M4A1: Research Paper: Annotated Bibliography and Outline

Writer 1080 please

please feedback from other paper

Don't use plagiarized sources. Get Your Custom Essay on
M4A1: Research Paper: Annotated Bibliography and Outline
Get an essay WRITTEN FOR YOU, Plagiarism free, and by an EXPERT!
Order Essay

Very informative and interesting comments. Detailed content. However, you did not cite the source of your data according to APA standards. Please review the link below:

http://owl.english.purdue.edu/owl/resource/560/01/
Any information which is not common knowledge must include in-text citation.

M4A1: Research Paper: Annotated Bibliography and Outline:
create your Final Project Annotated Outline and Bibliography. Review the Final Project description below before you begin work on the outline. The annotated bibliography/outline will include the references you are going to use in the draft and final research paper.

An annotated bibliography is a summary and evaluation of the sources you will be using in your research paper. An annotated outline is a research paper outline with references included in the different sections of the paper to support the outline. The two parts, the bibliography, and outline, are submitted as one document. An example of the annotated bibliography/outlinePreview the document is included here.

You must use at least fifteen independent scholarly resources in the paper, following appropriate APA guidelines and formatted according to the example provided.

******Final Project Milestone: Final Paper***

Write a 15-20 page paper not including the title, abstract, or reference pages. You must cite at least twenty independent scholarly sources to support your position, using appropriate APA format. Your Word document file name should include the assignment number and your last name.

Papers MUST include the following components:

Title Page: Include name, paper title, course title, instructor’s name, and date.
Abstract: A brief discussion of the paper.
Introduction: Discuss the purpose of the paper in succinct, declarative sentences. The introduction should offer a preview of the paper, its value, and be based upon the concepts studied in the course.
Discussion Content: This section should include 3 elements: 1) a brief examination of the issue, concept, or consequences of actions taken, 2) the concepts or theoretical applications that pertain to this topic, and 3) a discussion of your position on this topic, supporting your argument from the text and other appropriate sources. It is highly recommended you make use of appropriate headings to guide your reader.
Conclusion: Include summative paragraphs which include a restatement of key points in your discussion and the recommendation you will make to the fictional company.
References: There should be a minimum of twenty academic references to support your paper. Document all sources according to APA style.

Here is the first paper that was written
Research Paper Topic Proposal
Stacy Knapp
Excelsior College

Information systems security has become one of the biggest issues in this century. After automating most human functions all over the world in various fields such as business, government, education institutions and other various organisations, the next issue becomes how safe are these systems and how can we ensure that the information in these systems stays safe. Currently, the world faces a shortage in personnel to assure security in information systems which is followed by training in schools in fields such as cybersecurity and certifications like ethical hackers to curb the shortage which is presumed to get worse. In this proposal research paper, we will discuss some of the issues, problems and suggested solutions in security pertaining to organisations’ information systems. For our research we will focus on ABC Limited a financial management organisation with a back office and front office software management system and a human resources management system as well as an internal network that connects all the hosts in different branches to the servers.
Issues and Problems in Security of Organisational Information Systems
The biggest issue in an organisational information system is lack of skilled cybersecurity professionals (Hayes 2012). The problem with this is that although the best systems may be put in place to man both the network and software systems, many organisations still do not have enough people to manage the solutions. Cybersecurity as a field is fairly new in schools which makes it a challenge to properly train those in schools and even when they are properly trained, they are still few in numbers. Without enough manpower in ABC Limited, critical cybersecurity alerts will go unnoticed and a threat will be utilised by an attacker to gain unauthorised access and commit the various types of cybercrimes such as a denial of service or deletion of data among many other information systems crimes. Owing to the fact that our organisation is a financial institution where data integrity is very important, such a risk would compromise the entire system.
Another issue is the expensive nature of cybersecurity particularly for start-ups. The costs come from the fact already established that manpower is limited which makes it expensive and that hackers are always looking for new ways to compromise systems and gain unauthorised access (Oriyano 2014). This means that ABC has to keep updating their security systems and also updating the skills of the information systems security personnel. Defence in depth is a system developed by cybersecurity professionals where an information system is split into segments and each segment has in implemented security system control (Oriyano 2014). It may be compared with the physical security of a house, first there is a lock at the gate, then a lock at the front door, then other locks on various other doors inside the house. This is what many organisations use and for ABC to implement such a system, first hardware such as firewalls would have to be acquired which would make it an additional cost to the organisation. Then, there is a principle in information system security that as security improves, functionality reduces making systems slow and inefficient (Oriyano 2014).
The last issue is the abuse of user account privilege. The reason this is a big issue is that it is fairly impossible to train every employee at ABC Limited in cybersecurity. Lack of this training makes them susceptible to social engineering attacks from the internet. Social engineering is where attackers use various tricks to retrieve information from employees like usernames and passwords, operating systems and network privileged information (Oriyano 2014). When attackers have access to such information during their foot printing attack stage, compromising the system becomes very easy for them.

Possible Solutions to the Security of Organisational Information Systems
The issues addressed compromise the integrity and availability of information in organisation information systems. Various solutions have been put forward to address some of these issues. Such issues are such as government legislation and countermeasures where the governments all around the world have put severe punishments for hackers who are caught accessing information from systems that they do not have authorisation. Governments have also promised international cooperation with other governments pursuing hackers across geographical boundaries (Smith 2002). This means that if a hacker from country A has been traced trying to commit a cybercrime to ABC Limited in country B, law enforcement in country B has the legal capability to pursue the hacker all the way to country A.
Another countermeasure is education and training. The Electronic Commerce Council introduced certifications for cybersecurity students such as the Certified Ethical Hacker where a system administrator in ABC Limited can learn and improve his or her skills (Caldwell 2011). The system admin, in this case, learns to keep hackers out by becoming an ethical hacker, commonly referred to as ‘white coat’ (Caldwell 2011). In such a course the students are taught various skills such as reverse engineering where they can discern malware and understand the intentions of a hacker thereby coming up with a means to stop him or her.
Lastly, ABC Limited in an attempt to improve the security of their information systems can actively engage in research. Tech companies such as CISCO are constantly working on hardware that prevents compromise on networks (Carter 2001). By staying up to date with trending tools and training, ABC can continuously improve their systems which would, in turn, ensure that information stays safe. Information Security is not absolute and it takes a number of ways to lower the risk.
References
Caldwell, T. (2011). Ethical hackers: putting on the white hat. Network Security, 2011(7), 10-13.
Carter, E., & Foreword By-Stiffler, R. (2001). Cisco secure intrusion detection systems. Cisco Press.
Hayes, S., Shore, M., & Jakeman, M. (2012). The changing face of cybersecurity. ISACA Journal, 6, 29.
Oriyano, S. P. (2014). Ceh: Certified ethical hacker version 8 study guide. SYBEX Inc.
Smith, A. D., & Rupp, W. T. (2002). Issues in cybersecurity; understanding the potential risks associated with hackers/crackers. Information Management & Computer Security, 10(4), 178-183. 

 

 

 

 

 

 

 

 

 

Security Issues, Problems, and Solutions in Organizational IT Systems

Title Page

  • The title page and all other sections will follow the American Psychological Association (APA) 6th edition standards as described in the Publication Manual (2010).

Abstract

  • The abstract introduces the ideas that the research paper will investigate. It will be a short and concise single paragraph.

Introduction to Information Systems Security

  • The introduction introduces the whole idea of system security in an organisation starting with a brief history of information systems and information systems security. It will explain the essence of cybersecurity in our world today.
  • Kim, D., & Solomon, M. G. (2016). Fundamentals of information systems security. Jones & Bartlett Learning.

Company Summary – ABC Limited

  • The Company Summary details the operation procedures of a financial management institution. It includes a description of the network architecture of their information systems as well as the role of crucial employees who deal directly with the financial and human resource applications.
  • Ayadi, R., & De Groen, W. (2014). Banking business models monitor 2014: Europe.
  • Gumussoy, C. A. (2016). Usability guideline for banking software design. Computers in Human Behavior62, 277-285.
  • Lor, K. W. E., Martin, R., & Hassen, A. O. (2008). S. Patent No. 7,440,573. Washington, DC: U.S. Patent and Trademark Office.

Information System Security Trends and Procedures for Financial Institutions

  • Having understood the general outlook of network and software systems in financial management institutions, this part goes further to establish both the software and network security aspect of information.
  • Viega, J., & McGraw, G. (2011). Building Secure Software: How to Avoid Security Problems the Right Way (paperback)(Addison-Wesley Professional Computing Series). Addison-Wesley Professional.
  • Kankanhalli, A., Teo, H. H., Tan, B. C., & Wei, K. K. (2003). An integrative study of information systems security effectiveness. International journal of information management23(2), 139-154.
  • Eloff, J. H., & Eloff, M. (2003, September). Information security management: a new paradigm. In Proceedings of the 2003 annual research conference of the South African institute of computer scientists and information technologists on Enablement through technology(pp. 130-136). South African Institute for Computer Scientists and Information Technologists.
  • Tsohou, A., Karyda, M., Kokolakis, S., & Kiountouzis, E. (2015). Managing the introduction of information security awareness programmes in organisations. European Journal of Information Systems24(1), 38-58.
  • Carter, E., & Foreword By-Stiffler, R. (2001). Cisco secure intrusion detection systems. Cisco Press.

Issues and Problems with Security in Organisational Information Systems’

  • Introduction to issues and problems with security in organisational IT systems.
  • Smith, A. D., & Rupp, W. T. (2002). Issues in cybersecurity; understanding the potential risks associated with hackers/crackers. Information Management & Computer Security10(4), 178-183.
  • Hayes, S., Shore, M., & Jakeman, M. (2012). The changing face of cybersecurity. ISACA Journal6, 29
  • Shortage of Skilled Manpower
    • Oriyano, S. P. (2014). Ceh: Certified ethical hacker version 8 study guide. SYBEX Inc.
    • Caldwell, T. (2011). Ethical hackers: putting on the white hat. Network Security2011(7), 10-13.
  • High Cost of Security Measures
    • Rowe, B. R., & Gallaher, M. P. (2006, March). Private-sector cybersecurity investment strategies: An empirical analysis. The fifth workshop on the economics of information security (WEIS06).
  • Abuse of User Account Privileges
    • Luo, X., Brody, R., Seazzu, A., & Burd, S. (2011). Social engineering: The neglected human factor for information security management. Information Resources Management Journal (IRMJ)24(3), 1-8.

Potential Solutions to Security Issues Discussed

  • An introduction to the various solutions that have been put forward to address some of the issues in information systems security discussed.
  • Government Legislation and Countermeasures
    • Smith, A. D., & Rupp, W. T. (2002). Issues in cybersecurity; understanding the potential risks associated with hackers/crackers. Information Management & Computer Security10(4), 178-183.
  • Education and Training
    • Oriyano, S. P. (2014). Ceh: Certified ethical hacker version 8 study guide. SYBEX Inc.
    • Caldwell, T. (2011). Ethical hackers: putting on the white hat. Network Security2011(7), 10-13.
  • Research
    • Smith, A. D., & Rupp, W. T. (2002). Issues in cybersecurity; understanding the potential risks associated with hackers/crackers. Information Management & Computer Security10(4), 178-183.

Conclusion

  • The conclusion will provide the reader with a summary of the discussion and findings and will explain how the paper has met what the introduction said that it would (Publication Manual, 2010).

References

  • The proposed references for this paper are included in the annotated bibliography that follows this annotated outline

 


 

Annotated Bibliography

Ayadi, R., & De Groen, W. (2014). Banking business models monitor 2014: Europe.

This article provides an overview of the business model of a financial management institution such as a bank. It explains the technology applied in banks such as the back office and front office systems. In addition it covers an overview of overhead costs in running a business such as in a bank.

Caldwell, T. (2011). Ethical hackers: putting on the white hat. Network Security2011(7), 10-13.

The article explains the concept of having white coat hackers as a means to ensure security in organisations. The idea is built upon a principle that to avoid or kick out a thief you must learn to think like one. It also explains the role of white coat hackers in organisations Information Technology departments and discusses ideas such as network monitoring in detail.

Carter, E., & Foreword By-Stiffler, R. (2001). Cisco secure intrusion detection systems. Cisco Press.

This book covers hardware technology by a corporation known as CISCO. Cisco is dedicated to research and development of network and network security tools and applications. The intrusion detection systems are made in such a way that an administrator gets an alert whenever an attacker tries to compromise the system and responds efficiently and effectively.

Eloff, J. H., & Eloff, M. (2003, September). Information security management: a new paradigm. In Proceedings of the 2003 annual research conference of the South African institute of computer scientists and information technologists on Enablement through technology (pp. 130-136). South African Institute for Computer Scientists and Information Technologists.

This article expounds on the new idea of information system security that computer scientists need to learn in order to remain effective in this new technological era. It predicts the situation of information systems in future and adequately tries to put into perspective the importance of research in the field.

Gumussoy, C. A. (2016). Usability guideline for banking software design. Computers in Human Behavior62, 277-285.

This book is basically a user manual for the requirements of banking software. It comprises what the software should attend to and accomplish. It also describes the manpower requirement in its operation.

Hayes, S., Shore, M., & Jakeman, M. (2012). The changing face of cybersecurity. ISACA Journal6, 29

This journal covers the trends in cybersecurity. It explains that cybercrimes will continue to be a nuisance to organisations globally and cybersecurity experts need to be as good as the hackers themselves in order to be able to prevent, stop or foresee attacks. Hackers invest a lot of resources to breach networks and applications and the same amount of resources should be given in organisations to their information systems departments.

Kankanhalli, A., Teo, H. H., Tan, B. C., & Wei, K. K. (2003). An integrative study of information systems security effectiveness. International journal of information management23(2), 139-154.

This journal contains research on the effectiveness of information systems security on an earlier stage of technology. The journal is important in order to understand how far security countermeasures have changed in the course of time. The journal is intended to show how fast information systems change and why it is important for organisations to keep up.

Kim, D., & Solomon, M. G. (2016). Fundamentals of information systems security. Jones & Bartlett Learning.

This book is basically an introduction to cybersecurity. It comprises a basic description of what information systems require in order to be secure while at the same time conduct their designed operations effectively.

Lor, K. W. E., Martin, R., & Hassen, A. O. (2008). U.S. Patent No. 7,440,573. Washington, DC: U.S. Patent and Trademark Office.

Contains a government patent requirement for a banking software system. Meant to protect citizens against malicious business owners who may apply a system to swindle money from their clients. It covers a variety of banking software operations and properties important in the security discussion of this paper.

Luo, X., Brody, R., Seazzu, A., & Burd, S. (2011). Social engineering: The neglected human factor for information security management. Information Resources Management Journal (IRMJ)24(3), 1-8.

This article explains social engineering as where attackers use various tricks to retrieve information from employees like usernames and passwords, operating systems and network privileged information. It explains the sources of such information and methods to gather it as well as the consequences of an attacker being in possession of such information.

Oriyano, S. P. (2014). Ceh: Certified ethical hacker version 8 study guide. SYBEX Inc.

This is an example of a professional certificate by the EC council. Learners are taught to keep hackers out by becoming an ethical hacker, commonly referred to as ‘white coats’. It describes the topic description of the course, how to do it and how to get the title, ‘certified ethical hacker’.

Rowe, B. R., & Gallaher, M. P. (2006, March). Private-sector cybersecurity investment strategies: An empirical analysis. The fifth workshop on the economics of information security (WEIS06).

This article covers the cost of cybersecurity on organisations and why it is an investment. It compares the money lost in malicious attacks and the amount of money that can be used to invest in proper security measures for small and middle-sized businesses.

Smith, A. D., & Rupp, W. T. (2002). Issues in cybersecurity; understanding the potential risks associated with hackers/crackers. Information Management & Computer Security10(4), 178-183.

This article covers issues in the security of information systems. It explains that after automating most human functions all over the world in various fields such as business, government, education institutions and other various organisations, the next issue becomes how safe are these systems and how can we ensure that the information in these systems stays safe.

Tsohou, A., Karyda, M., Kokolakis, S., & Kiountouzis, E. (2015). Managing the introduction of information security awareness programmes in organisations. European Journal of Information Systems24(1), 38-58.

This article explains the need for employees to be aware of information security in their organisations. It explains what information security is not only a task for the IT department but for the entire company as a whole.

Viega, J., & McGraw, G. (2011). Building Secure Software: How to Avoid Security Problems the Right Way (paperback)(Addison-Wesley Professional Computing Series). Addison-Wesley Professional.

This article describes a step by step procedure of developing a secure software system. Information security cannot be absolute but done correctly according to this article, it can become hectic and costly for attackers to access the system such that they may just give in.

Homework Sharks
Order NOW For A 10% Discount!
Pages (550 words)
Approximate price: -

Our Advantages

Plagiarism Free Papers

All our papers are original and written from scratch. We will email you a plagiarism report alongside your completed paper once done.

Free Revisions

All papers are submitted ahead of time. We do this to allow you time to point out any area you would need revision on, and help you for free.

Title-page

A title page preceeds all your paper content. Here, you put all your personal information and this we give out for free.

Bibliography

Without a reference/bibliography page, any academic paper is incomplete and doesnt qualify for grading. We also offer this for free.

Originality & Security

At Homework Sharks, we take confidentiality seriously and all your personal information is stored safely and do not share it with third parties for any reasons whatsoever. Our work is original and we send plagiarism reports alongside every paper.

24/7 Customer Support

Our agents are online 24/7. Feel free to contact us through email or talk to our live agents.

Try it now!

Calculate the price of your order

We'll send you the first draft for approval by at
Total price:
$0.00

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

We work around the clock to see best customer experience.

Pricing

Flexible Pricing

Our prces are pocket friendly and you can do partial payments. When that is not enough, we have a free enquiry service.

Communication

Admission help & Client-Writer Contact

When you need to elaborate something further to your writer, we provide that button.

Deadlines

Paper Submission

We take deadlines seriously and our papers are submitted ahead of time. We are happy to assist you in case of any adjustments needed.

Reviews

Customer Feedback

Your feedback, good or bad is of great concern to us and we take it very seriously. We are, therefore, constantly adjusting our policies to ensure best customer/writer experience.

See all services