Executive summary

Ashley Furniture Inc. has to embrace on technologies, practices, and methods designed to

offer protection to computers, networks, data and programs from attack and unauthorized access.

The management has to understand that security is not an investment that brings returns but

rather an expense that hopefully pays for itself in cost savings. It is all about loss prevention and

therefore Returns on Investment can never be used in a security context.

The company can protect its networks from attacks by MAC limiting and filtering, 802.1

xs, disabling unused interfaces and unused application service ports and rogue machine

detection. On its verge of protection, the company will be guided by the Six Principles of

Information Security Management which include: policy, planning, programs, protection, people

and project management

The internet is often considered the cause of cybersecurity issues because it is accessible

to everyone and even criminals can use it harm. Even cloud computing which is courtesy of the

internet has come up with challenges like security and privacy, interoperability and portability,

reliability and availability and performance and bandwidth cost. To manage risks, Ashley

Furniture has to engage in risk analysis because it will aid the business in integrating its security

programs objectives to organizational requirements.

Even the employees have a role to play in promoting cybersecurity.

 They have to Start with passwords such that they can’t be guessed easily

 Learn about phishing

 Contacting the IT department in case of any suspicions

 Always watch out for threats and warnings

 Validate sender’s email address to prevent phishing

 Ashley Furniture Inc. has to embrace contingency planning and vulnerability management

and also ensure that technology and business executives in Ashley furniture industries work

closely instead of developing plans in isolation. To protect its data from loss, corruption, and

disasters by implementing an efficient and effective set of backup operations. It has to embark on

either full backups, copy backups, incremental backups or differential backups.