Organizational Security Plan Management

Question: Prepare a security plan that provides security awareness policy using a security policy framework outline and according the Critical Infrastructure document which concentrates on the following integral keywords to cover the necessary elements of an organization security plan. These are: Identify, Protect, Detect, Respond, and Recover. Answer: Introduction The Department of Defense is an organization who is responsible for the full security of the nation. Various important and essential data of the whole nation are stored in the department of defense. The technology of defense is most useful in any type of problems. However there are many threats in the departments of defense. There are different types of threats such as biological threats, cyber attack threats, threats regarding the climate changes and also the crime regarding the transnational (Apte Heath, 2011). A security plan is very essential against those threats. The aim of this particular assignment is to develop a security plan that will provide security awareness policy to the department of defense (De Waal Buys, 2012). Some the necessary elements that are provided in this particular assignment are such as identity, protect, detect, respond and recover. Identify There are several threats and vulnerabilities that may cause in the department of defense. These threats are such as Biological threats The biological threats occur due to the natural calamities such as cyclone, hurricane etc. there should be secure plan for the bio threats. Also the bio weapons are used by the human resource to attack different countries. It is the duties of the defense department to track those threats and find the ways to defeat them (Deshmukh, 2012). This also includes the viruses that are spread throughout the world. Cyber attack The threats regarding the cyber attack are now-a-days become very popular. There are several hackers throughout the world. There are several important files in the department of defense that could create a great attention to the criminals. Climate changes In any type of strategic plan, climate changes became big issues for the department of defense. Tracking the issue like energy footprint creates an interest to the security department of the organization. Protect The protection of the infrastructure of the defense departments is very essential. There are several types of threats that are identified above. There is several ways to create a protection from the bio-threats. Although it is very difficult to identify the exact weather but there should be weather detector which can provide an estimate chances of the natural calamities (Dong Sutton, 2015). Also there should be medicines of all the viruses that may arise in the nations. Cyber attacks become a headache in any organization. There are hackers throughout the world. In any case if the security of the customer can break by the hacker, it will create a major issue in the department of defense. The past records of any people if hacked by any hacker, it may cause great problems in their life. There should be password and antivirus in the system of the department. The password should not be disclosed by any officer of the department. Most of the hacker uses the internet connection to hack the system. The internet security system should be tight in the department of the defense (Hutchinson Price, 2014). The security of the climate changes also should be strong in any organization. Organization should have the sensor and the detecting device that can use to observe the recent changes of the climate. Also there should be available of the medical supplies in the organization every time for any emergency situation. Detect In case of detecting several problems and threats in the department there are some objective such as Training provided to employees Inspect and test the indentified threats Trace the suppliers Qualification of the trusted suppliers are identified Detect and avoid the infected systems In case of detecting the threats before it will arise, the proper training should be provide to the employees of the department. Without a proper training the employees cannot be able to understand the threats. A regular inspection and testing should be following in the department to understand the arriving threats of the organization (Kupiecki, 2015). The suppliers of the organizations are required to trace and only the trusted suppliers should be allowed in the organization. The supplier should be qualified and should contain the required knowledge. The untrusted system should be detect and avoid in the organization. The risk management is also done in the defense organization. The risks are identified such as the data may loss in case of virus arrives in the system (Massingham, 2015). It will provide a great impact on the life of the customers. After analyzing of the risk, it is required to avoid or remove the risk. The security system should be stronger so that no risk could arrive. To regular monitoring of the risk, it is required to implement the risk management system in the organization. Respond A response team should be prepared to detect the problems and the threats of the organization. The responsibilities of the response team are to detect the threats before it is arrived in the organization and find the ways through which the threats can be removed (Rakowska, Valdes-Conca de Juana-Espinosa, 2015). The response team should keep the track of the present and upcoming threats and should take a required action against the threats. The response team should prepare a response plan and all the member of the team should follow the plan. According to the plan all the threats like the climatic changes, bio-threats and the cyber attack should be detect by the response team. The investigation of the threats should be done from the source and also find to remove the threats. Recover The organization should contain a recovery team to recover the disaster arises in the department of defense. The disaster regarding to the biological weather should be recover by creating new techniques. The members of the weather department should be heir to manage the geographical disaster. The techniques used in the recovery of the natural calamities should be according to the type of the disasters. In case of any loss of the infrastructure, the best engineer should be heir in the department of the defense. The disaster created by the man such as nuclear attack of the hacking, should be handled differently. The IT professional should be heir to get reed of the virus infects the system. Also to recover the data that are lost due to the viruses should be tried to recover. The manager of the organization should take care some of the situation that have arises by creating any problems to the customers (Vasilache, 2014). The proper security should provide to the customers in case of any problem arises. Recovery team should use some strategies and needed to keep the backup plan for the files and the record of the organization so that all the files can be get recovered easily by using the backup (Wendel, 2014). IT specialist should be required in case of restoring the files from the backup. Conclusion From the above discussion, the conclusion can be done that the organization should always prepare for any of the threats which can be manmade of can be geographical. To recovery of the threats that have arrived through hacking should be handled by the IT specialist and tried to recover the files and the records of the past years if required. The geographical threats like the natural calamities and the climate changes should be handled by the weather specialist. Also the response team should require investigating the current and the upcoming threats of the organization. This team will responsible to identify the threats and to find the ways through which the threats can be removed. References List Apte, A., Heath, S. (2011). Request and Response Processes for Department of Defense Support during Domestic Disasters. Journal Of Homeland Security And Emergency Management, 8(1). doi:10.2202/1547-7355.1824 De Waal, J., Buys, A. (2012). INTEROPERABILITY AND STANDARDISATION IN THE DEPARTMENT OF DEFENCE: AN EXPLORATORY STUDY. The South African Journal Of Industrial Engineering, 18(1). doi:10.7166/18-1-140 Deshmukh, D. (2012). A Brief Study of Defence Mechanism. IJSR, 3(7), 128-129. doi:10.15373/22778179/july2014/42 Dong, B., Sutton, R. (2015). Dominant role of greenhouse-gas forcing in the recovery of Sahel rainfall. Nature Climate Change. doi:10.1038/nclimate2664 Hutchinson, M., Price, D. (2014). On the continued acceleration of bomb casing fragments following casing fracture. Defence Technology, 10(2), 211-218. doi:10.1016/j.dt.2014.06.001 Kupiecki, R. (2015). The Promise of NATO Defence Planning. Security And Defence, 6(1), 5-14. doi:10.5604/23008741.1152445 Massingham, P. (2015). Knowledge Accounts. Long Range Planning. doi:10.1016/j.lrp.2015.02.003 Rakowska, A., Valdes-Conca, J., de Juana-Espinosa, S. (2015). Affecting Factors of Public Employees Ganizational Commitment. Ijsr, 3, 5. doi:10.17951/ijsr.2014.3.0.5 Vasilache, A. (2014). Great power governmentality? Coincidence and parallelism in the new strategic guidance for the US Department of Defense. Security Dialogue, 45(6), 582-600. doi:10.1177/0967010614552543 Wendel, J. (2014). U.S. Department of Defense deems climate change a national security threat. Eos, Transactions American Geophysical Union, 95(43), 392-392. doi:10.1002/2014eo430004