- Providing Business, Agile , and Cyber security Analysis
Concepts and Podcasts through the lens of an Analyst-
Cyber Security Analysis
Cyber security is the protection of computer networks and data from various
of electronic and digital threats. The role of the business analyst in
cyber security is primarily to ensure that the business properly adopts and
employs those policies, tools, and practices.
Breach: Any incident
that results in unauthorized access of data, applications, services,
networks and/or devices by bypassing their underlying security mechanisms. A
security breach occurs when an individual or an application illegitimately
enters a private, confidential or unauthorized logical IT perimeter.
Confidentiality, Integrity, and Availability:
(CIA, also known as the CIA triad): A model designed to guide policies for
information security within an organization.
Defense in Depth: An approach where the protected assets have
multiple independent layers of security. This includes network layers (net
and subnets) as well as general controls such as password protection,
encryption, and access control on assets including data.
Demilitarized Zone (DMZ): A screened
(firewalled) network segment that acts as a buffer zone between a trusted
and untrusted network; typically used to house systems such as web servers
that must be accessible from both internal networks and the internet.
Governance: Security governance is a
framework containing security policies, approach, tools and awareness
programs for achieving the organization’s security objectives. Risk and data
privacy are enforced by security policies.
Hacker: An unauthorized user who attempts to or gains access to an
Service (IPS): Live in the same area of the network as a firewall,
between the outside world and the internal network. IPS
proactively deny network traffic based on a security profile if that packet
represents a known security threat.
to anything that has the potential to cause serious harm to a computer
Phishing: The fraudulent act of
acquiring private and sensitive information, such as credit card numbers,
personal identification and account usernames and passwords. (Pronounced
Identity Theft: The
unauthorized collection of personal information and its subsequent use for
criminal reasons such as to open credit cards and bank accounts, redirect
mail, set up cellphone service, rent vehicles and even get a job.
Ransomware: Using malware to lock up a set
of computer files and asking for payment to the offender to undo the malware
control of the computer files. (analogy to kidnapping and ransom).
Risk: A risk can be defined as the effect
of uncertainty on objectives.
Business Analysis Tools
Business model canvas describes how an enterprise creates, delivers,
and captures value for and from its customers.
Business rules analysis is used to identify, express, validate,
refine, and organize the rules that shape day-to-day business behaviour and
guide operational business decision making.
Core concept model (business analysis): One of six ideas that are
fundamental to the practice of business analysis: Change, Need, Solution,
Context, Stakeholder, and Value.
Data flow diagrams show where data comes from, which activities
process the data, and if the output results are stored or utilized by
another activity or external entity.
describes the entities, classes or data objects relevant to a domain, the
attributes that are used to describe them, and the relationships among them
to provide a common set of semantics for analysis and implementation.
Decision analysis formally assesses a
problem and possible decisions in order to determine the value of alternate
outcomes under conditions of uncertainty.
Document analysis is used to elicit business analysis information,
including contextual understanding and requirements, by examining available
materials that describe either the business environment or existing
is used to identify where, what, why, when, how, and for whom information is
exchanged between solution components or across solution boundaries.
Process analysis assesses a process for its
efficiency and effectiveness, as well as its ability to identify
opportunities for change.
is a standardized graphical model used to show how work is carried
out and is a foundation for process analysis.
SWOT analysis is a simple yet effective tool used to evaluate an
organization's strengths, weaknesses, opportunities, and threats to both
internal and external conditions.
bring stakeholders together in order to collaborate on achieving a
Division of: GMS Consulting and Digital Sales
PHONE: (336) 705-5249
- Business Consulting
- Business Analysis
- Agile Analysis
- Cyber Security