Research one countermeasure or information security service that is available today for information assurance. Evaluate it based on the specifications and reviews. Identify who would use this particular countermeasure or service and why it would be appropriate for their needs. Illustrate this using an example of an online activity (e.g., banking, shopping) that could use this countermeasure. Create a visual representation in MS Visio of the activity to include in your short paper. Provide a short description of the visual representation, identifying the various information assets and the information states that pose vulnerability. How would the countermeasure that you identified apply? What vulnerability would it mitigate? What are its limitations?
The use of Information technology in business is considered as a path for successes. Also, with the
increase in technology new innovative ways of shopping and banking has been introduced such as
online shopping and E- banking. These type of innovative ideas benefit both the customer and the
companies. However, it also provides opportunities for cyber-attacks which results to accessing
the private data, also stealing and manipulating it. As the need and dependency of Information
Technology are being increased all over the world, the threats posed against it also tend to increase.
These threats may impact any organization in a bad way. Information Technology systems and
data are defenseless against many attacks such as cyber-attacks, accidental human errors, failures
of equipment, environmental disasters etc. Hence to protect the data or for attaining the
information assurance, certain countermeasures are introduced. These measures are implemented
by the companies so that any kind of threat can be handled.
This study resource was
Threat Intelligence Services
In the recent years, there have been many reports of cyber-attack on the companies. The
attackers are becoming innovative day by day. Many attackers use malware, control protocol
methods and keep on updating their products to keep themselves ahead of security professionals.
However, there are certain countermeasures followed by the Entrepreneurs for information
security. The list of these information security services is long and distinct. But according to ESG
research the most popular or the highly used security measures are Threat Intelligence services
(Jon Oltsik, 2012). The idea behind the Threat Intelligence Services is to provide the companies
with the ability to detect the threats and acting upon them in a timely manner. These services also
helps in the improvement of following areas:
Understanding the upcoming attack in the background.
Improving the efficiency of detecting and responding to the attack.
The detection time gap decreases so that response can be given quickly.
The below image shows how the Threat intelligence services works in a cyclic manner in
Threat Intelligence Cycle (Source: https://krypt3ia.wordpress.com/2014/10/02/the-threatintelligence-
This study resource was
These intelligence services are new to the security industry and are mostly provide by the
third party companies such as Accenture, HCL, and Dell etc. These services are sold to the
organizations on a subscriptions basis and are delivered by the cloud platform. Since they are
costly services, at present they are only geared towards the larger enterprises. In the near future
when the cloud market comes down so does these services cost.
Online Shopping activity
Now considering a real time scenario, an online shopping activity. It has almost become a
frequent activity in our daily lives. Many people prefer this as this is an easy way to shopping.
Customers enter their personal data also their banking information into company’s website
regarding payment of a specific product they are going to buy. But in online shopping or Ebanking
there exists a threat of personal information theft, stealing bank accounts information.
These risks should not be taken lightly as they can devastate both the customer and the organization
which may also affect the reputation of the organization in the market. This is not at all accepted.
This is where Threat Intelligence services come in. These services are used for analyzing,
collecting and also filters the data about the rising threats and produces this information to
automated security control systems in the form of data feeds and also provides a management
report to the organization. It handles threats like advanced persistent threats as well as common
malware like viruses, Trojan horses etc. Learning about these threats gives a better chance to the
organization in blocking the security holes. Also, Threat Intelligence services help in improving
the efficiency of the security staff maintained in the organization (Ed Tittel, n.d.). The figure shown
below represents how Threat Intelligence Services works in an online shopping activity.
For defending against highly sophisticated attackers, enterprises need to adopt their
security methods. Adding Threat Intelligence Services to the enterprise helps in prioritizing
security activities. AS the threat grown much more complicated day by day, these services will
continuously grow, enhance and much more importance will be given to them in the near future.
Thus, we will be seeing the usage of these services in almost every enterprise organizations. As
these services provide the data sheets and management reports of the threats it analyzed, it will
become easier for the security department for taking the action against these threats.
This study resource was
shared via CourseHero.