A Secure Email Strategy For Cyber Tech International

You are an enterprise security architect for a company in a semiconductor manufacturing

the industry, where maintaining competitive advantage and protecting intellectual property, is vital.

You're in charge of security operations and strategic security planning. Your responsibilities

include devising the security protocols for identification, access, and authorization management.

You recently implemented cryptography algorithms to protect the information organization.

Leadership is pleased with your efforts and would like you to take protection methods even

further. They've asked you to study cyber­attacks against different cryptography mechanisms

and deploy access control programs to prevent those types of attacks.

We'd like you to create plans for future security technology deployments, says one senior

manager. And provide documentation so that others can carry out the deployments. A director

chimes in, but you should also devise a method for ensuring the identification, integrity, and

non­repudiation of information in transit at rest and in use within the organization.

As the enterprise security architect, you are responsible for providing the following deliverables.

Create a network security vulnerability and threat table in which you outline the security

the architecture of the organization, the cryptographic means of protecting the assets of the

organizations, the types of known attacks against those protections, and means to ward off the

attacks. This document will help you manage the current configuration of the security

architecture.

Create a Common Access Card, CAC deployment strategy, in which you describe the CAC

implementation and deployment and encryption methodology for information security

professionals. Create an email security strategy in which you provide the public key, private key

hashing methodology to determine the best key management system for your organization.

These documents will provide a security overview of the leadership in your company.



 

IT SYSTEMS ARCHITECTURE

You are a senior-level employee and you must tailor your deliverables to suit your audience: the leadership of the organization. You may choose to use a fictitious organization, or model your organization on an existing organization, including proper citations.



Leadership is not familiar with the architecture of the IT systems, nor are they familiar with the types of threats that are likely or the security mechanisms in place to ward off those threats. You will provide this information in tabular format and call it the Network Security and Vulnerability Threat Table. Refer to this threat table template for guidance on creating this document.



Before you begin, select the links below to review some material on information security. These resources will help you complete the network security and vulnerability threat table.

Network Security and Vulnerability Threats Template



You will identify the IT system assets of the system architecture of your organization. These can be fictitious or modeled after existing architectures. Be sure to cite using APA format. You will identify threats and vulnerabilities to IT system assets and the security mechanisms used to address them.

Below is the table, Note 3 rows, and 13 columns



(IT System Assets /Threats and Vulnerabilities/ Security Mechanisms to Address Threats and Vulnerabilities.) in



LAN security

Availability

Now you’re ready to create your table. Include and define the following components of security in the architecture of your organization, and explain if threats to these components are likely, or unlikely:

LAN security

identity management

physical security

personal security

availability

privacy

Next, review the different types of cyber attacks described in the following resource: cyberattacks. As you’re reading take note of which attacks are most likely to affect the organization. Then list the security defenses you employ in the organization to mitigate these types of attacks. Include this information in your Network Security and Vulnerability Threat Table.

DATA HIDING TECHNOLOGIES.

You will describe to the organization the various cryptographic means of protecting its assets. Select the links below to review encryption techniques and encryption technologies, then provide your organization with a brief overview of each.



Encryption Technologies



- Shift / Caesar cipher;

- Polyalphabetic cipher;

- One time pad cipher/Vernam cipher/perfect cipher;

- Block ciphers;

- triple-DES;

- RSA;

- Advanced Encryption Standard (AES);

- Symmetric encryption;

- Text block coding;

- Data Hiding Technologies.



DATA HIDING TECHNOLOGIES

- Information hiding and steganography;

- Digital watermarking;

- Masks and filtering

These descriptions will be included in the network security vulnerability and threat table for leadership.



CREATING THE NETWORK SECURITY VULNERABILITY AND THREAT

Prepare the network security vulnerability and threat table, in which you outline the following:

- the security architecture of the organization

- the cryptographic means of protecting the assets of the organization

- the types of known attacks against those types of protections

means to ward off the attacks

Create your Network Security Vulnerability and Threat Table, and include it in your submission to the organization.



ACCESS CONTROL BASED ON SMART CARD STRATEGIES

Smart cards use encryption chips to identify the user, their identity, role, and sometimes use their personal identifiable information (PII). Two examples of smart cards are the federal government’s use of common access cards (CAC), and the financial sector’s use of encryption chips in credit cards.



THE EMAIL SECURITY STRATEGY

Provide an overview of the types of public-private key pairing, and show how this provides authentication and nonrepudiation. You will also add hashing, and describe how this added security benefit ensures the integrity of messaging.

Begin preparing your strategy by reviewing the following resources that will aid you in becoming well informed on encryption technologies for e-mail:

- Public Key Infrastructure (PKI)

- iOS encryption

- Blackberry encryption

Then start developing your strategy. Define these strong encryption technologies as general principles in a secure email:



Pretty Good Policy (PGP algorithm)

- GNU Privacy Guard (GPG)

- Public Key Infrastructure (PKI)

- Digital signature

Mobile device encryption (e.g., iOS encryption and Blackberry encryption)

In your report, also consider how the use of smart card readers tied to computer systems might be beneficial in the future enhancements to system and data access protection. This may help you define long-term solutions for your leadership.



Leadership does not know the costs and technical complexity of these email encryption strategies. To further their understanding, compare the complexities of each in relation to the security benefits, and then make a recommendation and a deployment plan.



Note:

Time of deliverable and in-text citation is very important in this paper. This will give me enough to review the paper before submission. I have a week to turn the paper in. Thank you.