User Account

All Pages

Risk management strategy for an e-commerce company

Assignment Help Computer Network Security
Reference no: EM132568761 , Length: 8 pages

Project -Risk Management Strategy for an e-Commerce Company

Description
For this project, you will build upon the e-Commerce Risk Analysis performed in Project #2. For this project, you will construct a risk management strategy for your selected company which includes specific cybersecurity activities (as defined in the NIST Cybersecurity Framework Core) which will help the company mitigate the identified risks. Your strategy will include an "acquisition forecast" in which you identify and discuss the technologies, products, and services required to implement your recommended risk management strategy. (Note: you must use the same company as used in Project #2. You may expand upon your risk analysis if necessary.)

Develop an Executive Summary

Since this is a separate deliverable, you will need to begin by identifying the selected company and providing an executive summary of the e-Commerce Risk Analysis that you presented in Project #2.

Develop and Document theRisk Mitigation Strategy

For this section of your project, you must identify and document a risk mitigation strategy for 10 separate risks. Your risk mitigation strategies must utilize at least three (3) of the five (5) NIST Cybersecurity Framework (CSF) Core Functions.

1. Begin by copying Table 1 from this file into a new file (for your assignment submission). This table will become your Risk Profile Table. (Delete the example text.)

2. Next, convert your list of risk factors (from Project #2) into a "Risk Profile" Each risk factor should be listed as a separate risk item with its own row in your Risk Profile.(Add a row to your table for each identified risk - one per row). For this step, you will fill in the information for the first two columns (Risk ID and Risk).

3. Next, consult the NIST Cybersecurity Framework (see Table 2: Framework Core) to identify the cybersecurity activities which can be used to control / mitigate the identified risks. Add this information to each row in your table. Note: you should paraphrase the information for the "Risk Mitigation Strategy (description)" column and the "Implementation: Required Technologies, Products, or Services" column.

4. Complete the final two columns of the table by entering the exact function, category, and sub-category identifiers and descriptions as listed in NIST CSF Table 2. See the example below.

Develop an "Acquisition Forecast"

To complete your work, summarize the technologies which you are recommending that the company acquire (purchase) in order to mitigate risks; these technologies MUST appear in your risk profile table. Your acquisition forecast should identify and fully discuss a minimum ofthree categories or types of cybersecurity products or services which this company will need to purchase in order to appropriately mitigate the identified risks.Remember to include information about potential vendors or suppliers including how you can identify and qualify appropriate sources of technologies, products, and services. This information provides the justification or rationale for your recommendations.

Note: "qualifying" a producer / manufacturer, vendor or seller refers to the due diligence processes required to investigate the supplier and ensure that the products, services, and technologies acquired from it will meet the company's needs and requirements. For cybersecurity related acquisitions, this many include testing the products and services to ensure that they can be trusted to deliver the required functionality and will not be a source of threats or harm.

Write

1. An executive summary which identifies the company being discussed and provides a brief introduction to the company including when it was founded and significant events in its history. This summary must also provide a high level overview of the company's operations(reuse and adapt your narrative from Project #2) and the e-Commerce risks that the company must address and mitigate.

2. A separate section in which you present a Risk Management Profile. Begin with an introductory paragraph in which you summarize the risks and risk mitigation strategies. Your introduction should also explain the Risk Profile table (what is in it, how to use it).

3. Complete and then insert your Risk Profile Table at the end of this Risk Management Profile section. In-text citations are NOT required within the body of your Risk Profile Table but you must credit the sources of information used by listing / mentioning them in your introduction to this section.

4. A separate section in which you present your "Acquisition Forecast" in which you identify and discuss the products, services, and/or technologies which the company must purchase in the future to implement the recommended risk mitigation strategies. Remember to include information about potential vendors or suppliers including how you can identify and qualify appropriate sources of technologies, products, and services.

5. A closing section (Summary & Conclusions) which summarizes your risk management strategy and presents a compelling argument as to how your risk mitigation strategies (including the acquisition forecast) will reduce or control (mitigate) the identified "cyber" risks. Remember to address the five NIST Cybersecurity Framework Core Functions in your summation.

Attachment:- Risk Management Strategy for an e-Commerce Company.rar

Reference no: EM132568761

Questions Cloud

Find what are the selling prices for both jobs : Find What are the selling prices for both jobs when stated on a per unit basis assuming 20 units were produced for Job P and 30 units were produced for Job Q?
Discuss confrontation and negotiation. : Discuss confrontation and negotiation. how the article relates to the selected chapter Key Term.
Calculate the standard overhead rate : During March, 11,000 hours were actually worked. Use this information to calculate the standard overhead rate
Evaluate the eagleair station operations : FAR 121.137 requires appropriate parts of the GOM be distributed to appropriate personnel. For this discussion, assume the role of the FAA inspector assigned.
Risk management strategy for an e-commerce company : Construct a risk management strategy for your selected company which includes specific cybersecurity activities - strategy will include an Acquisition forecast
Write detailed examination of right to life : Write detailed examination of "right to life" please not so much short
Admits fabricating dylan quotes in book : The article "Young Writer With a Following Admits Fabricating Dylan Quotes in Book" describes the situation of Jonah Lehrer
Have you ever know of or been involved with such a case : In what circumstances is expert testimony unnecessary in medical malpractice? Have you ever know of or been involved with such a case?
Discuss the political implications of colonization : Discuss the political implications of colonization in relevance to Western civilization

Reviews

Write a Review

Computer Network Security Questions & Answers

  State-of-the art developments in automatic deception

Computer and information security Write an essay on state-of-the art developments in automatic Deception - Your assignment should be maximum 1500 words

  Case study - asymmetric and symmetric encryption

Case Study - Asymmetric and Symmetric Encryption, ABC Institute of Research has sensitive information that needs to be protected from its rivals. The Institute has collaborated with XYZ Inc. to research genetics

  Potential physical vulnerabilities and threats

Identify and analyze any potential physical vulnerabilities and threats that require consideration.

  Write physical security policy section of information policy

Write the Physical Security Policy section of the Information Security Policy. Include the Security of the facilities Physical entry controls.

  Compare and contrast public and in-house cas

Analyze the fundamentals of PKI, and determine the primary ways in which its features and functions could benefit your organization and its information security department. Compare and contrast public and in-house CAs.

  Leaders and managers

One of business' contemporary rules states that organizations should move away from some top leaders and many managers to leaders at every level and few managers.

  Inflation and an insurance company

Suppose there is no inflation and an insurance company offers a contract that would pay $500,000 with certainty 50 years from now.

  Explain the use of file transfer protocol

Explain the use of File Transfer Protocol

  What challenges are there with cloud computing

What challenges are there with cloud computing? Why is the Internet often considered the cause of cyber security issues?

  What is ip address and tcp port number used by your client

CPS 470/570- What is the IP address and TCP port number used by your client computer (source) to transfer the file to gaia.cs.umass.edu? What is the IP address and port number used by gaia.cs.umass.edu to receive the file.

  What are the key backup considerations in the scenario

Over the years, the networks and IT infrastructure at Altona Manufacturing have grown through individual projects. What are the key backup considerations in the scenario?

  Find out about the cryptosystems and protocols

Go to a popular online electronic commerce site like Amazon.com. What can you find out about the cryptosystems and protocols in use to protect this transaction

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd