Reference no: EM133468417
ASSIGNMENT:
To help manage and operate an ongoing security program in an organization, the information security team must adopt a security model that serves as a guide for the development and implementation of the security program.
Prior to beginning this assignment, view "Management of Security Solutions" within the "Video Playlist: Policy Management for Security Solutions," located in the Class Resources.
Using the company from your Programmatic Business Continuity Plan Project, developed in CYB-515, address the following:
Provide a basic description of the company to include: mission statement, web applications, servers, departments, routers and switches, remote access, wireless communication, firewalls, and demilitarized zone (DMZ).
The NIST cybersecurity framework is a list of guidelines and practices designed to help organizations better manage their security programs. It rests on various industry best practices and standards like ISO 27001 and the Control Objectives for Information and Related Technologies (COBIT) 5 (refer to the topic Resources to learn more about these standards). This framework discusses critical security activities that can be tailored and customized to your organization's unique needs. Your task as a part of the security team in your organization is to prepare and present a report to upper management that discusses how you would incorporate these critical security activities into the following steps:
- Determine current/recent risks or threats to information security.
- Develop system-specific plans for the protection of intellectual property.
- Apply the security model to protect the organization from being compromised by unauthorized users.
- Determine the access control mechanisms that would apply to ensure information is protected against unauthorized users.
Then, outline and explain the roles of the following personnel in the planning and managing of this security:
- Board of Directors
- Senior Management
- Chief Information Security Officer (CISO)
- IT Management (CIO, IT Director, etc.)
- Functional Area Management
- Information Security personnel
- End users
|
Identify the value of information systems
: Also, for each competitive strategy you identify, give an IT technology example that can apply to support that strategy.
|
|
Which restrictive cyber regulations eu versus us cyber law
: We now have new foreign threat actors that we have to prepare for which includes more restrictive cyber regulations from the EU versus US cyber law.
|
|
What is the role of artificial intelligence in detecting
: Biometric Spoofing: What is the role of machine learning and artificial intelligence in detecting and preventing biometric spoofing attacks?
|
|
Discuss how they failed to operate ethically
: There are a few important elements to be considered prior to planning, such as explicitly stating ethical, entrepreneurial, and philosophical perspectives.
|
|
Review the management of security solutions
: Prior to beginning this assignment, view "Management of Security Solutions" within the "Video Playlist: Policy Management for Security Solutions,".
|
|
What is the iasme governance standard
: What the IASME Governance Standard is. Ensure that you reference the document. Use sufficient detail so that the audience can understand what it is.
|
|
Describe cybersecurity incident preparation
: Describe cybersecurity incident preparation, system, and data identification by creating a Cybersecurity Incident Response team and program.
|
|
What type of monitoring is legal
: Should additional laws be implemented? If so, what should they cover? Why? What type of monitoring is legal? Should this be something different? Why?
|
|
How the intrapreneur created value
: How the intrapreneur created* value? How did the intrapreneur use resources to meet needs or solve problems?
|