Reference no: EM13850800
Evaluating Cybersecurity Policies Objective:
Analyze the range of organizational policies (the policy framework) that are needed to effectively manage cybersecurity risks.
Competency: Problem solving
In 8-10 double-spaced pages, evaluates the cybersecurity policy of their or another organization in terms of completeness, compliance, organization and organization related interests, and other aspects, such as how to prevent its failure. Discuss how the policy addresses the cybersecurity issues discussed in the vulnerability identification & exploitation materials presented in the Erickson and Weidman texts.
Select an organization you admire (public sector, private sector, professional association, limited liability corporation, entrepreneurial, other) and solicit its cybersecurity policy. Such document(s) may be available as a link on its homepage, part of the organization's policies and procedures (P&P) manual, the subject or reference used in an academic or trade journal case study in information systems, or any other source-human or Internet. The cybersecurity policy may not necessarily reside as a single document and thus you may find it necessary to synthesize elements to have a resource that reasonably articulates the organization's cybersecurity policy.
Take special note that there is a minimum of three critical aspects to this assignment. One, as emphasized above, is to identify an organization whose cybersecurity policy is available. Federal civil sector organizations may be candidates. A company where you are currently or would like to be employed may be a candidate. Also consider an organization that routinely deals in information gathering and dissemination for the public good, such as a library using content filtering software to curtail questionable Internet browsing by its visitors. Start your search for a suitable organization early and anticipate that you may have to browse several before finding one suitable for this assignment.
A second critical aspect is to identify evaluation criteria or performance measures for the cybersecurity policy. Refer to applicable government, industry, and regulatory standards. In some cases, you may need to consider criminal or civil liability issues, and thus evaluation criteria may emanate from the judicial guidance.
A third critical aspect is application of your evaluation criteria to elements of the cybersecurity policy identified for analysis. Such analysis is likely to be qualitative for some aspects; quantitative for other aspects; and a hybrid for still other aspects of the policy. As such, your choice of measures and analytical techniques must be reasonable and justifiable.
Based on your accumulated reading and knowledge,
1. Evaluate the strengths and weaknesses of the organization's cybersecurity policy along attributes to include the following:
• completeness/thoroughness,
• compliance with recognized industry, government, and regulatory standards,
• the organization's product/service and customers/clients/citizenry, and
• system failure prevention and mitigation aspects.
2. Recommend specific changes to the cybersecurity policy
The assignment is due at the end of Week 6.
Prepare your paper in either Word or PDF format as your instructor requires. It should be double-spaced with one-inch margins all around. The citations and the reference list in the paper should be formatted in accordance with APA 6th edition guidelines. References are NOT included in the page count.
|
Compare and contrast the tidewater
: Compare and contrast the Tidewater and the backcountry regions of the Southern Colonies.
|
|
Advantages of non-numeric and numeric selection models
: Compare and contrast the advantages and disadvantages of non-numeric and numeric selection models. Describe how selection criteria are developed and used for the selection and prioritization of projects
|
|
Identifying a suitable new plant location for a company
: This project is designed to provide an opportunity to apply what you have learned throughout the semester. It involves the completion of a two-part research project focusing on identifying a suitable new plant location for a company
|
|
What happens when c is a function of just one variable
: What happens when C is a function of just one variable? Can you provide a geometric interpretation of what gradient descent is doing in the one-dimensional case?
|
|
Evaluate the strengths and weaknesses of the organizations
: Evaluate the strengths and weaknesses of the organizations cybersecurity policy along attributes - Analyze the range of organizational policies (the policy framework) that are needed to effectively manage cybersecurity risks.
|
|
Pairs of vectors and describe it geometrically
: 1. Determine the spans of the following pairs of vectors and describe it geometrically: (a) v1 = (1,-1,2), v2 = (2,-1,3) (b) w1 = (1,2,-1), w2 = (-5,-10,5)
|
|
Find a set of weights and biases for the new output layer
: Find a set of weights and biases for the new output layer. Assume that the first 3 layers of neurons are such that the correct output in the third layer has activation at least 0.99, and incorrect outputs have activation less than 0.01.
|
|
Determine whether the subset w ? v is a subspace
: In the following examples, determine whether the subset W ⊆ V is a subspace: (a) V = F(R,R) is the R-vector space of all functions from R to R and W = {f : R → R | f (3) =-2} is the subset consisting of those functions f : R → R such that f (3) = -2..
|
|
How much new total debt must the firm acquire
: Cross Town Express has a sale of $137,000, net income of $14,000, total assets of $98,000, and total equity of $45,000. The firm paid $7,560 in dividends and maintains a constant dividend payout ratio. Currently, the firm is operating at full capacit..
|