Global Cybersecurity Environment ReportAbstractCMP 620

Global Cybersecurity Environment Report
Abstract
CMP 620 5041 Cybersecurity Governance
Table of Contents
Introduction............................................................................
........................................................3
Analyze Global Approaches to
Cybersecurity..........................................................................
..3
Analyze critical issues in global cybersecurity management and
policy....................................3
Analyze critical issues in global cybersecurity technology
policy..............................................4
Analyze the principles of warfare that underpin cyberwarfare
theory and application..............4
International Cybersecurity Threat
Matrix................................................................................5
Threat
Matrix......................................... ............................................
..........................................5

Compare and contrast international cybersecurity standards
bodies.........................................8
International Environmental
Scan........................................................................................
.......9
Environmental Scan:
Africa.....................................................................................
....................9
Identify key initiatives in international cybersecurity
policy.....................................................10
Regional Cybersecurity Threat Fact
Sheet................................................................................11
Africa Fact
Sheet......................................................................................
..................................11
Assess cybersecurity policies and procedures for transnational
legal compliance...................13
Assess and critique cybersecurity
programs..............................................................................1
4
Assess the cross-cutting effects of policy, budget, and
technological capabilities upon the
ability to address cyberthreats at the enterprise, national, and
international levels................15
Assess policy and technology trade-offs that must be considered
and made when addressing
cyberthreats at the enterprise, national, and international

levels.............................................15
Assess and critique cybersecurity
programs..............................................................................1
6
Botnet
Evaluation...............................................................................
.........................................16
Evaluation of
Botnets...................................................................................
..............................16
Botnet Key
Features..................................................................................
.............................16
Issues associated with
Botnets...................................................................................
............17
Global Cybersecurity
Policy.....................................................................................
.............17
Botnets Evolved over the
Years......................................................................................
........18
Botnets Impact on
Policy.....................................................................................
..................18
Assess emerging cybersecurity issues, risks, and
vulnerabilities..............................................19

Botnet
Discussion...............................................................................
..........................................19
Botnet
Discussion...............................................................................
...................................19
How Botnets have emerged, changed, over past 5-10
years.............................................19
Key Technical Features of
Botnets...................................................................................
..19
What Contributing Factors may cause Botnets to change, over
the next 10 years.......20
Assess key cyberattack
technologies......................................................... ...................
..............20
Botnet
Conclusion..............................................................................
..........................................22
Conclusion.................................................................... ..........
......................................................23
Assess how the theories and principles of war apply to
cyberwarfare and apply those theories
to understand cyberoffense and cyberdefense
challenges........................................ .................23

References..............................................................................
........................................................24
Table of Contents
Introduction
Global Approaches to Cybersecurity
There is no need to buy more resources and products, we will
never manage every single
threat, and there will be security gaps between products.
Concerning detection, malware moves
to quickly and it could take days, months to remedy the
problem. The correct approach,
“prevention and consolidation, it looks at the entire
organization and focuses on creating a single
architecture that covers all environments and is managed by a
unified platform”. It “keeps every
entry point to the organization secured all the time, be it the
traditional network, the data center,
mobile devices or the cloud server”. The “attack indicators are
shared among all environments”.
All “technologies are synchronized to provide multiple-layers of
protections, and all entry points
are protected with no security gaps between”. There is also a
need to deliver actionable threat
intelligence between every device, network, branch office or
endpoint, so that even if one
environment will be targeted – all the others will be able to
identify the same threats and block
it” [ CITATION For17 l 1033 ].
The “Global Conference on Cyberspace (GCCS), recommended

a cybersecurity approach
that includes the three cyberspace powers, the United States,
China & Russia”. In this approach,
the “multi-stakeholder model mirrors the traditional technical
management of the Internet, which
has proven to be very effective in maintaining the resilience of
cyberspace”. It is a “bottom-up
consensus, fosters a collective sense of management, and
stresses the promotion of trust and
international cooperation”. At this present time, the United
States, China & Russia “have not
agreed on a common treaty to harmonize national laws or
facilitate cooperation in cyberspace”
[ CITATION wef15 l 1033 ].
Analyze Global Approaches to Cybersecurity
Analyze critical issues in global cybersecurity management and
policy
There are no global cybersecurity policies to manage or stop
Nation-states
associated with cyberthreat actors, like, Russia, China, and Iran
(UMUC, 2019).
The United States policies for cybercrime and cyberwarfare do
not apply to state
actors. Cybersecurity policies have no international legal
frameworks that can be
managed globally and with trust. Some of the critical issues at
hand are the absence
of “international frameworks and standards, the lack of sharing
global data about
security incidents, an international approach to developing
offensive cyber
capabilities by both state and non-state actors, and the
importance of global

government decision-makers” collaborating on cybersecurity,
cybercrime,
cyberdefense, and cyber awareness [ CITATION Ter17 l 1033
].
Analyze critical issues in global cybersecurity technology
policy
The Information Technology Industry Council (ITI) “supports
policies that
increase security while maintaining the benefits of cyberspace”.
ITI “works to
ensure that cybersecurity policies in the United States and
around the world reflect
the interconnected and interoperable global nature of today’s
digital
environment”.” In order to secure cyberspace, ITI advocates for
cybersecurity
policies that are adaptable to rapidly emerging threats,
technologies, and business
models” [ CITATION iti19 l 1033 ]. Cybersecurity Tech
Accord (CTA) “promotes
a safer online world by fostering collaboration among global
technology
companies committed to protecting their customers and users
and helping them
defend against malicious threats” [ CITATION cyb19 l 1033 ].
Some critical
issues are lack of global tools to assist with cyberthreats, no
global policies that
“prioritize security, privacy, integrity and reliability, and in
turn reduce the
likelihood, frequency, exploitability and severity of

vulnerabilities” [ CITATION
cyb19 l 1033 ].
Analyze the principles of warfare that underpin cyberwarfar e
theory and
application
Concerning theory, “all state-sponsored military operations are
conducted
for the purpose of accomplishing nation-state political or
military objectives,
cyberspace, inherent to the initial design of the Internet, is
formulated upon lines of
communication designed to transport information from point A
to point B, and
there are key targets within cyberspace for which position and
possession yield a
decisive military advantage”. “Any comprehensive theory that
seeks to develop a
national strategy to conduct cyberwarfare should include as a
primary objective the
need to secure critical cyber lines of communication, both
physical (fiber optic
cable, SATCOM, ISPs, etc.) and logical (network domains,
routers, servers, etc.)” [
CITATION Geo14 l 1033 ]. Concerning application, Nation-
state and non-state
actors must be willing to collaborate and agree on cybersecurity
terminology and
concepts. The “application of cyber war capabilities has become
increasingly
prominent due primarily to the fact that as many as 120
international governments
are pursuing information warfare programs” [ CITATION Far10
l 1033 ]. In

response to other nation-states’ cyber programs, the 2006
Quadrennial Defense
Review (QDR) requested that the Department of Defense (DoD)
develop a
capability to shape and defend cyberspace” [ CITATION Far10
l 1033 ].
International Cybersecurity Threat Matrix
Threat Matrix
Country: China
Cyber Culture
(i.e., How does the country view
cyber threats? Is this consistent
with the general country
culture?)
Cybersecurity
Threats
Cyber Legal
Perspective/Cyber Economic
Perspective
Response to Cyberterrorism/Recruiting
A practice of “defending forward”
can look a lot like attacking
forward when one is on the

receiving end of a hacking
operation. One nation’s
development of additional cyber
capabilities and loosening of
authorities can be seen by other
nations as an unavoidable threat.
Interactions in cyberspace can
foster trust and cooperation, but
they also have the potential to
provoke suspicion, competition
and conflict. The deepening
cybersecurity dilemma is due not
just to American action. It is in
part due to threats the United
States perceives from China, a
topic her account largely glosses
over.
Points of
aggregations refer to
managed service
providers (MSPs),
which are companies
that manage other
firms’ information
technology (IT)
infrastructure
systems. These could
include small and
medium-sized MSPs,
as well as large
technology firms
such as IBM
[ CITATION Fan19 l
1033 ].
China’s national

intelligence law, also
effective in 2017,
requires every
Chinese organization
and citizen to assist
and cooperate with
Beijing’s national
intelligence efforts.
The broad and vague
definition of
“national
intelligence” means
that companies and
citizens must answer
to the Chinese regime
when called upon
(Fang, 2019).
In 2010, “Chinese
actors attacked Adobe
Systems, Yahoo,
Symantec, Northrop
Grumman, Morgan
Stanley, and Dow
Chemical (Bengali,
et. al) using an
advanced persistent
threat (APT) that
appeared to be based
in Beijing”. The
“massive theft of tens
of millions records
China’s national intelligence
law, also effective in 2017,
requires every Chinese
organization and citizen to

assist and cooperate with
Beijing’s national intelligence
efforts. The broad and vague
definition of “national
intelligence” means that
companies and citizens must
answer to the Chinese regime
when called upon [ CITATION
Fan19 l 1033 ].
Most Chinese have the same concerns as
much of the rest of the world about harmful
cyberactivity’s, including: efforts to crash,
slow, or paralyze vital cyber-based
Infrastructure; the promulgation of
information or images harmful to the polity,
society, or the economy (such as
pornography, false or misleading commercial
information, and the advocacy of violent
political revolution); espionage; the theft of
proprietary commercial data or information;
and specific actions designed to weaken the
capacity of the state to defend itself through
military and other means. Thus, both
authoritative and other Chinese observers
believe that “cyber security is an international
. . . issue and hacker attack is a common
challenge facing the whole world”
[ CITATION Swa13 l 1033 ].
from the Office of
Personnel
Management (OPM)
in 2014 is attributed

to the Chinese, as is
the 2015 theft of
millions of records
from Anthem. This
represented the most
significant theft of
healthcare records to
date”. “Chinese
attacks against US
interests became so
prolific and bold that
the US took the
unprecedented step of
publicly accusing
China of attacking
US government
systems”
[ CITATION
UMU1914 l 1033 ].
The 2015 agreement between the
United States and China on
commercial cybertheft seems to
have failed to appreciably slow the
widespread hacking of American
targets by state-affiliated Chinese
operators, though it may have
caused them to increase their
operational security in a bid to
evade detection.
Global dominance,
arms races,
Preparations for
Military Struggle
(PMS), international

strategic competition
in cyberspace
[ CITATION Jin19 l
1033 ]
The new law sets forward,
important network equipment
and software will have to
receive government
certifications. This means that
specific pieces of intellectual
property or technical features
will have to be divulged,
which could easily be passed
on to Chinese companies by
the regulators behind
cybersecurity [ CITATION
Hao16 l 1033 ].
China is taking action to “protect its state
interest in the event of cyberattacks, new
rules will mandate strict data surveillance and
storage for firms working in the country”
[ CITATION Hun17 l 1033 ].
With diplomacy and deterrence
not working as well as the
Pentagon would like, disruption of
malicious cyber activity has
become an option that is attractive
to policymakers, even if it carries
risks of its own.
cyberspace situation
awareness, cyber
defense, support for

the country’s
endeavors in
cyberspace, and
participation in
international cyber
cooperation
[ CITATION Jin19 l
1033 ]
This law is also
counterproductive because
companies gathering data in
so-called “critical areas” will
have to store that data inside
China. At this stage, the
definition of “critical” is
worryingly broad. Complying
with this requirement will
force international firms to
make expensive investments to
build duplicate facilities within
China [ CITATION Hao16 l
The “West really does not know how China
might handle
a nuclear terrorism crisis. There are some
scholars who believe Chinese
decision making is purposely vague. In fact,
the Chinese may have no plans
for crisis management. For example, it is not
clear to this writer whether
the Chinese believe a nuclear terrorism
incident would be a law enforcement
or a military problem. True, that kind of
concern mirrors a Western way of
thinking. And it is possible in a tightly

controlled society, like China’s, there
may be little time or inclination for any
1033 ]. bureaucratic or turf battles about
such a matter” [ CITATION Gro09 l 1033 ].
China likely sees U.S. cyber
activities—whether intended to be
defensive or offensive—as
intrusive and threatening. It may
well launch hacking operations to
attempt to disrupt American
efforts.
The Chinese
government’s
monitoring of the
internet and social
media is based on its
potential use as a
platform to
disseminate
information that
could cause similar
social unrest to
spread, which could
lead to large-scale
social and political
instability
[ CITATION Jin19 l
1033 ].
International companies will
have to weigh this risk against

the opportunity to do business
in China. China has had a long
reputation for ‘copying’
without getting insider access,
and this law could only open
the ease to which China’s
business sector can review
competition. For international
companies there is no easy
way forward as the choice is
black or white. Either foreign
companies will comply,
knowing China has a way to
peek into what previously was
private, or they will chose to
stand by principles of privacy
at the risk of being excluded
from the Chinese market
[ CITATION Hao16 l 1033 ].
The Chinese actors are not concerned with
the United States view concerning
cyberterrorism. “An increase in Chinese
capability has opened the way "for bigger
data storage, for bigger data theft," he said.
"And when you can gain it in bulk, you take it
in bulk" [ CITATION Nak15 l 1033 ].
or all the dangers of the
cybersecurity dilemma, the United
States and China do have areas of
mutual interest in the digital
domain. For example, they share
interests in the integrity and
stability of the global financial
system, in not being misled into

great-power conflict with one
another by a third-party
malefactor, in not letting cyber
weapons get into the hands of
malicious non-state actors, in
better understanding how each side
approaches cyber-policy questions
such as the definitions of “armed
conflict” or “critical
infrastructure,” and in cooperating
to combat transnational
cybercrime [ CITATION Buc18 l
1033 ].
Yes, this is consistent with the
general country culture.
China is more and
more dependent on
information networks
in all aspects,
including in defense.
China uses the term
“eight King Kongs”
to describe the top
internet companies in
its domestic supply
chain: Apple, Cisco,
Google, IBM, Intel,
Microsoft, Oracle,
and Qualcomm.
Heavy dependence on
these companies’
products makes it
necessary to work
towards developing
the domestic

technology industry
and its capabilities,
and to thereby make
the country’s internal
internet infrastructure
more secure
U.S. companies have already
began to strongly lobby against
the law, as well as China’s
position that the Internet must
be managed by authorities. But
despite the efforts of any
company, Chinese or other, the
cybersecurity law is just a
piece in a larger ongoing
political puzzle that companies
will have to deal with
[ CITATION Hao16 l 1033 ].
China is a persistent collector of data,
especially rom the United States, it is my
belief that China will do whatever it takes to
protect and defend itself from the United
States, even if it means cyberterrorism
[ CITATION AnI13 l 1033 ].
[ CITATION Jin19 l
1033 ].
Compare and contrast international cybersecurity standards
bodies
When identifying the most useful best-practice standards and

guidance for
implementing effective cybersecurity, it is important to
establish the role that each
fulfils, its scope, and how it interacts (or will interact) with
other standards and
guidance. The “Cybersecurity Framework (CSF) is a voluntary
framework
primarily intended for critical infrastructure organizations to
manage and mitigate
cybersecurity risk based on existing standards, guidelines, and
practices, while
ISO/IEC 27001 is the international Standard for best-practice
information security
management systems (ISMSs)”. The “NIST SP 800-53 “Security
and Privacy
Controls for Federal Information Systems and Organizations”
details which
controls it recommends for all US federal information systems
(excluding those in
national security), while ISO/IEC 27032 is the international
Standard focusing
explicitly on cybersecurity”. HIPAA “established a national
standard for the
security of electronic health information, including the
protection of individually
identifiable health information, the rights granted to
individuals, breach
notification requirements, and the role of the OCR (Office of
Civil Rights), while
ISO/IEC 27035 is the international Standard for incident
management, and
ISO/IEC 27031 is the international Standard for ICT readiness
for business
continuity” [ CITATION itg19 l 1033 ].
International Environmental Scan

Environmental Scan: Africa
Unique characteristics, that make cyberspace issues more
challenging. Africa’s cybersecurity
measures are underdeveloped. African networks are easy targets
because their networks are not
well protected. African-inspired cyber threats are mostly
associated with financial gains (UMUC,
2019).
Role of NATO. The North Atlantic Treaty Organization (NATO)
“has made clear its objective to
ensure that its operational and mission-related information
systems are protected from
cyberthreats while the organization continues to help member
nations increase the security of
their own national networks” (UMUC, Cybersecurity
International Policy, 2019). NATO offers
education, training, and exercises to support member nation
needs. It is important that each
member nation raises the bar on its own cyberdefense
capabilities because the alliance as a
whole is only as strong as its weakest member nation (UMUC,
Cybersecurity International
Policy, 2019).
Role of United Nations. The “mission of the United Nations is
as follows: maintain
international peace and security develop friendly relations
among member nations based on
respect for equal rights achieve international cooperation in
solving international problems to be

a center for harmonizing actions of nations in attaining common
goals” (United Nations
Cybersecurity Approaches, 2019).
Cybersecurity Changes in the Next Decade. Based on current
African cybersecurity threats,
my predictions for the next decade, center around improved
protection measures for financial
transactions, implementation of technology that protects data
and networks, and the ability to
collaborate with the United States cybersecurity programs,
education and regulations to support
their internal industries.
Catalyst(s) for change. A catalyst for change could be the
continued onslaught of State
sponsored attacks, organized crime, risks, threats, and
vulnerabilities leading to serious financial
problems and a failure in protecting the countries government
and infrastructure as a whole
(3tsconsulting.com, 2017).
Economic Perspective; Africa’s approach about cyberspace.
Africa will change with the rest
of the world. Cybersecurity issues are global issues. “We live in
a connected world made smaller
each day by the exponential growth of technology. Individuals,
companies and countries rely on
cyberspace for everything from cell phone card recharge
transactions to business partnership
arrangements or the movement of military forces from one
country to the other”. “Safeguarding
cyberspace is a crucial discipline” for all countries
(3tsconsulting.com, 2017).
Criminality Perspective; Africa can do more in the cyberspace

area. African networks are
not protected; therefore “Cybercriminals are using the path of
least resistance, thus bypassing
security investments that organizations have made in their
infrastructure”. A “first defense” for
Africa would be “security awareness and public training”
(3tsconsulting.com, 2017). The
“ultimate goal is to enable all countries in the region to have
adequate legislation in place in
order to achieve a higher level of legal and policy
interoperability” (3tsconsulting.com, 2017).
Changes and Suggestions, if I were the US ambassador to
Africa. My first meeting would be
to develop a team of serious technicians and technical engineers
to review the United Nations
policies, NATO, and the United States recommendations to
improve information systems. I
would look at developing a version of African National Institute
Standards and Technology
publications and set up some Federal Information Security
Management Acts specific to Africa,
along with enacting new laws for cybercrime and
cybercriminals.
Potential Impact of My recommendations. The “2017 cyber
security survey shockingly
reveals that over 95% of African businesses are operating below
the cybersecurity “poverty line”
(Kaimba, 2017). My recommendations can limit and control the
number of would be cyber
criminals and adversaries. Lower the number of Denial-of-
Service attacks (Dos) and Distributed-

Denial of service attacks (DDoS). Positively affect the nations
cyber debt. The new NISTs,
African FISMA, Standards and training will bring the cyber
security poverty line above the line
and allow African business to compete with other countries. The
financial, manufacturing,
hospitality, government institutions and other private
organizations will benefit and function at a
higher level, and consumer confidence will be at its highest.
Identify key initiatives in international cybersecurity policy
The key initiatives in cybersecurity policy are the “International
Telecommunication Union (ITU) an agency of the United
Nations (UN) whose
purpose is to coordinate telecommunication operations and
services throughout the
world”; ITU “Global Cybersecurity Agenda (GCA) a framework
for international
cooperation aimed at enhancing confidence and security in the
information
society” [ CITATION UMU1921 l 1033 ].
The “GCA is designed for cooperation and efficiency,
encouraging
collaboration with and between all relevant partners and
building on existing
initiatives to avoid duplicating efforts”; the “ITU Toolkit for
Cybercrime
Legislation, which addresses the first of the seven strategic
goals of the ITU Global
Cybersecurity Agenda (GCA), also includes the elaboration of
strategies for the
development of cybercrime legislation that is globally
applicable and interoperable
with existing national and regional legislative measures by

providing a model law
for countries” (cyberdialogue.ca, 2010). Regional law
enforcement and
multinational government groups like the European Police
Office (Europol), the
Association of Southeast Asian Nations (ASEAN), and the
Organization for
Economic Co-Operation and Development (OECD) have also
developed initiatives
to cooperate on cybercrime” [ CITATION UMU19 l 1033 ].
The E-government initiatives are the Federal Information
Security
management Act, the National Science Foundation, the
Computer Fraud and Abuse
Act, the Electronic Signatures in Global and National
Commerce Act, and the
Federal Desktop Computer Configuration
Regional Cybersecurity Threat Fact Sheet
Africa Fact Sheet
Cybersecurity threat experienced in Africa. “Attacks range from
simple email scams to large-
scale theft of customer data using malware, ransom attacks and
disinformation or fake news”.
Africa’s cyber-attacks effect financial institutions destroys their
business reputation and
interferes with corporate and government operations (Yusuf,
2019).
Evolution of the associated malware and implications. Dorkbot
has been a problem for Africa
for several years. “Dorkbot is designed to steal passwords for

online accounts, including such
social networks as Facebook and Twitter, as well as to install
additional malware that can turn
infected endpoints into nodes in a DDoS attack or part of a
spam relay” (Schwartz, 2015).
“African businesses, specifically, find themselves at a
crossroads, where they must balance
digital transformation with a greater focus on security policies
and how to protect customer data”
(Croock, 2016). With Africa's digital economy continuing to
scale up rapidly, the need is
becoming more apparent for regulation and legislation to match
(Croock, 2016). South Africa
has introduced a number of legislative measures to address the
growing threat of cyber terrorism
and terrorist financing such as the Prevention of Organized
Crime Act 38 of 1999 (“POCA”), the
Financial Intelligence Centre Act 38 of 2001 (“FICA”), the
Electronic Communications and
Transactions Act 25 of 2002 (“ECT), the Regulation of
Interception of Communications and
Provision of Communications-Related Information Act 70 of
2002 (“RICA”) and the Protection
of Constitutional Democracy against Terrorism and Related
Activities Act 33 of 2004
(“PCDTRA”) (Cassim, 2012).
The “international community, must devote more attention to
the development of central
authorities in critical regions such as the Middle East, North
Africa, and the Sahel”. The “engines
that give life to the international treaty framework must be
built, serviced, and properly
maintained”. Otherwise, efforts to address transnational crime
and terrorism through a rule of
law framework will remain stymied” (Stigall, 2016).

Global cybersecurity policies might be used to counter the
effects. The president's
International Strategy for Cyberspace, which is to promote a
strategic framework of international
cyber stability. This framework is designed to achieve and
maintain a peaceful cyberspace
environment where all states are able to fully realize its
benefits, where there are advantages to
cooperating against common threats and avoiding conflict, and
where there is little incentive for
states to engage in disruptive behavior or to attack one another
(US-Cert.gov, 2003). The
International Strategy for Cyberspace, spelled out key global
policy areas that will promote
international standards, build relationships, and safeguard the
free flow of information, and
promote the global interoperability of networks (International
Strategy for Cyberspace:
Prosperity, Security, and Openness in a Networked World,
2011).
Characteristics of Dorkbot Malware. A “family of malware
worms that typically spreads
through instant messaging, USB removable drives, websites or
social media channels like
Facebook and Twitter. Downloading and installing Dorkbot
malware results in its opening a
backdoor on infected computers, allowing for remote access and
potentially turning the computer
into a botnet” (Stroud, 2019). The “Dorkbot worm gained
publicity in late 2011 for an attack on
Facebook’s chat system, with users receiving a message with a
bogus link that appeared to come

from one of their Facebook friends” (Stroud, 2019). In “2012,
Dorkbot targeted Skype users, by
installing ransomware, that would threaten to lock a user out of
being able to use their computer
and demand a payment of several hundreds of dollars be made
within a limited timeframe or
have files on the computer deleted” (Stroud, 2019) . Attribution
is difficult, since Dorkbot can
use backdoors, steal information from victims, and post
malicious links in instant messages and
social media sites (F-secure.com, 2016).
Contributing factors to change characteristics over the next 10
years. 5G Security will
contribute change to all networks, by cross-layer security, end-
to-end security, cross-domain
security, and secure-by-design measures (sdxcentral.com, 2012-
2019). The “5G standard
promises to embody a mobile-connectivity revolution, providing
enhanced broadband
connectivity and speed for a wide swath of customers”
(sdxcentral.com, 2012-2019).
Technologies will counter global cybersecurity policy controls
in the future. The “Center for
Strategic & International Studies (CSIS) Technology Policy
Program has compiled an index of
existing cyber strategies and laws by country and territory. The
index includes national strategies
addressing civilian and military national cyber defense, digital
content, data privacy, critical
infrastructure protection, e-commerce, and cybercrime. This
provides policymakers and
diplomatic officials a unified, at-a-glance database of global
legal and policy frameworks to help
the global community understand, track, and harmonize

regulations internationally” (CSIS.org,
2019).
“National regulations obviously do not replace the need for
international negotiations and
agreements on measures to increase stability and security in
cyberspace. CSIS, in partnership
with the UN Institute for Disarmament Research, organized
three expert workshops to open and
broaden the discussion of international norms for responsible
State behavior in cyberspace and to
identify new ideas to support further progress by the
international community” (CSIS.org, 2019).
If countries and territories are willing to collaborate and work
with trust, technologies will
improve with security.
Recommendations. Cybersecurity policy is important because
government, military, corporate,
financial, and medical organizations collect, process, and store
unprecedented amounts of data on
computers and other devices. Policy determine how an
organization will protect its information
and information assets. Best security practices are generally
accepted as superior to any other
methods or means.
In my opinion, there would be no need for security,
cybersecurity, physical security,
information security, application security, operational security
and any other security, if man
would could, consider other as themselves or treat one as one
would like to be treated in return.

Assess cybersecurity policies and procedures for transnational
legal compliance.
Global policies are needed for Internet governance, the
decision-making
process for developing secure architectures, technical standards,
administrative
procedures, and best practices at the international level and to
ensure the secure,
resilient operation of the Internet” [ CITATION acl19 l 1033 ].
“Cyberspace now
constitutes the primary domain for global communications and
commerce, it has
become a critical national asset for many nations”. This
“criticality may lead to
reexamination of traditional questions of public international
law and military
doctrine”. The “global nature of communications networks, an
array of public
policy, regulatory, and law enforcement issues that are being
addressed within
independent domestic jurisdictions have wider ramifications for
the United States
and other countries” [ CITATION acl19 l 1033 ]. Transnational
legal compliance
issues must start at the federal government level, and include
the Federal
Information Security Act (FISMA), the Office of Management
and Budget (OMB),
and the NIST Cybersecurity Framework, which provides a
policy framework for
computer security guidance, and how private sector
organizations in the United
States can assess and improve their ability to prevent, detect,
and respond to

domestic and global cyber-attacks.
The North Atlantic Treaty Organization (NATO) is a “formal
alliance
between the territories of North American and Europe”.
NATO’s “main purpose is
to defend against the possibility of communist Soviet Union
taking control of their
nation” [ CITATION col19 l 1033 ]. The following
organizations are
“cybersecurity policy making and decision making under
NATO:
The North Atlantic Council,
Defence Policy and Planning Committee,
NATO Consultation, Command and Control Board,
NATO Military Authorities and Consultation, Command and
Control Agency,
NATO Communication and Information Systems Services
Agency” [ CITATION
UMU1925 l 1033 ].
Cybersecurity “challenges for international bodies like NATO,
the United
Nations or the European Union--are unique as determined by the
governing
principles and membership of each body” [ CITATION
UMU1924 l 1033 ]. The
“NATO Policy on Cyber Defence will be implemented by
NATO’s political,
military and technical authorities, as well as by individual
allies” [ CITATION
UMU1925 l 1033 ].

Assess and critique cybersecurity programs.
The benefits of a cybersecurity program are “common grounds
for
cybersecurity risk management measures, provides a list of
cybersecurity activities
that can be customized to meet the needs of any organization,
provides a risk-based
approach to identifying cybersecurity vulnerabilities, provides a
systematic way to
prioritize and communicate cost-effective improvement
activities among
stakeholders, and provides a frame of reference on how an
organization views
managing cybersecurity risk management” [ CITATION Cha18
l 1033 ]. No
matter how great our cybersecurity programs are, “The United
States is not close to
raising its defenses adequately and likely will not in the
foreseeable future. Offense
has too great an advantage over defense” [ CITATION aei18 l
1033 ]. The “United
States has the most powerful military in the world, including the
greatest capacities
in offensive cyber. . . [But] the United States significant digital
dependencies mean
that it loses in escalation in cyber because, as President Obama
explained, “our
economy is more digitalized and it is more vulnerable, partly
because we are a
wealthier nation and we are more wired” [ CITATION aei18 l
1033 ].
“Maintaining and improving U.S. technical expertise would be
an effective

step towards countering cyberterrorism” [ CITATION
UMU1921 l 1033 ]. The
present cybersecurity programs must educate users, and would
be victims, if we
are going to get ahead of cybercriminals and stop
cyberterrorism.
Assess the cross-cutting effects of policy, budget, and
technological capabilities
upon the ability to address cyberthreats at the enterprise,
national, and
international levels.
“Cross-border enforcement policies, cross-border collaboration
policies and
cross border global enterprise frameworks can limit and
mitigate cyberthreats. The
international levels require more collaboration and
understanding between, states,
nation-states and non-state actors. “Global issues are typically
handled either
through the establishment of a member-state treaty that governs
the issues or
through the formation of a global body that directs activities” [
CITATION
UMU1921 l 1033 ].
The “Internet is a conduit for crime, terrorism, espionage,
intellectual
property theft, and international offensive maneuvers”. The
“Tallinn Manual
provides some broad guiding principles to assist NATO towards
developing

strategies and polices, along with the Law of Armed Conflict
(LOAC), the
International Court of Justice (ICJ) and the Permanent
International Court of
Justice (PICJ)” [ CITATION UMU1925 l 1033 ].
Assess policy and technology trade-offs that must be considered
and made when
addressing cyberthreats at the enterprise, national, and
international levels.
Every decision involves trade-offs. “Some of the tradeoffs for
enterprise
would include direct or indirect cyber-security related losses”.
“Direct impact
comes from “successful” breaches achieved by hackers, while
indirect impacts
come from displaced resources, increased caution of moving
forward with the new
technology-enabled innovations and inefficiencies caused by the
necessary cyber-
security reviews” [ CITATION Nel17 l 1033 ]. At the “national
level, tradeoffs
include acknowledging difficulties of defining covered
activities and the technical
difficulties of attribution and verification” [ CITATION aei18 l
1033 ]. At the
International level, tradeoffs might include measures to “reduce
use of offensive
operations in cyberspace as an instrument to advance U.S.
interest” [ CITATION
Dav14 l 1033 ]. The “need to manage multiple common
interests with China or
Russia or any other nation generally requires policy makers to
make tradeoffs”

[ CITATION Dav14 l 1033 ].
Assess and critique cybersecurity programs.
The benefits of a cybersecurity program are “common grounds
for
cybersecurity risk management measures, provides a list of
cybersecurity activities
that can be customized to meet the needs of any organization,
provides a risk-based
approach to identifying cybersecurity vulnerabilities, provides a
systematic way to
prioritize and communicate cost-effective improvement
activities among
stakeholders, and provides a frame of reference on how an
organization views
managing cybersecurity risk management” [ CITATION Cha18
l 1033 ]. No
matter how great our cybersecurity programs are, “The United
States is not close to
raising its defenses adequately and likely will not in the
foreseeable future. Offense
has too great an advantage over defense” [ CITATION aei18 l
1033 ]. The “United
States has the most powerful military in the world, including the
greatest capacities
in offensive cyber. . . [But] the United States significant digital
dependencies mean
that it loses in escalation in cyber because, as President Obama
explained, “our
economy is more digitalized and it is more vulnerable, partly
because we are a
wealthier nation and we are more wired” [ CITATION aei18 l

1033 ].
Humans are the weakest link, “Break the people, break the
system”
[ CITATION UMU1921 l 1033 ]. Northrop Grumman, “believes
and recommends
intensive training for organizations with the goal of creating a
global, integrated
battle-management network composed of virtual, real-time,
geographically
distributed battlefield down to the desk level” [ CITATION
UMU1921 l 1033 ].
Anything connected to the Internet is on the frontline. For
example, U.S.
electrical grids, water supply systems, transportation networks,
covered entities,
entertainment, and major broadcasting networks are on the front
line. The United
States cybersecurity program is not up to par, and will not be
able to stop a huge
cyberspace attack, we will just respond and try to recover.
Botnet Evaluation
Evaluation of Botnets.
Botnet Key Features.
A botnet is a “network of computers, or "bots," that are
maliciously infected
with malware that allows them to be controlled as part of a
network”. Botnets “are
used to infect other networks or systems, to launch malicious e-
mail (spam), and to
conduct distributed denial-of-service (DDoS) attacks”. Botnets
“generally leverage

computers without the knowledge of the owner, using the
computers to increase the
capacity of the botnet to wreck damages”. As with other
networks, botnets can
operate using several different configurations, including peer -
to-peer, hierarchical,
or hub and spoke”. Botnets “operate under the command and
control of a lead or
central computer”. A “botnet has a bot herder, or botmaster, that
controls botnets
remotely, usually through an Internet Relay Chat (IRC), which
is a means of real-
time communication over the Internet or through peer-to-peer
(P2P) networking
communications”. The “command and control (C&C) occurs at
the server, a typical
bot runs without being detected using covert channel standards,
such as Instant
Messaging to communicate with the (C&C) server” [ CITATIO N
UMU1919 l
1033 ].
Issues associated with Botnets.
The “use of botnets is on the rise. Industry experts estimate that
botnets
attacks have resulted in the overall loss of millions of dollars
from financial
institutions and other major US businesses”. Once “the malware
is on your
computer, it's hard to detect. In addition to your computer being
commanded to
link up with other compromised computers to facilitate criminal
activity, the bot

can also collect and send out your personally identifiable
information—like credit
card numbers, banking information, and passwords—to the
criminals running it”
[ CITATION UMU1920 l 1033 ]. Through the “NCIJTF and in
alliance with its
US government (USG) partners, international partners, and
private sector
stakeholders, the FBI has worked collaboratively in developing
a multipronged
effort aimed at defeating the world's most dangerous botnets” [
CITATION
UMU1920 l 1033 ]. It is difficult to combat Internet organized
crime with the
rapid development of mobile devices and their inability to
prevent hackers from
linking them to “botnets and crimeware toolkits” [ CITATION
UMU1918 l 1033 ].
The goal is to educate users, so they are aware of suspicious
links and illegal
Internet activity.
Global Cybersecurity Policy.
Global law enforcement activities can help combat some of the
cybercrimes,
but countries must be willing to work together. The “Council of
Europe
Convention on Cybercrime is the first treaty to cover network
security violations,
copyright infringement, computer-related fraud, and child
pornography”
[ CITATION UMU1921 l 1033 ]. The United Nations Office on
Drugs and Crime
(UNODC) has focused much attention on cybercrime. Its
position is that

cybercrime is transnational, and that active transnational
cooperation is needed to
make the investigation of criminal cases feasible, but the
disagreements on matters
such as privacy, intellectual privacy, and criminal prosecution
vary from country to
country, which means years before laws are passed and agreed
upon.
The “ITU created a Global Cybersecurity Agenda (GCA) in
2007 to initiate
a global approach to increasing cybersecurity effectiveness and
reducing risks and
threats in cyberspace”. The “ITU has also created a toolkit for
cybercrime
legislation, to promote strategies for developing cybercrime
legislation that is
globally applicable and interoperable with existing legislative
measures”
[ CITATION UMU1921 l 1033 ].
The United States must work hard and fast to face the number of
cyberthreats critical to the infrastructure. One way is by
“partnership with private
and government sectors, and creation of global agreements” [
CITATION
UMU1921 l 1033 ].
Botnets Evolved over the Years.
There was a time when botnets were a difficult task, but now
“putting
together a botnet is as easy as ABC,123, IoT”. With the

“availability and
vulnerability of IoT devices and new advances in malware, it’s
now relatively easy
for botnet owners who know what they’re doing to build botnets
that consist of
hundreds of thousands of devices, allowing hackers to create
massive botnets and
launch massive cyber-attacks” [ CITATION IoT18 l 1033 ].
Botnets Impact on Policy.
Regulatory policies are a must, “but the rapid spread and
evolution of
Internet technologies around the world, make building
consensus on regulatory
policies impossible” [ CITATION UMU1921 l 1033 ]. The
question isn’t if we
need global law enforcement, but how and who will regulate
policy around the
world. The use of bots and botnets have created an emergency
need for the Federal
Bureau of Investigations (FBI), the Secret Service, the National
Counterterrorism
center (NCTC), the Central Intelligence Agency (CIA), the
Department of
Homeland Security (DHS), the National Coordinati ng Center for
Telecommunications (NCC) and the United States Computer
Emergency Readiness
Team (US-CERT) to come together and work together, to solve
these issues.
Assess emerging cybersecurity issues, risks, and vulnerabilities.
The major issue, no one is really concerned with ransom attacks
until they
hit close to home. The average Internet user knows little about

cybersecurity, let
alone security. Some of the risk associated with the lack of
concern for security is
no security awareness training for your average user, which
means more personal
cyberattacks, distributed denial of service (DDoS) attacks,
malware attacks, and
Internet of Things (IoT) attacks. In 2019, as technology move to
5G (fifth
generation cellular network technology that provides broadband
access) more
vulnerabilities will hit the market, and attacks will include
“crypto jacking, cross-
site scripting, and mobile malware” [ CITATION DeN19 l
1033 ].
Botnet Discussion
Botnet Discussion
Global Nature of Botnets. The “botnet begins with the infection
process, were codes attach
spam to email or instant messages. The next step is rallying,
were the bot connects to a C&C
server and establishes a zombie. The next stage is commands
and reports, were the bots get new
commands and execute orders and the results are reported to the
C&C server. If the bandwidth is
too low, the bot will abandon by the botmaster. If the bandwidth
is acceptable, the next step is to
secure the botnet, bots and botnets are dynamic and flexible in
nature. Botnets are continuously
being updated and their codes change day to day” [ CITATION
Esl19 l 1033 ]. The stages are

sometime referred to as spreading and injection,
communications stage, and the attack stage
[ CITATION Rah14 l 1033 ].
How Botnets have emerged, changed, over past 5-10 years.
Botnet
strategies, technologies, and techniques are constantly evolving
and adapting in response to
mitigation measures [ CITATION int15 l 1033 ].
Key Technical Features of Botnets. Bots “lengths of command
packets are
typically very small, and bots reply to the Botmaster’s command
very fast” [ CITATION
Rah14 l 1033 ]. Botnets are “perfect for striking DDoS attacks,
and attribution or tracing botnet
masters is difficult”. The “cheap and lazy botnets get
dismantled, meaning the ones we have left
are highly resilient against technical and legal take down” [
CITATION Mon16 l 1033 ].
Example Botnets.
1. “Star Wars, known as a twitter botnet. Star Wars sends
unsolicited spam, creates fake trending
topics to sway public opinion, and launches certain
cyberattacks,
2. Hajime, known as a Malware botnet. This Japanese botnet is
protecting IoT devices from
being infected by additional malware,
3. WireX Android Botnet, a malicious app that has been
rampant for years, because the apps
themselves do not appear malicious after users install them,
they evade initial detection,

4. The Reaper IoT Botnet, known to quietly target
vulnerabilities in wireless IP-based cameras
and other IoT devices by running a list of known usernames and
passwords against the device,
5. Satori IoT Botnet, Japanese botnet, Satori botnet spreads by
exploiting a zero-day
vulnerability in routers and use a “remote code” execution bug
instead of relying on a Telnet
scanner to find vulnerable devices to infect with malware” [
CITATION pen17 l 1033 ].
6. “Mirai is a malware botnet known to compromise Internet of
Things (IoT) devices in order to
conduct large-scale DDoS attacks. Mirai is dropped after an
exploit has allowed the attacker to
gain access to a machine” [ CITATION cis19 l 1033 ].
What Contributing Factors may cause Botnets to change, over
the next
10 years. “Cross-border enforcement, cross-border collaboration
can be facilitated by laws that
make botnets and their malicious activity illegal and permit
appropriate information collection
and sharing for mitigation and enforcement”[ CITATION int15
l 1033 ]. “Anti-Botnet Initiatives
like botfrei.de from Germany which detects and notifies
infected customers and provides
disinfection assistance” [ CITATION UMU1919 l 1033 ]. The
“Dutch Anti-Botnet Treaty from
the Netherlands, and the Danish Botnet Memorandum of
Understanding, which recommends the
exchange of relevant tools and information among Internet

Service Providers (ISPs), and the use
of quarantine tools to isolate infected computers and the
requirement to notify end users of the
ISPs when botnets are found in their networks” [ CITATION
UMU1919 l 1033 ].
Assess key cyberattack technologies.
The Top ten most common cyber-attacks:
1. Denial-of-service (DoS) and distributed denial-of-service
(DDoS)
attacks. A denial-of-service attack overwhelms a system’s
resources so that it
cannot respond to service requests [ CITATION Mel18 l 1033
].
2. Man-in-the-middle (MitM) attacks
A MitM attack occurs when a hacker inserts itself between the
communications of a client and a server [ CITATION Mel18 l
1033 ].
3. Phishing and spear phishing attacks
Phishing attack is the practice of sending emails that appear to
be from
trusted sources with the goal of gaining personal information or
influencing
users to do something. It combines social engineering and
technical trickery
[ CITATION Mel18 l 1033 ].
4. Drive-by attacks
Drive-by download attacks are a common method of spreading
malware.
Hackers look for insecure websites and plant a malicious script
into HTTP or
PHP code on one of the pages. This script might install malware
directly
onto the computer of someone who visits the site, or it might re-
direct the

victim to a site controlled by the hackers. Drive-by downloads
can happen
when visiting a website or viewing an email message or a pop-
up window
5. Password attacks
Brute-force password guessing means using a random approach
by trying
different passwords and hoping that one work Some logic can be
applied by
trying passwords related to the person’s name, job title, hobbies
or similar
items [ CITATION Mel18 l 1033 ].
A dictionary attack, a dictionary of common passwords is used
to attempt to
gain access to a user’s computer and network. One approach is
to copy an
encrypted file that contains the passwords, apply the same
encryption to a
dictionary of commonly used passwords, and compare the
results
6. SQL injection attacks
A successful SQL injection exploit can read sensitive data from
the database,
modify (insert, update or delete) database data, execute
administration
operations (such as shutdown) on the database, recover the
content of a
given file, and, in some cases, issue commands to the operating
system
7. Cross-site scripting (XSS) attacks

XSS attacks use third-party web resources to run scripts in the
victim’s web
browser or scriptable application. Specifically, the attacker
injects a payload
with malicious JavaScript into a website’s database. When the
victim
requests a page from the website, the website transmits the
page, with the
attacker’s payload as part of the HTML body, to the victim’s
browser, which
executes the malicious script [ CITATION Mel18 l 1033 ].
8. Eavesdropping attacks
Eavesdropping attacks occur through the interception of
network traffic. By
eavesdropping, an attacker can obtain passwords, credit card
numbers and
other confidential information that a user might be sending over
the network.
Eavesdropping can be passive or active: Passive eavesdropping
— A hacker
detects the information by listening to the message transmission
in the
network. Active eavesdropping — A hacker actively grabs the
information
by disguising himself as friendly unit and by sending queries to
transmitters.
This is called probing, scanning or tampering [ CITATION
Mel18 l 1033 ].
9. Birthday attacks
Birthday attacks are made against hash algorithms that are used
to verify the
integrity of a message, software or digital signature. A message
processed by
a hash function produces a message digest (MD) of fixed length,
independent of the length of the input message; this MD
uniquely

characterizes the message. The birthday attack refers to the
probability of
finding two random messages that generate the same MD when
processed by
a hash function. If an attacker calculates same MD for his
message as the
user has, he can safely replace the user’s message with his, and
the receiver
will not be able to detect the replacement even if he compares
MDs
10. Malware attacks
“Malicious software can be described as unwanted software that
is installed
in your system without your consent. It can attach itself to
legitimate code
and propagate; it can lurk in useful applications or replicate
itself across the
Internet” [ CITATION Mel18 l 1033 ].
Assessing the above cyber-attacks individually can be difficult,
each attack
can cause some loss of either confidentiality, integrity, and or
availability (CIA) of
a network. My best advice is the proper use of “firewalls,
intrusion detection
systems (IDS), intrusion prevention systems (IPS), network
access control (NAC),
web filters, proxy servers, anti-DDos devices, load balancers,
and spam filters”
[ CITATION Net19 l 1033 ]. The proper security policy will
address each specific
attack. For example, the implementation of a strong network

security policy,
incident response policy, acceptable use policy, Computer,
Internet and E-mail
usage policy, privacy policy, third-party access policy, account
management policy,
user monitoring policy, and a password management policy will
provide guidance
for each of the above types of threats and attacks.
Botnet Conclusion
Botnets are serious malware attacks, governments, private
sectors and allied
and unallied countries must work together to stop cybercrime
and organizations
that promote use of botnets as a threat. Information security
specialist should
ensure they are well trained are aware of botnet features and
attack measures.
Together we can detect botnets, prevent infections, and identify
when a compute
has been taken over and assist with the clean-up/restore process.
Conclusion
Assess how the theories and principles of war apply to
cyberwarfare and apply
those theories to understand cyberoffense and cyberdefense
challenges.
It is difficult to determine who is attacking who, attribution.
Cyberwarfare is
a “battle for control over information and communication flows,
with the ultimate
goal of taking advantage of your opponent” [ CITATION Rob15
l 1033 ].
Cyberwarfare or “information warfare can be seen as a game,

played between
defenders and attackers who are in direct competition”.
“Defenders perform
defensive operations to protect information in any form, seeking
to maintain its
confidentiality, integrity and availability”. “Attackers perform o
ensive operations,ff
seeking to damage that confidentiality, integrity and
availability”. “Cyberspace
blurs the line between o ense, and defense and that this
principle therefore can’t ff
be applied to cyberwarfare” [ CITATION Rob15 l 1033 ].
Understanding how
cyber offensive measures, which deploys a proactive approach
to security using
ethical hacking, and cyber defensive measures, which uses a
reactive approach to
security that focuses on prevention, detection, and response to
attacks is the key to
cybersecurity challenges.
IntroductionAnalyze Global Approaches to
CybersecurityAnalyze critical issues in global cybersecurity
management and policyAnalyze critical issues in global
cybersecurity technology policyAnalyze the principles of
warfare that underpin cyberwarfare theory and
applicationInternational Cybersecurity Threat MatrixThreat
MatrixCompare and contrast international cybersecurity
standards bodiesInternational Environmental
ScanEnvironmental Scan: AfricaIdentify key initiatives in
international cybersecurity policyRegional Cybersecurity Threat
Fact SheetAfrica Fact SheetAssess cybersecurity policies and
procedures for transnational legal compliance.Assess and
critique cybersecurity programs.Assess policy and technology

trade-offs that must be considered and made when addressing
cyberthreats at the enterprise, national, and international
levels.Assess and critique cybersecurity programs.Botnet
EvaluationEvaluation of Botnets.Assess emerging cybersecurity
issues, risks, and vulnerabilities.Botnet DiscussionAssess key
cyberattack technologies.Botnet ConclusionConclusionAssess
how the theories and principles of war apply to cyberwarfare
and apply those theories to understand cyberoffense and
cyberdefense challenges.
3/20/2021
1
KAUFT
King King Abdul-Aziz university university
FACULTY OF TOURISMFACULTY OF TOURISM
HUMAN RESOUCES IN
EVENT MANAGEMENT
EM 625
Planning Training Programs
1
King Abdul Aziz University – Faculty of Tourism
Human Resources in Event Management - Master in Event
Management
Assoc. Prof. Dr. Reda Gadelrab
January, 2021

Learning Objectives
By completion of this presentation You should be able
to:
common obstacles to and myths about training.
ples that influence how
training programs should be planned and implemented.
trainer.
Recommended Textbook:
Resources Management in the Hospitality Industry.
and Supervision: Concepts and Practical Applications
2
Management

January, 2021
3/20/2021
2
Brainstorming Group work Activity:Brainstorming Group work
Activity:
erence
between Training and
Development?
………..
………..
………..
3
Management
January, 2021
Introduction Introduction
amount of time and money into the training and development of
their employees, if they hope to create a positive work
environment
where workers are motivated to consistently produce quality
products and deliver exceptional service.

proper
training and development is one of the leading causes of
employee
turnover.
expected of them in
terms
of their job responsibilities, they get frustrated, and frustrated
employees are the employees most likely to make a mental
decision
to look for another job.
4
Management
January, 2021
3/20/2021
3
Introduction Introduction
to become frustrated at the workplace
within the first 30 to 60 days of employment
if their manager never clarifies their job

responsibilities.
proper hiring decision during the employee
selection process, the manager owes it to
himself, as well as to the new employee, to
provide the employee with ongoing effective
training and development to ensure job
satisfaction as well as professional
development.
5
Management
January, 2021
Training Now and Development LaterTraining Now and
Development Later
employee and ensures that the right applicant has
been hired for the right position, and then
provides the new employee with a proper
orientation, the employee will still not be able to
perform her job duties in a satisfactory manner.
need proper training to ensure that their job
performance matches company standards.

short cuts by hiring only workers who have
previous hospitality industry experience.
6
Management
January, 2021
3/20/2021
4
Development Later
y industry
experience for upper-level employees in positions
such as sales and marketing or food and beverage
management may be logical, but the practice makes
little sense when selecting entry-level workers,
especially if management’s goal is to make an end
run around the training process.
with the knowledge and the skills required to
operate within the systems and standards set by
management.
-depth and

enormously demanding, it is essential to ensure
employee job satisfaction and productivity.
7
Management
January, 2021
Development Later
high employee turnover and the delivery of substandard
products and services.
es do their current jobs more
effectively.
quality and effectiveness of an employee’s performance in
her current position.
and skills to help prepare her to handle future
responsibilities, with less emphasis on her present job
duties.
employee’s present job, while development focuses on
the employee’s potential future advancement within the
company.

8
Management
January, 2021
3/20/2021
5
Hospitality Training
ant for
all hospitality personnel
because it is the best way to
assure that staff members
can make maximum
contributions to the
organization’s success.
9
Management
January, 2021

Labor Intensive
labor intensive.
the need for staff in departments
such as accounting and the front
office, it has not generally
affected the number of
employees required to produce
and deliver the products and
services that guests desire.
10
Management
January, 2021
3/20/2021
6
What is Training?What is Training?
that provides new and
currently employed staff
with the short - and longer

- term knowledge and
skills required to perform
successfully on the job.
11
Management
January, 2021
Success of Training
can be demonstrated by
considering the extent to
which knowledge and
skills improve as a result
of the training.
12
Management
January, 2021
3/20/2021

7
Training must also be Training must also be Cost EffectiveCost
Effective::
performance gained as a
result of training must be
greater than the costs of
training.
13
Management
January, 2021
Performance Performance -- based Trainingbased Training
- based training is
best delivered at the job site in one - on -
one interactions between the trainer and
trainee.
training. Why?
focus on what the
individual must learn,

best pace for the individual trainee.
14
Management
January, 2021
3/20/2021
8
Benefits of TrainingBenefits of Training
15
Management
January, 2021
competitive, having competent, well-trained
employees is essential at all levels of employment.
ive training program teach
new employees important skills and knowledge about

their positions within the company, but it also helps
to encourage employees to have a positive attitude
toward customer service.
the
training and development of its employees not only
benefits the employees but also management and the
company.
training and development enhance their employees’
capabilities and strengthen their own competitive
advantage over other competing operations.
16
Management
January, 2021
Figure 1: The benefits of employee training
3/20/2021
9

17
Management
January, 2021
Numerous benefits to effective training include:
knowledge and skills to perform required tasks
more effectively, and their on - job performance
can be improved.
performance helps reduce errors and rework,
and associated costs can be reduced. Persons
performing the job correctly will be more
productive, fewer staff and/or labor hours will
become necessary, and this, in turn, can help
reduce labor costs.
members who are more service-oriented and
who will know what their guests desire and
require.
18
Management

January, 2021
perform the activities that are part of their
positions will likely feel better about doing the job.
most likely to be promoted to a more responsible
and higher - paying position: a competent or an
incompetent employee? Training can assist staff in
attaining their promotion goals.
their jobs are more likely to work in a team effort,
and all will do their fair share of required work in
the correct way. Staff members who are trained to
perform tasks beyond the scope of their normal
position can also help peers in other positions.
3/20/2021
10
19
Management

January, 2021
their job as best they can, and this is only
possible with appropriate training.
r operating problems: Busy managers can
focus on priority concerns, and they will not
need to address routine operating problems
caused by inappropriate training.
trained and rewarded for successful performance
are less likely to leave, and managers have less
need to recruit new employees in increasingly
tight labor markets.
members feel good about themselves and their
employers.
20
Management
January, 2021
members are more interested in operating
equipment correctly, in preparing the right

products, and in properly interacting with
guests.
family and friends about their positive work
experiences, and their contacts may become
candidates for position vacancies that arise.
are more satisfied and revenues increase and, if
labor and other operating costs are reduced,
there is a significant potential for increased
profits.
3/20/2021
11
Obstacles to Training
and/or trainers to plan for and deliver the
training
their positions to participate in the training
the trainer’ s and trainees ’ time and to acquire
necessary training resources
must be taught how to train, just as they must
be taught to perform any other unfamiliar task.

Formal train - the - trainer programs are not
provided by many hospitality organizations.
21
Management
January, 2021
Excellent trainers are creative, and they would
never elect to not train because supplemental
resources were unavailable. The alternative is to
take time to develop several basic training tools
meet to learn a new way to perform a task? When
can dining room servers be brought together for a
group training session on guest service?
staff members leave within a few months (or less)
of initial employment. Managers may think, “ Why
train employees if they don ’ t remain on the job
long enough to use what they have learned? ”
22

Management
January, 2021
3/20/2021
12
ad time between one’s hire date and
the time when he or she must be on the job . staff
are trained for expanded position duties, and
recruitment tactics begin for new employees before
a position vacancy has occurred.
g consistency. When
individual trainers plan and deliver training activities
based on what they think staff must know, the what
and how of training will likely be inconsistent.
trainers to want to train. Benefits for successful
training duties can include special privileges,
compensation increases, advancement
consideration, educational opportunities, and/or
recognition.
23
Management

January, 2021
Training MythsTraining Myths
Myths (untruths) about training can create
obstacles. Examples include:
24
Management
January, 2021
3/20/2021
13
Myth 1. Myth 1. Training is easy!!!Training is easy!!!
involves a trainee tagging along
with a more - experienced staff
member, it is easy.
and the increased possibility
that basic training principles will
be disregarded increases the

likelihood that this type of
training will be ineffective.
25
Management
January, 2021
Myth 2. Training costs too much!!! Training costs too much!!!
history of inadequate training
that has yielded unsatisfactory
results are unlikely to invest the
resources required to plan and
deliver more effective
training.“Been there; done that;
let’s try something else” is a
philosophy that can easily
evolve.
26
Management
January, 2021

3/20/2021
14
Myth 3.Myth 3. Training is a staff function!!!Training is a staff
function!!!
technical specialists who provide
advice to, but do not make decisions
for, people in chain-of-command line
positions.
g is a line function that is too
important to delegate to staff human
resources personnel, if available, who
may assist with recruitment, selection,
and orientation tasks.
27
Management
January, 2021
Myth 4. Only new staff need training!!! Only new staff need
training!!!
training, but so do their more
experienced peers when, for

example, operating procedures
are revised because of
technology or when new
equipment is purchased.
of experience may also want to
participate in professional
development programs.
28
Management
January, 2021
3/20/2021
15
Myth 5. There is no time for training!!! There is no time for
training!!!
for the limited time
available to hospitality
managers.
often deemphasized, and
available time is allocated

to other tasks.
29
Management
January, 2021
Learning Principles Drive Training PrinciplesLearning
Principles Drive Training Principles
erous benefits of
training share an old saying: “ An organization pays for
training even if it doesn’t offer it! ”
training takes time to do well, and costs are incurred
to do so.
that, in the absence of
training, wasted time and money occurs because of
errors and rework.
receive the proper quality of required products and
services.
30
Management

January, 2021
3/20/2021
16
Basic learning principlesBasic learning principles
Learning Principle 1: Trainees Must Want to Learn and Need
Motivation to Do So.
The old adage, “ You can lead a horse to water, but you can ’ t
make it drink, ”
applies here. Trainees must want to learn and, for this to occur,
they must
recognize its worth. “ Because the boss says it is necessary ” is
not a
meaningful reason from the perspectives of most staff. By
contrast, noting
that “ This training is a step in a career - long professional
development
program to help you become eligible for promotion ” will be of
interest to
many trainees.
Learning Principle 2: Training Should Consider the Trainees’
Life and
Professional Experiences.
Many hospitality employees are adults with many useful
personal and work -
related experiences. Good trainers establish a benchmark of
what trainees
already know and can do and build on this foundation of
knowledge and skills.

They maximize the worth of training by emphasizing the most
important
subject matter with which the trainee is unfamiliar.
31
Management
January, 2021
Learning Principle 3: Trainees Require Time to Learn.
Training takes time. This principle, while seemingly obvious, is
sometimes violated. Consider, for example, that some managers
expect a new staff member to learn necessary tasks by tagging
along with an experienced peer. What happens when there is no
dedicated training time and, instead, both parties are continually
interrupted by ongoing operational demands?
Learning Principle 4: Trainees Should Know the Training
Requirements.
Experienced trainers often use a preview, present, and review
sequence. They tell the trainees what they are going to say
(preview), they tell them the information (present), and they tell
them once again (review). This tactic helps minimize surprises
and
reduces trainee apprehension.
32

Management
January, 2021
3/20/2021
17
Learning Principle 5: Training Should Consider the Trainees’
Attention Spans.
Several short training sessions are generally better than one
long session.
When planning an entire program, consider the complete range
of subject
matter to be presented. Then break the total training
requirement down
into manageable (short) parts to be facilitated in a single
session.
Learning Principle 6: Learning Should Be Paced.
paced learning allows trainees to practice and improve on basic
skills in a
focused way. They can concentrate on one or several skills
rather than on
all skills and, in the process, better learn the correct way to
perform all of
them.

Learning Principle 7: Learning Speed Varies for Trainees.
Individualized training allows the trainer to incorporate what
the trainee
knows into and to exclude what the trainee doesn't know from
the
training process. The pace of training can then be
individualized.
33
Management
January, 2021
Training principlesTraining principles
Training Principle 1: Trainers Must Know How to Train.
A person must be taught how to train, and train - the - trainer
programs are needed to provide necessary knowledge and skills.
Training Principle 2: Training Must Focus on Real Problems.
Frequently, problems (challenges) are encountered that must be
resolved, and training is a useful tactic to do so.
Training Principle 3: Training Must Emphasize Application.
Most people learn best by doing. For example, hands - on
training using
an individualized training program is typically the best way to

teach an
entry-level housekeeper to properly perform guest room
cleaning
duties.
Training Principle 4: Training Should Be Informal.
To the extent possible, training should be personalized,
conducted in
the workplace, and allow the trainer to interact with the trainee.
34
Management
January, 2021
3/20/2021
18
Training Principle5: Training Should Employ a Variety of
Training Methods.
Training that allows for demonstration, practice, and
comparison of written
information (e.g., standards or procedures) with how tasks are
actually done is
more likely to be effective. Group training that uses case

studies, small group
interaction, video followed by discussion, and other interactive
techniques will
likely be better received by trainees than will a lecture - only
format.
Training Principle 6: Training Focus Should Be on Trainees.
Good trainers want to address trainees ’ needs. Using difficult
language including
jargon can create problems, as can teaching advanced before
basic skills.
Training Principle 7: Trainers Should Allow Trainees to
Practice.
Skills are typically learned by observing how something is done
and then by
practicing the activity in a step - by - step sequence. After the
task is learned, time
and repetition are often required to enable the trainee to
perform the task at the
appropriate speed.
Training Principle 8: Trainers Require Time to Train.
Training takes time that must be scheduled, and the resources
required for it
must be allocated.
35
Management

January, 2021
Training Principle 9: Training Environment Must Be Positive.
Consider someone given training responsibilities who does not
enjoy the
task. This issue can quickly lead to a hostile environment that
lacks the
interpersonal respect that is a prerequisite for effective training.
Training Principle 10: Trainees Should Be Treated as
Professionals.
Experienced staff training their peers should recognize that they
will be
peers with the trainees after the training is completed, and their
responsibility is to use their training skills to help trainees
learn.
Training Principle 11: Trainees Need Encouragement and
Positive
Feedback.
Trainees want to know how the trainer evaluates their
performance during
and, especially, after training is completed.
Training Principle 12: Trainees Should Not Compete Against
Each
Other Contests.
Develop contests in which all trainees who attain specified
standards can

win.
36
Management
January, 2021
3/20/2021
19
Training Principle 13: Trainees Should Be Taught the Correct
Way
to Perform a Task.
Tasks should be taught using the correct work methods on a step
- by -
step basis, with trainer presentation followed by trainee
demonstration.
Training Principle 14: Train One Task at a Time.
Hospitality employees must typically perform many tasks in
their
positions. Tasks should be taught separately, and each should be
broken
into steps taught in proper sequence.

Training Principle 15: Train Each Task Using a Step - by - Step
Plan.
The trainer demonstrates the correct way to do the entire task
again
step-by step, and the trainee repeats the correct procedures. He
or she
then practices each step as necessary to yield the appropriate
speed for
task performance.
37
Management
January, 2021
Training MethodsTraining Methods
38
Management
January, 2021
On-the-job-training:
-the-job-training, or OJT, is probably one of the

most commonly used training techniques for
hospitality industry front-line employee. Sometimes
this method is called job instruction training, or JIT.
employee while on the job.
tasks they need to perform in order to effectively do
their jobs.
coworker serves as the instructor.
executed, it is very effective because it is one of the
few training techniques that incorporates each of the
learning principles.
3/20/2021
20
39
Management
January, 2021

In order to be effective, proper OJT should consist of the
following steps:
Figure 2: Steps in the OJT method
40
Management
January, 2021
Problems Associated with OJT:
training
should be patient, have adequate job knowledge, be a good
communicator, have an outgoing personality, and wants to train
others.
a
timetable for instruction and to assemble and set up any needed
materials or supplies.
ce and time. OJT means on the job, so it is
normal to attempt to conduct training during regular business
hours.
This presents a challenge to hospitality business managers
because

regular business hours usually mean customers and guests need
to be
served at the same time the OJT is taking place. Management
should
ensure adequate labor is scheduled so that the trainer and
trainee can
have their training session without constant interruptions.
3/20/2021
21
41
Management
January, 2021
Job rotation or cross-training:
-training is another effective
training method that is widely used in hospitality
operations.
-train employees in a variety of jobs,
supervisors will often move the trainee from job to job.
Each move is normally preceded by OJT.

effective because it gives
workers the ability to perform a variety of jobs at the
workplace and sometimes helps to eliminate the
potential for boredom.
-trained in
laundry, hotel bell-staff may be cross-trained as lifeguards
or as front desk agents, restaurant food servers can be
cross-trained to work the cashier/greeter station, and
kitchen grill workers can be cross-trained to work in the
pantry.
42
Management
January, 2021
Job rotation or cross-training:
employees with exposure to a variety of jobs and
provides management with greater flexibility
when assigning tasks.
-training also enables management to run
a smooth operation when employees are on
vacation or absent, because cross-trained
employees can step in and perform the tasks of
the absent employee.

-training employees also helps employees
to develop skills and acquire knowledge that may
lend themselves well to potential career
advancements.
3/20/2021
22
43
Management
January, 2021
Problems with Job Rotation and
Cross-training:
e greatest problem associated
with cross- training is that employees
sometimes see the process as nothing
more than job loading.
should benefit both the employee as well
as management.

urs if the
hospitality business is operating under a
union’s collective bargaining agreement, or
contract.
44
Management
January, 2021
Train The Trainer Programs:
organization identifies an existing employee—
or several employees—who has the desire and
some talent for teaching others, and then teach
this person to train other staff members.
the organization, you distribute the knowledge
and create a repository of knowledge within
the organization.
in the trainer program could involve
sending one staff member to an outside
training class to learn about training techniques,
or an experienced manager could train the
trainer in-house.

3/20/2021
23
45
Management
January, 2021
Train The Trainer Programs:
teach inexperienced trainers such skills as
how to facilitate a training session, how to deal
with employees who are having trouble
learning, and how to utilize different training
techniques based on learning objectives or
outcomes desired.
budget constraints that many
smaller hospitality operations experience, it is
not always possible to send many staff
members to outside training.
be empowering, and it allows smaller
organizations to become more self-sufficient.

46
Management
January, 2021
Off-the-job training methods:
-the-job training methods do not necessarily
occur entirely away from the workplace, but this sort
of training is usually provided in a traditional
classroom setting or similar venue.
-the-job training includes lectures, video
presentations, computer-based training, role playing,
case studies, simulation exercises, and self-study.
heavily on communications than on the modeling
approach presented in OJT and job rotation.
-effective
when a large amount of information needs to be
delivered to a sizeable group of trainees.
3/20/2021

24
47
Management
January, 2021
Off-the-job training methods:
-employee
orientation when management wishes to cover the
information contained in the employee handbook
with new hires.
an effective way to deliver information.
-ROMs and
videotapes to deliver basic informa tion about
corporate culture as well as more specific, job-
related training.
several languages, which is quite beneficial
considering the cultural diversity of today’s
hospitality industry employees.
Other Training MethodsOther Training Methods

48
Management
January, 2021
ng methods available to the hospitality
manager include:
-study, sometimes called programmed learning.
will depend largely upon who is being trained, the level of
the trainee within the organization, what the expected
outcomes are, and whether there are appropriate
materials available and/or skilled trainers to support the
training method chosen.
3/20/2021
25

49
Management
January, 2021
Internships:
are preparing for future
careers in the hospitality industry are probably already
familiar with this term. An internship involves learning from
a more experienced employee or employees within the
industry.
tive because it
requires high levels of participation from the trainee and
provides the trainee with high transferability to the job.
advancement are put into formal management training
programs in which, ideally, the trainee will be introduced to
a wide variety of jobs in the organization.
program may spend a month or so in several departments
so he or she is exposed to the various job opportunities
within the organization.
50

Management
January, 2021
Role playing:
different
identities. It is a training method that is sometimes used to
change
employee attitudes.
e
supervisor, and the supervisor may assume the role of a male
worker. Both trainees would be given a typical work situation
and
told to respond as they would expect the other to do. This
training technique involves participation and feedback.
itality sales and marketing professionals sometimes
utilize
this training method to help fine-tune their sales presentations
before presenting to an actual client. One trainee would play the
role of the sales manager, and another individual would play the
role of the prospective client.
3/20/2021
26

51
Management
January, 2021
Case study:
related to the workplace, they learn about
real or hypothetical situations or
circumstances and the actions others have
taken when faced with these situations.
ide from learning about the content
of the case, a case study helps trainees to
develop decision-making skills.
provides some transference as well as
participation through discussion and
feedback.
52
Management

January, 2021
Self-study:
-study training method is also called
programmed learning.
employees are scattered geographically or
when learning requires little interaction.
be delivered either online via the Internet or
company intranet, or in books and manuals, or
even via CD-ROMs.
-designed materials will provide learner
participation, repetition, relevance, and
feedback.
3/20/2021
27
Characteristics of Effective TrainerCharacteristics of Effective
Trainer
1-Have the desire to train:

are several reasons why a trainer might
desire to do so, including:
ognition for a job well
done,
trainers are frequently promoted to
higher level positions within the
department.
53
Management
January, 2021
Trainer
2-Have the proper attitude about the
employer, peers, position, and the training
assignment.
the importance of staff members and that
provide quality training opportunities to
all employees at all levels will likely
increase the morale of their trainers.
and not so important responsibility, a less
than willing attitude is likely.

54
Management
January, 2021
3/20/2021
28
Trainer
3-Possess the necessary
knowledge and ability (skills) to
do the job for which training is
needed.
knowledgeable about and have
the skills necessary to perform
the work tasks for which they
will train others.
55
Management

January, 2021
Trainer
4- Utilize effective communication skills.
Trainers are effective communicators when
they:
(1) Speak in a language that is understandable
to the trainee,
(2) Recognize that body language is a method
of communication,
(3) Use a questioning process to learn the
extent to which a trainee has learned, and
(4) Speak to communicate rather than to
impress. For example, they don’t use unfamiliar
jargon, and they teach new staff members the
meaning of unusual but commonly used terms.
56
Management
January, 2021

3/20/2021
29
Trainer
5-Know how to train.
Train Of The Trainer
programs should be
obvious but often is
overlooked.
57
Management
January, 2021
Trainer
6- Have patience .
know or be able to do during their first
exposure to training.

understand that training steps must
sometimes be repeated several times in
different ways.
complete the training quickly; rather, it is
to provide the knowledge and skills the
trainee needs to be successful.
58
Management
January, 2021
3/20/2021
30
Trainer
7-Exhibit humor.
often provides a subtle
message to a trainee: “ I am
enjoying the opportunity to
provide training, and I hope you
enjoy it as well. Learning can be
fun, because the process is

enjoyable. ”
59
Management
January, 2021
Trainer
8-Have time to train.
time, and it must be
scheduled for the trainer
and for the trainees.
60
Management
January, 2021
3/20/2021
31

Global Cybersecurity Environment ReportAbstractCMP 620

Global Cybersecurity Environment ReportAbstractCMP 620

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Ähnlich wie Global Cybersecurity Environment ReportAbstractCMP 620

Ähnlich wie Global Cybersecurity Environment ReportAbstractCMP 620 (20)

Mehr von MatthewTennant613

Mehr von MatthewTennant613 (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Global Cybersecurity Environment ReportAbstractCMP 620