User Account

All Pages

Risk management strategy for an e-commerce company

Assignment Help Computer Network Security
Reference no: EM132495053 , Length: 6 pages

CSIA 350 - Cybersecurity in Business & Industry - University of Maryland Global Campus

Project -Risk Management Strategy for an e-Commerce Company

Description

For this project, you will build upon the e-Commerce Risk Analysis performed in Project #2. For this project, you will construct a risk management strategy for your selected company which includes specific cybersecurity activities (as defined in the NIST Cybersecurity Framework Core) which will help the company mitigate the identified risks. Your strategy will include an "acquisition forecast" in which you identify and discuss the technologies, products, and services required to implement your recommended risk management strategy. (Note: you must use the same company as used in Project #2. You may expand upon your risk analysis if necessary.)

Develop an Executive Summary
Since this is a separate deliverable, you will need to begin by identifying the selected company and providing an executive summary of the e-Commerce Risk Analysis that you presented in Project #2.

Develop and Document the Risk Mitigation Strategy
For this section of your project, you must identify and document a risk mitigation strategy for 10 separate risks. Your risk mitigation strategies must utilize at least three (3) of the five (5) NIST Cybersecurity Framework (CSF) Core Functions.

1. Begin by copying Table 1 from this file into a new file (for your assignment submission). This table will become your Risk Profile Table. (Delete the example text.)

2. Next, convert your list of risk factors (from Project #2) into a "Risk Profile" Each risk factor should be listed as a separate risk item with its own row in your Risk Profile.(Add a row to your table for each identified risk - one per row). For this step, you will fill in the information for the first two columns (Risk ID and Risk).

3. Next, consult the NIST Cybersecurity Framework (see Table 2: Framework Core) to identify the cybersecurity activities which can be used to control / mitigate the identified risks. Add this information to each row in your table. Note: you should paraphrase the information for the "Risk Mitigation Strategy (description)" column and the "Implementation: Required Technologies, Products, or Services" column.

4. Complete the final two columns of the table by entering the exact function, category, and sub-category identifiers and descriptions as listed in NIST CSF Table 2. See the example below.

Develop an "Acquisition Forecast"

To complete your work, summarize the technologies which you are recommending that the company acquire (purchase) in order to mitigate risks; these technologies MUST appear in your risk profile table. Your acquisition forecast should identify and fully discuss a minimum ofthree categories or types of cybersecurity products or services which this company will need to purchase in order to appropriately mitigate the identified risks.Remember to include information about potential vendors or suppliers including how you can identify and qualify appropriate sources of technologies, products, and services. This information provides the justification or rationale for your recommendations.

Note: "qualifying" a producer / manufacturer, vendor or seller refers to the due diligence processes required to investigate the supplier and ensure that the products, services, and technologies acquired from it will meet the company's needs and requirements. For cybersecurity related acquisitions, this many include testing the products and services to ensure that they can be trusted to deliver the required functionality and will not be a source of threats or harm.

Write

1. An executive summary which identifies the company being discussed and provides a brief introduction to the company including when it was founded and significant events in its history. This summary must also provide a high level overviewof the company's operations(reuse and adapt your narrative from Project #2) and the e-Commerce risks that the company must address and mitigate.

2. A separate section in which you present a Risk Management Profile. Begin with an introductory paragraph in which you summarize the risks and risk mitigation strategies. Your introduction should also explain the Risk Profile table (what is in it, how to use it).

3. Complete and then insert your Risk Profile Table at the end of this Risk Management Profile section. In-text citations are NOT required within the body of your Risk Profile Table but you must credit the sources of information used by listing / mentioning them in your introduction to this section.

4. A separate section in which you present your "Acquisition Forecast" in which you identify and discuss the products, services, and/or technologies which the company must purchase in the future to implement the recommended risk mitigation strategies. Remember to include information about potential vendors or suppliers including how you can identify and qualify appropriate sources of technologies, products, and services.

5. A closing section (Summary & Conclusions) which summarizes your risk management strategy and presents a compelling argument as to how your risk mitigation strategies (including the acquisition forecast) will reduce or control (mitigate) the identified "cyber" risks. Remember to address the five NIST Cybersecurity Framework Core Functions in your summation.

Attachment:- Project - Risk Management Strategy.rar

Reference no: EM132495053

Questions Cloud

How can transaction processing support transplant company : How can transaction processing, decision support, work group support, executive support, data management and communication support the transplant company?
Find what are the financial consequences : Claim related to your Federal Tax withholding obligation. What are the financial consequences you need to think about as you complete the W-4?
Determine which hr job positions you would prefer : Determine which HR job positions you would prefer and explain why. Analyze how the selected company can establish HRM strategies to improve competitive.
What is the carrying amount of the accounts receivable : The carrying amount of Accounts Receivable, Assuming the allowance method is used," What is the carrying amount of the Accounts Receivable after the write off?
Risk management strategy for an e-commerce company : Risk Management Strategy for an e-Commerce Company - Identify and document a risk mitigation strategy for 10 separate risks. Your risk mitigation strategies
ITECH7409 Software Testing Assignment : ITECH7409 Software Testing Assignment Help and Solution - Federation University, Australia. Task - Research on Software Testing and Standards
Find what is the yield to maturity : Dizzy corp bearing a coupon rate of 15 %, pay coupons semi annually, have two years remaining, and are currently priced at 980 per bond
Examine ways that companies recruit qualified job applicants : Examine two ways that companies can recruit qualified job applicants. Determine which method may be most effective and predict how it could benefit the company.
What is the initial cost of project including flotation cost : What is the initial cost of the project including the flotation costs? You are considering a project which requires $136,000 in external financing.

Reviews

Write a Review

Computer Network Security Questions & Answers

  Why we need hash function in rsa signature algorithm

For encryption, i.e., M11 (mod n), what is the number of multiplications to calculate M11 by using direct multiplication?

  Case study-brain saving technologies

On average, every 45 seconds, someone in the United States suffers a stroke, the third-leading cause of death as well as the leading cause of permanent disability in the nation, according to the American Heart Association. The first three hours af..

  Tools and techniques to manage networked applications

MN504 - Networked Application Management - Network Analysis using Wireshark - Analyse performance and deployment issues for networked applications

  Distinguish between caesar cipher and vigenere cipher

Please discuss both the similarities and differences between the previous encryption(Caesar Cipher, Vigenere Cipher) methods.

  Analyse a given sample of malware

Cyber Crime Malware Assignment - Malware Analysis & Reverse Engineering. The aim of this assessment is to analyse a given sample of malware

  What is the first address of the first subblock

An organization is assigned the IP address 14.24.75.0/26. The organization needs two subblocks: the first subblock with 15 devices, and the second.

  Describe the prevailing view that experts hold

Describe the prevailing view that experts hold about the likely future of the concept in question. Include the views of at least three experts to support your response.

  Assignment on email harassment

Suppose you are an internal investigator for a large software development company. The Human Resources Department has requested you investigate the accusations that one employee has been harassing another over both the corporate Exchange email sys..

  Discuss the terms confidentiality and integrity

Discuss the terms confidentiality, integrity, and availability as they relate to information systems. Why are they important

  Audit program for application systems for auditing

Discuss which employees and organizations have a deeper-level of information assurance (IA) policy compliance and examine the factors that increased the individual's level of propensity for compliance.

  Assignment on cryptographic systems

The Week 10 Critical Thinking assignment continues with the scenario set up for the Critical Thinking assignment in Week 8. You have been hired as the chief officer of information technology at a retail store in Medina City. The store has 5000 cus..

  What is web security were mentioned in the last six months

Write a research paper/presentation on what is application/web security and recent attacks that were mentioned in the last 6 months. Present your views and experts' views, if available on the breaches referenced in your paper/presentation.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd