file that contains the passwords, apply the same
encryption to a
dictionary of commonly used passwords, and compare the
results
[ CITATION Mel18 l 1033 ].
6. SQL injection attacks
A successful SQL injection exploit can read sensitive data from
the database,
modify (insert, update or delete) database data, execute
administration
operations (such as shutdown) on the database, recover the
content of a
given file, and, in some cases, issue commands to the operating
system
[ CITATION Mel18 l 1033 ].
7. Cross-site scripting (XSS) attacks
46. XSS attacks use third-party web resources to run scripts in the
victim’s web
browser or scriptable application. Specifically, the attacker
injects a payload
with malicious JavaScript into a website’s database. When the
victim
requests a page from the website, the website transmits the
page, with the
attacker’s payload as part of the HTML body, to the victim’s
browser, which
executes the malicious script [ CITATION Mel18 l 1033 ].
8. Eavesdropping attacks
Eavesdropping attacks occur through the interception of
network traffic. By
eavesdropping, an attacker can obtain passwords, credit card
numbers and
other confidential information that a user might be sending over
the network.
Eavesdropping can be passive or active: Passive eavesdropping
— A hacker
detects the information by listening to the message transmission
in the
network. Active eavesdropping — A hacker actively grabs the
information
by disguising himself as friendly unit and by sending queries to
transmitters.
This is called probing, scanning or tampering [ CITATION
Mel18 l 1033 ].
9. Birthday attacks
Birthday attacks are made against hash algorithms that are used
to verify the
integrity of a message, software or digital signature. A message
processed by
a hash function produces a message digest (MD) of fixed length,
independent of the length of the input message; this MD
uniquely
47. characterizes the message. The birthday attack refers to the
probability of
finding two random messages that generate the same MD when
processed by
a hash function. If an attacker calculates same MD for his
message as the
user has, he can safely replace the user’s message with his, and
the receiver
will not be able to detect the replacement even if he compares
MDs
[ CITATION Mel18 l 1033 ].
10. Malware attacks
“Malicious software can be described as unwanted software that
is installed
in your system without your consent. It can attach itself to
legitimate code
and propagate; it can lurk in useful applications or replicate
itself across the
Internet” [ CITATION Mel18 l 1033 ].
Assessing the above cyber-attacks individually can be difficult,
each attack
can cause some loss of either confidentiality, integrity, and or
availability (CIA) of
a network. My best advice is the proper use of “firewalls,
intrusion detection
systems (IDS), intrusion prevention systems (IPS), network
access control (NAC),
web filters, proxy servers, anti-DDos devices, load balancers,
and spam filters”
[ CITATION Net19 l 1033 ]. The proper security policy will
address each specific
attack. For example, the implementation of a strong network
48. security policy,
incident response policy, acceptable use policy, Computer,
Internet and E-mail
usage policy, privacy policy, third-party access policy, account
management policy,
user monitoring policy, and a password management policy will
provide guidance
for each of the above types of threats and attacks.
Botnet Conclusion
Botnets are serious malware attacks, governments, private
sectors and allied
and unallied countries must work together to stop cybercrime
and organizations
that promote use of botnets as a threat. Information security
specialist should
ensure they are well trained are aware of botnet features and
attack measures.
Together we can detect botnets, prevent infections, and identify
when a compute
has been taken over and assist with the clean-up/restore process.
Conclusion
Assess how the theories and principles of war apply to
cyberwarfare and apply
those theories to understand cyberoffense and cyberdefense
challenges.
It is difficult to determine who is attacking who, attribution.
Cyberwarfare is
a “battle for control over information and communication flows,
with the ultimate
goal of taking advantage of your opponent” [ CITATION Rob15
l 1033 ].
Cyberwarfare or “information warfare can be seen as a game,
49. played between
defenders and attackers who are in direct competition”.
“Defenders perform
defensive operations to protect information in any form, seeking
to maintain its
confidentiality, integrity and availability”. “Attackers perform o
ensive operations,ff
seeking to damage that confidentiality, integrity and
availability”. “Cyberspace
blurs the line between o ense, and defense and that this
principle therefore can’t ff
be applied to cyberwarfare” [ CITATION Rob15 l 1033 ].
Understanding how
cyber offensive measures, which deploys a proactive approach
to security using
ethical hacking, and cyber defensive measures, which uses a
reactive approach to
security that focuses on prevention, detection, and response to
attacks is the key to
cybersecurity challenges.
IntroductionAnalyze Global Approaches to
CybersecurityAnalyze critical issues in global cybersecurity
management and policyAnalyze critical issues in global
cybersecurity technology policyAnalyze the principles of
warfare that underpin cyberwarfare theory and
applicationInternational Cybersecurity Threat MatrixThreat
MatrixCompare and contrast international cybersecurity
standards bodiesInternational Environmental
ScanEnvironmental Scan: AfricaIdentify key initiatives in
international cybersecurity policyRegional Cybersecurity Threat
Fact SheetAfrica Fact SheetAssess cybersecurity policies and
procedures for transnational legal compliance.Assess and
critique cybersecurity programs.Assess policy and technology
50. trade-offs that must be considered and made when addressing
cyberthreats at the enterprise, national, and international
levels.Assess and critique cybersecurity programs.Botnet
EvaluationEvaluation of Botnets.Assess emerging cybersecurity
issues, risks, and vulnerabilities.Botnet DiscussionAssess key
cyberattack technologies.Botnet ConclusionConclusionAssess
how the theories and principles of war apply to cyberwarfare
and apply those theories to understand cyberoffense and
cyberdefense challenges.
3/20/2021
1
KAUFT
King King Abdul-Aziz university university
FACULTY OF TOURISMFACULTY OF TOURISM
HUMAN RESOUCES IN
EVENT MANAGEMENT
EM 625
Planning Training Programs
1
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
51. Learning Objectives
By completion of this presentation You should be able
to:
common obstacles to and myths about training.
ples that influence how
training programs should be planned and implemented.
trainer.
Recommended Textbook:
Resources Management in the Hospitality Industry.
and Supervision: Concepts and Practical Applications
2
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
52. Assoc. Prof. Dr. Reda Gadelrab
January, 2021
3/20/2021
2
Brainstorming Group work Activity:Brainstorming Group work
Activity:
erence
between Training and
Development?
………..
………..
………..
3
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Introduction Introduction
amount of time and money into the training and development of
their employees, if they hope to create a positive work
environment
where workers are motivated to consistently produce quality
products and deliver exceptional service.
53. proper
training and development is one of the leading causes of
employee
turnover.
expected of them in
terms
of their job responsibilities, they get frustrated, and frustrated
employees are the employees most likely to make a mental
decision
to look for another job.
4
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
3/20/2021
3
Introduction Introduction
to become frustrated at the workplace
within the first 30 to 60 days of employment
if their manager never clarifies their job
54. responsibilities.
proper hiring decision during the employee
selection process, the manager owes it to
himself, as well as to the new employee, to
provide the employee with ongoing effective
training and development to ensure job
satisfaction as well as professional
development.
5
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Training Now and Development LaterTraining Now and
Development Later
employee and ensures that the right applicant has
been hired for the right position, and then
provides the new employee with a proper
orientation, the employee will still not be able to
perform her job duties in a satisfactory manner.
need proper training to ensure that their job
performance matches company standards.
55. short cuts by hiring only workers who have
previous hospitality industry experience.
6
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
3/20/2021
4
Training Now and Development LaterTraining Now and
Development Later
y industry
experience for upper-level employees in positions
such as sales and marketing or food and beverage
management may be logical, but the practice makes
little sense when selecting entry-level workers,
especially if management’s goal is to make an end
run around the training process.
with the knowledge and the skills required to
operate within the systems and standards set by
management.
-depth and
56. enormously demanding, it is essential to ensure
employee job satisfaction and productivity.
7
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Training Now and Development LaterTraining Now and
Development Later
high employee turnover and the delivery of substandard
products and services.
es do their current jobs more
effectively.
quality and effectiveness of an employee’s performance in
her current position.
and skills to help prepare her to handle future
responsibilities, with less emphasis on her present job
duties.
employee’s present job, while development focuses on
the employee’s potential future advancement within the
company.
57. 8
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
3/20/2021
5
Hospitality Training
ant for
all hospitality personnel
because it is the best way to
assure that staff members
can make maximum
contributions to the
organization’s success.
9
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
58. Labor Intensive
labor intensive.
the need for staff in departments
such as accounting and the front
office, it has not generally
affected the number of
employees required to produce
and deliver the products and
services that guests desire.
10
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
3/20/2021
6
What is Training?What is Training?
that provides new and
currently employed staff
with the short - and longer
59. - term knowledge and
skills required to perform
successfully on the job.
11
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Success of Training
can be demonstrated by
considering the extent to
which knowledge and
skills improve as a result
of the training.
12
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
3/20/2021
60. 7
Training must also be Training must also be Cost EffectiveCost
Effective::
performance gained as a
result of training must be
greater than the costs of
training.
13
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Performance Performance -- based Trainingbased Training
- based training is
best delivered at the job site in one - on -
one interactions between the trainer and
trainee.
training. Why?
focus on what the
individual must learn,
61. best pace for the individual trainee.
14
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
3/20/2021
8
Benefits of TrainingBenefits of Training
15
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
competitive, having competent, well-trained
employees is essential at all levels of employment.
ive training program teach
new employees important skills and knowledge about
62. their positions within the company, but it also helps
to encourage employees to have a positive attitude
toward customer service.
the
training and development of its employees not only
benefits the employees but also management and the
company.
training and development enhance their employees’
capabilities and strengthen their own competitive
advantage over other competing operations.
Benefits of TrainingBenefits of Training
16
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Figure 1: The benefits of employee training
3/20/2021
9
Benefits of TrainingBenefits of Training
63. 17
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Numerous benefits to effective training include:
knowledge and skills to perform required tasks
more effectively, and their on - job performance
can be improved.
performance helps reduce errors and rework,
and associated costs can be reduced. Persons
performing the job correctly will be more
productive, fewer staff and/or labor hours will
become necessary, and this, in turn, can help
reduce labor costs.
members who are more service-oriented and
who will know what their guests desire and
require.
Benefits of TrainingBenefits of Training
18
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
64. Assoc. Prof. Dr. Reda Gadelrab
January, 2021
perform the activities that are part of their
positions will likely feel better about doing the job.
most likely to be promoted to a more responsible
and higher - paying position: a competent or an
incompetent employee? Training can assist staff in
attaining their promotion goals.
their jobs are more likely to work in a team effort,
and all will do their fair share of required work in
the correct way. Staff members who are trained to
perform tasks beyond the scope of their normal
position can also help peers in other positions.
3/20/2021
10
Benefits of TrainingBenefits of Training
19
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
65. January, 2021
their job as best they can, and this is only
possible with appropriate training.
r operating problems: Busy managers can
focus on priority concerns, and they will not
need to address routine operating problems
caused by inappropriate training.
trained and rewarded for successful performance
are less likely to leave, and managers have less
need to recruit new employees in increasingly
tight labor markets.
members feel good about themselves and their
employers.
Benefits of TrainingBenefits of Training
20
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
members are more interested in operating
equipment correctly, in preparing the right
66. products, and in properly interacting with
guests.
family and friends about their positive work
experiences, and their contacts may become
candidates for position vacancies that arise.
are more satisfied and revenues increase and, if
labor and other operating costs are reduced,
there is a significant potential for increased
profits.
3/20/2021
11
Obstacles to Training
and/or trainers to plan for and deliver the
training
their positions to participate in the training
the trainer’ s and trainees ’ time and to acquire
necessary training resources
must be taught how to train, just as they must
be taught to perform any other unfamiliar task.
67. Formal train - the - trainer programs are not
provided by many hospitality organizations.
21
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Obstacles to Training
Excellent trainers are creative, and they would
never elect to not train because supplemental
resources were unavailable. The alternative is to
take time to develop several basic training tools
meet to learn a new way to perform a task? When
can dining room servers be brought together for a
group training session on guest service?
staff members leave within a few months (or less)
of initial employment. Managers may think, “ Why
train employees if they don ’ t remain on the job
long enough to use what they have learned? ”
22
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
68. Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
3/20/2021
12
Obstacles to Training
ad time between one’s hire date and
the time when he or she must be on the job . staff
are trained for expanded position duties, and
recruitment tactics begin for new employees before
a position vacancy has occurred.
g consistency. When
individual trainers plan and deliver training activities
based on what they think staff must know, the what
and how of training will likely be inconsistent.
trainers to want to train. Benefits for successful
training duties can include special privileges,
compensation increases, advancement
consideration, educational opportunities, and/or
recognition.
23
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
69. Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Training MythsTraining Myths
Myths (untruths) about training can create
obstacles. Examples include:
24
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
3/20/2021
13
Myth 1. Myth 1. Training is easy!!!Training is easy!!!
involves a trainee tagging along
with a more - experienced staff
member, it is easy.
and the increased possibility
that basic training principles will
be disregarded increases the
70. likelihood that this type of
training will be ineffective.
25
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Myth 2. Training costs too much!!! Training costs too much!!!
history of inadequate training
that has yielded unsatisfactory
results are unlikely to invest the
resources required to plan and
deliver more effective
training.“Been there; done that;
let’s try something else” is a
philosophy that can easily
evolve.
26
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
71. 3/20/2021
14
Myth 3.Myth 3. Training is a staff function!!!Training is a staff
function!!!
technical specialists who provide
advice to, but do not make decisions
for, people in chain-of-command line
positions.
g is a line function that is too
important to delegate to staff human
resources personnel, if available, who
may assist with recruitment, selection,
and orientation tasks.
27
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Myth 4. Only new staff need training!!! Only new staff need
training!!!
training, but so do their more
experienced peers when, for
72. example, operating procedures
are revised because of
technology or when new
equipment is purchased.
of experience may also want to
participate in professional
development programs.
28
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
3/20/2021
15
Myth 5. There is no time for training!!! There is no time for
training!!!
for the limited time
available to hospitality
managers.
often deemphasized, and
available time is allocated
73. to other tasks.
29
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Learning Principles Drive Training PrinciplesLearning
Principles Drive Training Principles
erous benefits of
training share an old saying: “ An organization pays for
training even if it doesn’t offer it! ”
training takes time to do well, and costs are incurred
to do so.
that, in the absence of
training, wasted time and money occurs because of
errors and rework.
receive the proper quality of required products and
services.
30
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
74. January, 2021
3/20/2021
16
Basic learning principlesBasic learning principles
Learning Principle 1: Trainees Must Want to Learn and Need
Motivation to Do So.
The old adage, “ You can lead a horse to water, but you can ’ t
make it drink, ”
applies here. Trainees must want to learn and, for this to occur,
they must
recognize its worth. “ Because the boss says it is necessary ” is
not a
meaningful reason from the perspectives of most staff. By
contrast, noting
that “ This training is a step in a career - long professional
development
program to help you become eligible for promotion ” will be of
interest to
many trainees.
Learning Principle 2: Training Should Consider the Trainees’
Life and
Professional Experiences.
Many hospitality employees are adults with many useful
personal and work -
related experiences. Good trainers establish a benchmark of
what trainees
already know and can do and build on this foundation of
knowledge and skills.
75. They maximize the worth of training by emphasizing the most
important
subject matter with which the trainee is unfamiliar.
31
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Basic learning principlesBasic learning principles
Learning Principle 3: Trainees Require Time to Learn.
Training takes time. This principle, while seemingly obvious, is
sometimes violated. Consider, for example, that some managers
expect a new staff member to learn necessary tasks by tagging
along with an experienced peer. What happens when there is no
dedicated training time and, instead, both parties are continually
interrupted by ongoing operational demands?
Learning Principle 4: Trainees Should Know the Training
Requirements.
Experienced trainers often use a preview, present, and review
sequence. They tell the trainees what they are going to say
(preview), they tell them the information (present), and they tell
them once again (review). This tactic helps minimize surprises
and
reduces trainee apprehension.
32
76. King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
3/20/2021
17
Basic learning principlesBasic learning principles
Learning Principle 5: Training Should Consider the Trainees’
Attention Spans.
Several short training sessions are generally better than one
long session.
When planning an entire program, consider the complete range
of subject
matter to be presented. Then break the total training
requirement down
into manageable (short) parts to be facilitated in a single
session.
Learning Principle 6: Learning Should Be Paced.
paced learning allows trainees to practice and improve on basic
skills in a
focused way. They can concentrate on one or several skills
rather than on
all skills and, in the process, better learn the correct way to
perform all of
them.
77. Learning Principle 7: Learning Speed Varies for Trainees.
Individualized training allows the trainer to incorporate what
the trainee
knows into and to exclude what the trainee doesn't know from
the
training process. The pace of training can then be
individualized.
33
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Training principlesTraining principles
Training Principle 1: Trainers Must Know How to Train.
A person must be taught how to train, and train - the - trainer
programs are needed to provide necessary knowledge and skills.
Training Principle 2: Training Must Focus on Real Problems.
Frequently, problems (challenges) are encountered that must be
resolved, and training is a useful tactic to do so.
Training Principle 3: Training Must Emphasize Application.
Most people learn best by doing. For example, hands - on
training using
an individualized training program is typically the best way to
78. teach an
entry-level housekeeper to properly perform guest room
cleaning
duties.
Training Principle 4: Training Should Be Informal.
To the extent possible, training should be personalized,
conducted in
the workplace, and allow the trainer to interact with the trainee.
34
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
3/20/2021
18
Training principlesTraining principles
Training Principle5: Training Should Employ a Variety of
Training Methods.
Training that allows for demonstration, practice, and
comparison of written
information (e.g., standards or procedures) with how tasks are
actually done is
more likely to be effective. Group training that uses case
79. studies, small group
interaction, video followed by discussion, and other interactive
techniques will
likely be better received by trainees than will a lecture - only
format.
Training Principle 6: Training Focus Should Be on Trainees.
Good trainers want to address trainees ’ needs. Using difficult
language including
jargon can create problems, as can teaching advanced before
basic skills.
Training Principle 7: Trainers Should Allow Trainees to
Practice.
Skills are typically learned by observing how something is done
and then by
practicing the activity in a step - by - step sequence. After the
task is learned, time
and repetition are often required to enable the trainee to
perform the task at the
appropriate speed.
Training Principle 8: Trainers Require Time to Train.
Training takes time that must be scheduled, and the resources
required for it
must be allocated.
35
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
80. Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Training principlesTraining principles
Training Principle 9: Training Environment Must Be Positive.
Consider someone given training responsibilities who does not
enjoy the
task. This issue can quickly lead to a hostile environment that
lacks the
interpersonal respect that is a prerequisite for effective training.
Training Principle 10: Trainees Should Be Treated as
Professionals.
Experienced staff training their peers should recognize that they
will be
peers with the trainees after the training is completed, and their
responsibility is to use their training skills to help trainees
learn.
Training Principle 11: Trainees Need Encouragement and
Positive
Feedback.
Trainees want to know how the trainer evaluates their
performance during
and, especially, after training is completed.
Training Principle 12: Trainees Should Not Compete Against
Each
Other Contests.
Develop contests in which all trainees who attain specified
standards can
81. win.
36
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
3/20/2021
19
Training principlesTraining principles
Training Principle 13: Trainees Should Be Taught the Correct
Way
to Perform a Task.
Tasks should be taught using the correct work methods on a step
- by -
step basis, with trainer presentation followed by trainee
demonstration.
Training Principle 14: Train One Task at a Time.
Hospitality employees must typically perform many tasks in
their
positions. Tasks should be taught separately, and each should be
broken
into steps taught in proper sequence.
82. Training Principle 15: Train Each Task Using a Step - by - Step
Plan.
The trainer demonstrates the correct way to do the entire task
again
step-by step, and the trainee repeats the correct procedures. He
or she
then practices each step as necessary to yield the appropriate
speed for
task performance.
37
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Training MethodsTraining Methods
38
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
On-the-job-training:
-the-job-training, or OJT, is probably one of the
83. most commonly used training techniques for
hospitality industry front-line employee. Sometimes
this method is called job instruction training, or JIT.
employee while on the job.
tasks they need to perform in order to effectively do
their jobs.
coworker serves as the instructor.
executed, it is very effective because it is one of the
few training techniques that incorporates each of the
learning principles.
3/20/2021
20
Training MethodsTraining Methods
39
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
84. In order to be effective, proper OJT should consist of the
following steps:
Figure 2: Steps in the OJT method
Training MethodsTraining Methods
40
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Problems Associated with OJT:
training
should be patient, have adequate job knowledge, be a good
communicator, have an outgoing personality, and wants to train
others.
a
timetable for instruction and to assemble and set up any needed
materials or supplies.
ce and time. OJT means on the job, so it is
normal to attempt to conduct training during regular business
hours.
This presents a challenge to hospitality business managers
because
85. regular business hours usually mean customers and guests need
to be
served at the same time the OJT is taking place. Management
should
ensure adequate labor is scheduled so that the trainer and
trainee can
have their training session without constant interruptions.
3/20/2021
21
Training MethodsTraining Methods
41
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Job rotation or cross-training:
-training is another effective
training method that is widely used in hospitality
operations.
-train employees in a variety of jobs,
supervisors will often move the trainee from job to job.
Each move is normally preceded by OJT.
86. effective because it gives
workers the ability to perform a variety of jobs at the
workplace and sometimes helps to eliminate the
potential for boredom.
-trained in
laundry, hotel bell-staff may be cross-trained as lifeguards
or as front desk agents, restaurant food servers can be
cross-trained to work the cashier/greeter station, and
kitchen grill workers can be cross-trained to work in the
pantry.
Training MethodsTraining Methods
42
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Job rotation or cross-training:
employees with exposure to a variety of jobs and
provides management with greater flexibility
when assigning tasks.
-training also enables management to run
a smooth operation when employees are on
vacation or absent, because cross-trained
employees can step in and perform the tasks of
the absent employee.
87. -training employees also helps employees
to develop skills and acquire knowledge that may
lend themselves well to potential career
advancements.
3/20/2021
22
Training MethodsTraining Methods
43
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Problems with Job Rotation and
Cross-training:
e greatest problem associated
with cross- training is that employees
sometimes see the process as nothing
more than job loading.
should benefit both the employee as well
as management.
88. urs if the
hospitality business is operating under a
union’s collective bargaining agreement, or
contract.
Training MethodsTraining Methods
44
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Train The Trainer Programs:
organization identifies an existing employee—
or several employees—who has the desire and
some talent for teaching others, and then teach
this person to train other staff members.
the organization, you distribute the knowledge
and create a repository of knowledge within
the organization.
in the trainer program could involve
sending one staff member to an outside
training class to learn about training techniques,
or an experienced manager could train the
trainer in-house.
89. 3/20/2021
23
Training MethodsTraining Methods
45
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Train The Trainer Programs:
teach inexperienced trainers such skills as
how to facilitate a training session, how to deal
with employees who are having trouble
learning, and how to utilize different training
techniques based on learning objectives or
outcomes desired.
budget constraints that many
smaller hospitality operations experience, it is
not always possible to send many staff
members to outside training.
be empowering, and it allows smaller
organizations to become more self-sufficient.
90. Training MethodsTraining Methods
46
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Off-the-job training methods:
-the-job training methods do not necessarily
occur entirely away from the workplace, but this sort
of training is usually provided in a traditional
classroom setting or similar venue.
-the-job training includes lectures, video
presentations, computer-based training, role playing,
case studies, simulation exercises, and self-study.
heavily on communications than on the modeling
approach presented in OJT and job rotation.
-effective
when a large amount of information needs to be
delivered to a sizeable group of trainees.
3/20/2021
91. 24
Training MethodsTraining Methods
47
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Off-the-job training methods:
-employee
orientation when management wishes to cover the
information contained in the employee handbook
with new hires.
an effective way to deliver information.
-ROMs and
videotapes to deliver basic informa tion about
corporate culture as well as more specific, job-
related training.
several languages, which is quite beneficial
considering the cultural diversity of today’s
hospitality industry employees.
Other Training MethodsOther Training Methods
92. 48
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
ng methods available to the hospitality
manager include:
-study, sometimes called programmed learning.
will depend largely upon who is being trained, the level of
the trainee within the organization, what the expected
outcomes are, and whether there are appropriate
materials available and/or skilled trainers to support the
training method chosen.
3/20/2021
25
Other Training MethodsOther Training Methods
93. 49
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Internships:
are preparing for future
careers in the hospitality industry are probably already
familiar with this term. An internship involves learning from
a more experienced employee or employees within the
industry.
tive because it
requires high levels of participation from the trainee and
provides the trainee with high transferability to the job.
advancement are put into formal management training
programs in which, ideally, the trainee will be introduced to
a wide variety of jobs in the organization.
program may spend a month or so in several departments
so he or she is exposed to the various job opportunities
within the organization.
Other Training MethodsOther Training Methods
50
94. King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Role playing:
different
identities. It is a training method that is sometimes used to
change
employee attitudes.
e
supervisor, and the supervisor may assume the role of a male
worker. Both trainees would be given a typical work situation
and
told to respond as they would expect the other to do. This
training technique involves participation and feedback.
itality sales and marketing professionals sometimes
utilize
this training method to help fine-tune their sales presentations
before presenting to an actual client. One trainee would play the
role of the sales manager, and another individual would play the
role of the prospective client.
3/20/2021
26
95. Other Training MethodsOther Training Methods
51
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Case study:
related to the workplace, they learn about
real or hypothetical situations or
circumstances and the actions others have
taken when faced with these situations.
ide from learning about the content
of the case, a case study helps trainees to
develop decision-making skills.
provides some transference as well as
participation through discussion and
feedback.
Other Training MethodsOther Training Methods
52
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
96. Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Self-study:
-study training method is also called
programmed learning.
employees are scattered geographically or
when learning requires little interaction.
be delivered either online via the Internet or
company intranet, or in books and manuals, or
even via CD-ROMs.
-designed materials will provide learner
participation, repetition, relevance, and
feedback.
3/20/2021
27
Characteristics of Effective TrainerCharacteristics of Effective
Trainer
1-Have the desire to train:
97. are several reasons why a trainer might
desire to do so, including:
ognition for a job well
done,
trainers are frequently promoted to
higher level positions within the
department.
53
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Characteristics of Effective TrainerCharacteristics of Effective
Trainer
2-Have the proper attitude about the
employer, peers, position, and the training
assignment.
the importance of staff members and that
provide quality training opportunities to
all employees at all levels will likely
increase the morale of their trainers.
and not so important responsibility, a less
than willing attitude is likely.
98. 54
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
3/20/2021
28
Characteristics of Effective TrainerCharacteristics of Effective
Trainer
3-Possess the necessary
knowledge and ability (skills) to
do the job for which training is
needed.
knowledgeable about and have
the skills necessary to perform
the work tasks for which they
will train others.
55
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
99. Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Characteristics of Effective TrainerCharacteristics of Effective
Trainer
4- Utilize effective communication skills.
Trainers are effective communicators when
they:
(1) Speak in a language that is understandable
to the trainee,
(2) Recognize that body language is a method
of communication,
(3) Use a questioning process to learn the
extent to which a trainee has learned, and
(4) Speak to communicate rather than to
impress. For example, they don’t use unfamiliar
jargon, and they teach new staff members the
meaning of unusual but commonly used terms.
56
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
100. 3/20/2021
29
Characteristics of Effective TrainerCharacteristics of Effective
Trainer
5-Know how to train.
Train Of The Trainer
programs should be
obvious but often is
overlooked.
57
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Characteristics of Effective TrainerCharacteristics of Effective
Trainer
6- Have patience .
know or be able to do during their first
exposure to training.
101. understand that training steps must
sometimes be repeated several times in
different ways.
complete the training quickly; rather, it is
to provide the knowledge and skills the
trainee needs to be successful.
58
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
3/20/2021
30
Characteristics of Effective TrainerCharacteristics of Effective
Trainer
7-Exhibit humor.
often provides a subtle
message to a trainee: “ I am
enjoying the opportunity to
provide training, and I hope you
enjoy it as well. Learning can be
fun, because the process is
102. enjoyable. ”
59
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
Characteristics of Effective TrainerCharacteristics of Effective
Trainer
8-Have time to train.
time, and it must be
scheduled for the trainer
and for the trainees.
60
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Planning Training Programs
Assoc. Prof. Dr. Reda Gadelrab
January, 2021
3/20/2021
31