Corporate Compliance and Fraud Analytics

The IDS is useful in determining any change in the security state of the firm’s server, while at the same time recognizing anomalous contents transitioning between the information system network. The dysfunctional IDS was inadequate to address the several threats that had been detected (Cherdantseva, 2016). The system did not send alert to management to take any combative measure. Mostly, the risks associated with dysfunctional IDS is the inability to identify threats when the threats attack. The IDS automatically review the logs and audits the data which is useful in the management of the systems. iii) Risks associated with poor management of the incident report systems According to the evaluation of the processes of the system, it was realized that there had been several attempts to defraud the firm.

However, they were suspected, no combative policy was contemplated on the risks. Efficient incident report systems ensure that all security threats are identified, evaluated and mitigated. Poor incident report systems are a characteristic of a collusive attempt by the information technology personnel to address the matter seriously. Moreover, it shows how weak the department was in discharging their roles of securing the information systems of the firm. A correctly implemented IDS will automatically generate an alert notification about the breach of any security policy with the system’s architecture. IDS is crucial because it is capable of recognizing and reporting any alterations that are made to the file data in the system. Also, If the IDS is functional, it will help in providing a basis through which management of the system security can be undertaken.

IDS assist system administrators with easy tuning, organization and efficient auditing trails and other logs which might be hard to parse. Besides, the IDS should be complemented with a restricted systems access through locks especially after given period of inactivity, only resumes upon meeting the predetermined conditions (Kukreja, 2015). In conclusion, the firm should establish an incident response plan that will adequately address any imminent threat, as well as conduct investigation and provide mitigation measures. iv) Conducting periodic audit to block unused email accounts of former employee The management should see to it that accounts of departing employees are deactivated as soon as they leave the organization. Usually, the human resource management should maintain a close link with the IT department to ensure that these accounts are terminated as soon as it is realized the owners are not part of the firm.

Such a plan will protect the firm’s information systems from being phished by the leaving employees. In conclusion, the firm must take immediately terminate accounts of employees who are leaving the organization. This hacking typology does not care about the dynamism of the IP addresses. Some of the types of hacking types under this classification include the hijacking and impersonation which is usually implemented through the method of eavesdropping (Sabillon et al, 2016). ii) Denial of Service (DoS) DoS refers to a plot by the hacker launches an attack on an instant messenger. A partial DoS attacks are only useful if cause the user computer to hang, or instead occupy a more prominent space of the processor causing the computer to slow and eventually become unstable.

Typically, hackers would flood several instant messages on the target computer system. Usually, JavaScript may be used to alter the address bar once the target computer is directed to the desired host. This method is known as website forgery (Sabillon et al, 2016). Identification of selected ‘red flags’ (risk indicators) that could evidence potential external cyber threats or activity, specifically about the computers and networks within the firm the following are some of the red flag indicators pertinent in the administration of the computer and related computer network within an organization. i) Phishing and spear phishing are cyber-attack threats. The indicators include emails, misspelled URLs, and generic greetings. Hackers can use the media to access the computer system. Re-flag indicators include recognition of unfamiliar removable media on strategic locations so that personnel can pick up, or sending removable devices to staff as a prize or free product trial.

v) Unpatched or outdated software expose computer system to security vulnerabilities. Some of the indicators include unauthorized system access attempts, illegal data storage or transmission and storage, unauthorized modifications on the hardware and software as well as unauthorized access to the system or information disclosure. The correct procedure for staff to follow, should they suspect a cyber-security threat to the firm A prepared information technology department must establish a security threat response plan. This evidence could be backed up by hard drives or disks. v) Notify the external agencies where appropriate especially consumer and the general public that should be aware of the status of the company. It is essential that all external communications are coordinated with the legal representative. vi) Recover systems: the staff should be able to recover the system to operate.