My report will discuss and analyze security management at the Tower. In the first part, I will provide an overview of tower cybersecurity and introduce its skills. In the second part, I will discuss and analyze the security management at the tower and finally I will add solutions, recommendations and end my report with a conclusion and references. Over the past twenty years, almost every business has become more dependent on information security. The use of computer networks has also increased, not only within companies but also between them, as well as between local companies and international companies around the world. The increasing complexity of IT infrastructure means that businesses are now more vulnerable to technical failures, human error, misuse, hackers and malware. This increasing complexity requires a consolidated management approach. Furthermore, security management has an important relationship with business activities. The main objective of security management is to provide a basic level of security, independent of external requirements. Security management is important to maintain the uninterrupted operation of IT companies. Additionally, it extends information security service level management, as it is difficult to manage a large number of different SLAs rather than a limited number. Today, many companies address information security at the strategic level in information policy and information plans, and at the operational level by purchasing hardware and other security tools. Information security is not a target in itself; it aims to serve the interests of the business or societies. Furthermore, information security must be tailored to the needs of the information. Effective information provision, with sufficient information...... middle of paper ......e needs and other elements.6- Risks such as assets, threat, vulnerability and combinations.7- Action preference for any risk.8- Suggested controls from risk assessment”[2].According to the case study, I saw that there was no security plan. This thing has increased the risk to the highest level. CIOs and IT staff must also take full responsibility for any vulnerabilities that have occurred in the system. This is my fourth case study and I hope you like it. Kind regardsMohammed AlmohdarReferences[1], [2]. Stallings, W. and Brown L. (2012). Computer security: principles and practices. Boston, MA: Prentice Hall. Raggad, B. (2010). Information security management: concepts and practices. Boca Raton, FL:CRC Press/Taylor & Francis. Tipton, H. & Nozaki, M. (2007). Information Security Management Handbook. Boca Raton: Auerbach Publications.