- Providing Business, Agile , and Cyber security Analysis Concepts and Podcasts through the lens of an Analyst-

Cyber Security Analysis

Podcasts | Home
image Cyber security is the protection of computer networks and data from various of electronic and digital threats.  The role of the business analyst in cyber security is primarily to ensure that the business properly adopts and employs those policies, tools, and practices.
 



Cyber Security Analysis Terms

Breach: Any incident that results in unauthorized access of data, applications, services, networks and/or devices by bypassing their underlying security mechanisms. A security breach occurs when an individual or an application illegitimately enters a private, confidential or unauthorized logical IT perimeter.
Confidentiality, Integrity, and Availability: (CIA, also known as the CIA triad): A model designed to guide policies for information security within an organization.
Defense in Depth: An approach where the protected assets have multiple independent layers of security. This includes network layers (net and subnets) as well as general controls such as password protection, encryption, and access control on assets including data.
Demilitarized Zone (DMZ): A screened (firewalled) network segment that acts as a buffer zone between a trusted and untrusted network; typically used to house systems such as web servers that must be accessible from both internal networks and the internet.
Governance: Security governance is a framework containing security policies, approach, tools and awareness programs for achieving the organization’s security objectives. Risk and data privacy are enforced by security policies.
Hacker: An unauthorized user who attempts to or gains access to an information system.
Intrusion Prevention Service (IPS): Live in the same area of the network as a firewall, between the outside world and the internal network. IPS proactively deny network traffic based on a security profile if that packet represents a known security threat.
Threat: Refers to anything that has the potential to cause serious harm to a computer system.
Phishing: The fraudulent act of acquiring private and sensitive information, such as credit card numbers, personal identification and account usernames and passwords. (Pronounced like “fishing”.)
Identity Theft: The unauthorized collection of personal information and its subsequent use for criminal reasons such as to open credit cards and bank accounts, redirect mail, set up cellphone service, rent vehicles and even get a job.
Ransomware: Using malware to lock up a set of computer files and asking for payment to the offender to undo the malware control of the computer files. (analogy to kidnapping and ransom).
Risk: A risk can be defined as the effect of uncertainty on objectives. 





Business Analysis Tools

Business model canvas describes how an enterprise creates, delivers, and captures value for and from its customers.
Business rules analysis is used to identify, express, validate, refine, and organize the rules that shape day-to-day business behaviour and guide operational business decision making.
Core concept model (business analysis): One of six ideas that are fundamental to the practice of business analysis: Change, Need, Solution, Context, Stakeholder, and Value.
Data flow diagrams show where data comes from, which activities process the data, and if the output results are stored or utilized by another activity or external entity.
Data model describes the entities, classes or data objects relevant to a domain, the attributes that are used to describe them, and the relationships among them to provide a common set of semantics for analysis and implementation.
Decision analysis formally assesses a problem and possible decisions in order to determine the value of alternate outcomes under conditions of uncertainty.
Document analysis is used to elicit business analysis information, including contextual understanding and requirements, by examining available materials that describe either the business environment or existing organizational assets.
Interface analysis is used to identify where, what, why, when, how, and for whom information is exchanged between solution components or across solution boundaries.
Process analysis assesses a process for its efficiency and effectiveness, as well as its ability to identify opportunities for change.
Process modelling is a standardized graphical model used to show how work is carried out and is a foundation for process analysis.
SWOT analysis is a simple yet effective tool used to evaluate an organization's strengths, weaknesses, opportunities, and threats to both internal and external conditions.
Workshops bring stakeholders together in order to collaborate on achieving a predefined goal.


Home
               

                                   











 

The Analyst

Division of:  GMS Consulting and Digital Sales
PHONE: (336) 705-5249
Services:
  • Business Consulting
  • Business Analysis
  • Agile Analysis
  • Cyber Security Analysis