This is a two parter a bibliogarphy and a 21 page paper to go with the current topic in which you are working on. Everything must be in APA format and cannot exceed 25% of originality (plagerism). Att

Identify organizational security risk exposure; identify cost-effective mitigation strategies; and prepare for recovery strategies

The modern technology has enabled business organization to be creative, reach new customers and expand the business. There exist threats to this usage of modern technology by business organizations. This threat is cyber criminals who are finding avenues to access organization data unlawfully. The most security risk exposer that exists in business organization includes;

Organization with weak security- Some business organization spends more resources in acquisition latest technology but spend less in providing adequate securing the same technology. This is vulnerability cyber criminals utilize to attack organization technology. To mitigate on this risk, business organization should spend considerable amount in securing the technology equipment. The priority ought to be given to the most sensitive data storage facility that the organization stand a chance of suffering losses in event the attack occurs.

Social media attack- Cybercriminals target websites of social media which organization members always visit and they infect the websites. Social media has become the most common way business and their clients as well as the employees interact. Without proper security on these platforms, attackers may use water holing to gain access to organization data.

Overlooking Proper Configuration- Usually large data tools are supplied with capability customized to meet the specifications of the specifications of the organization. Firms that ignore the correct configuration the security settings, they are usually prone to be attacked. This happened due to allowing one or few of important functionality to operate instead of the entire package. To lessen against this risk, firms should do proper configuration of security settings and ensure functionality of the package is working properly.

Usage of outdated security software- The basic way of protecting data is through continuous update of the security software. Organizations that ignore this primary security management procedure is prone to attack. To mitigate this risk, business organizations need to routinely update their security software to keep cyber criminals away.

Analyze concepts of information security, personnel security, and physical security, and determine the planning approaches to prevent business losses

Information security

Sterling, (2012) states information security an aspect of preventing access, use, disruption, inspection, recording and modification of information. Information security generally refers to any form of data be either physical or electronic. The main aim of information security is the protection of integrity, availability and confidentiality of data and at the same time ensuring productivity of the organization is maintained. These two objectives are achieved through establishment of appropriate risk management processes.

Personnel security

Personnel security is a policy and procedures that business organizations put in place to lessen the peril of workers of an organization using their genuine access to properties/ assets of an organization but for unapproved reasons.

Physical security

Physical security refer to the safety undertaken by business organization or any institution towards the hardware, data, networks and human resource from actions that may damage or loss in an organization. Physical security entails protection of institution properties against risk such as theft, natural disasters, terrorism and vandalism.

Distinguish between traditional criminal justice roles, functions and concepts as a reactive institution to the security roles as a preventive societal institution

Traditional criminal justice over the years has been in operation and they have performed many roles in the society. This form of justice involves the state and the community in the process of alleviating behaviors that are not acceptable in the society. Traditionally, to alleviate bad behaviors done by individuals, the offender is punished and therefore justice is seen to be done to both the offender and the victim.

Traditional criminal justice systems in many countries has been defined as informal system and they operate at edge of formal sector but most countries have incorporated the traditional justice systems into legal systems to solve issues in the current legal system in order to build a society that is forgiving and that enhances peace among the members of the society.

Traditional justice system plays a role in decentralizing of dispute resolution mechanisms to local areas. The main contribution of this system is the promotion of dispute prevention as opposed to the formal justice system.

Effective traditional criminal system contributes towards preventive societal institution since the system is able to address disagreements efficiently at a community level. There exist positive traits innate in a community where the justice is delivered. Such traits include sense of belonging, trust and acceptance even during the time of the conflict between different parties. Where a conflict is addressed but traits such as trust exist, a strong value of relationship develops and thus contributing towards the prevention of criminals in that society.

Reference

H.W.O, Okoth-Ogendo, ‘The Tragic African Commons: A Century of Expropriation, Suppression and Subversion,’ University of Nairobi Law Journal Vol. 1 (2003), pp.107-117

Ten Napel, Novealthy, Mano. "Wearables and Quantified Self Demand Security First Design." Wired.com. Conde Nast Digital, 2015

Sterling, B. "Spear-phishing and Water-holing." Wired.com. Conde Nast Digital, 10 Oct. 2012

Krebs, Brian. "The Target Breach, By the Numbers." Krebs on Security RSS. Krebs on Security, 14 May 2014