ISYS1003 Cybersecurity Management Assignment

Assignment Help Other Subject

Reference no: EM132871210

ISYS1003 Cybersecurity Management - Southern Cross University

Cyber security program and policy development

Scenario developments

Since your preliminary report was delivered and you have become more comfortable in the CISO chair, the Norman Joe organisation has experienced great success and extraordinary growth due to an increased demand in e-commerce and online shopping in COVID-19. The company is even considering acquiring a specialised "research and development" (R&D) group specialising in e- commerce software development. The entity is a small but very successful software start-up.

However, it is infamous for its very "flexible" work practices and you have some concerns about its security. As such, in anticipation of your employer's acquisition of this new business you wish to ensure the company's cyber risk management program and security policy library is sufficient.

Requirements:

1. Carefully read the Case Study scenario document. You may use information provided in the case study but do not simply just copy and paste information. This will result in poor grades. Well researched and high-quality external content will be necessary for you to succeed in this assignment.

2. Align all Assignment 2 documents to those in Assignment 1 as the next stage of a comprehensive Cyber Security program.

Tasks:
1. Identify, select and devise the top 5 security policies that are essential for Norman Joe's. Hint: You may refer to security policies from the external sources such as the SANS policy library. However, you are required to draft these policies on your own, i.e., to be written in your own words.
2. Risk Management Framework
a. Outline what is meant by Risk Assessment, Risk Appetite and Risk Treatment.
i. Use this information when developing a Risk Management Framework for Norman Joe. Be sure to include:
1. Risk Treatment Cycle
2. Cost Benefit analysis
3. Establishing feasibility - (all that are appropriate)

b. What Risk Management Framework would be most appropriate for Norman Joe moving forward? Considering what you now know about the direction of Norman Joe, explain your decision based on the requirements that you believe Norman Joe would need to address.
3. Update the company's Risk Management Plan. You must address:
a. Based on the information given for Norman Joe and based on the preliminary threat modelling exercise in Assignment 1, develop an appropriate access control policy for this company. What types of access controls do you recommend protecting the assets of the company? Justify your choices. You should have physical and logical access controls, which do not let unauthorized access to the assets (assets include information, software, and hardware).
b. Determine and recommend data security solutions for three different data states in the company: data in use, data in motion, and data at rest.
c. What authentication method do you recommend for Norman Joe for effective and efficient management of user identify verification, especially for remote users.
d. Explain how a single sign-on service (SSO) can help Norman Joe to manage authentication. Which protocol will be used to implement this SSO service and why? Explain the protocol.
e. Describe six phases of developing an incident response plan. For this question, you should explain each phase and propose at least two activities for each phase in Norman Joe. In addition to analysing the case study materials carefully, you will need to do conduct independent research to answer this question.

Attachment:- Cybersecurity Management.rar

Reference no: EM132871210

Questions Cloud

What is the measurement of the coffee beans inventory : On such date, the fair value less cost of disposal is P3,900,000 and the net realizable value is P 3,200,000. What is the measurement of coffee beans inventory

Do think that measures for public engagement : Do you think that measures for public engagement with the New Zealand Parliament are sufficient? If so, why? If not, why not? Justify your answer

Addresses importance of quality management and measurement : Addresses the importance of quality management and measurement within the global context

Should all new zealand constitutional law be consolidated : Should all New Zealand constitutional law be consolidated into one Act? What are the most important elements you would expect to see in the Act

ISYS1003 Cybersecurity Management Assignment : ISYS1003 Cybersecurity Management Assignment Help and Solution, Southern Cross University - Assessment Writing Service

What role does te tiriti o waitangi currently play : What role does Te Tiriti O Waitangi currently play in New Zealand's constitutional arrangements? Do you think its role is sufficient or should it be strengthene

Key developments in global environment of business : What will be the key developments in the global environment of business during the next five years? On the basis of these, what will be the greatest challenges

What are ideological state apparatuses : What are ideological state apparatuses? In what specific ways do they operate and what institutions does he say are a part of these apparatuses?

What do political scientists say are the expected functions : What do Political Scientists say are the expected functions of the Media in a democratic system. Make sure you consider the media's role as Watchdog

User Account

All Pages