Information Security Program Survey Essay Example | Topics and Well Written Essays - 1000 words

Information Security Program Survey - Essay Example Since the NASA needs to manage highly sensitive data, information, strategic plans, and space programs, the organization pays particular attention to its information security program. This paper will analyze NASA’s information security program focusing on aspects like strategic fit, breadth and coverage, program deficiencies or implementation issues, and stated costs and benefits. NASA Information Security Program The NASA IT Security (ITS) Division operations under the control the Chief Information Officer to manage security projects and thereby to mitigate vulnerabilities, improve obstacles to cross-center collaboration, and to provide cost effective IT security services for supporting the agency’s systems and e-Gov initiatives. The ITS Division works to ensure that IT security across the organization meets integrity and confidentiality to enhance disaster recovery and continuity of operations. â€Å"The ITS Division develops and maintains an information security pro gram that ensures consistent security policy, indentifies and implements risk-based security controls, and tracks security metrics to gauge compliance and effectiveness† (IT Security Division). This Division also performs periodical audits and reviews to make certain that security policies and procedures meet accepted standards. It is clear that NASA extensively relies on information systems and networks to manage its activities such as scientific discovery, aeronautics research, and space exploration. Since many of these information systems and networks are interconnected using internet, they are more likely to be threatened by cyber attacks from different sources. While analyzing the strategic fit of the NASA’s information security program, it seems that the program cannot well support the organization’s goals and objectives due to several security pitfalls. Although the organization has achieved significant advancements in information security program manageme nt and security control implementation, it is still vulnerable to cyber attacks. According to the GAO report, NASA has not always implemented proper control measures to ensure the confidentiality and integrity of its systems and networks that support the organization’s mission directorates. As a result, the organization often fails to sufficiently prevent, restrict, and detect unauthorized access to its systems and networks (GAO). The major pitfall of the NASA’s information security program is that it has not been consistent in identifying and authenticating users and limiting user access to its key systems and networks. The organization cannot effectively encrypt its network services and data and often fails to protect its network boundaries. It is alarming to note that the organization has even failed to protect its information technology resources physically. In addition, shortcomings in the auditing and monitoring of computer-related events also contributed to the organization’s information security inefficiency. The organization also faces challenges in effectively segregating incompatible duties and managing system configurations. The key reason for those inefficiencies in NASA’s information security program is that the organization is yet to implement some key activities to make certain that control measure are appropriately developed and functioning efficiently. The organization does not give specific focus to complete assessment of information secur

Leadership and Motivation Assignment Example | Topics and Well Written Essays - 4750 words

Leadership and Motivation - Assignment Example A leader moves through a continuous process wherein he moves from accomplishing one goal to another keeping in mind the best interest of the group. Clark defines it as follows: â€Å"Leadership is a process by which a person influences others to accomplish an objective and directs the organization in a way that makes it more cohesive and coherent. Leaders carry out this process by applying their leadership attributes, such as beliefs, values, ethics, character, knowledge, and skills†. Stogdil echoes the same definition noting leadership’s three dimensions. First, leadership is defined as a process that is interpersonal wherein the leader steps in to direct the behaviors of his members. Next, the leadership is put in a social setting wherein the members are the subordinates or the ones obeying the leader. Lastly, effective leaders achieve goals for the whole. Leadership has gained much attention that research has been devoted to it. Yukl presents a comprehensive collection of studies on leadership, identifying various approaches. He discussed the Trait approach, which is based on the belief that some are born to be leaders as they are endowed with certain traits not possessed by other people. The behavior approach studies the leader’s typical pattern of behaviors to manage and lead. The power-influence approach takes on a more leader-centered perspective in that power is used not only to manage members of the group but also to convince peers, superiors or others who are not part of the organization to see the perspective of the leader.