Reference no: EM132856017
ISYS1003 Cybersecurity Management - Southern Cross University
Initial CISO Report (Preliminary Cybersecurity Risk Assessment and Strategic Planning)
Tasks:
1. State clearly the difference between the roles of management and leadership within Norman Joe, related to security.
i. Consider the responses in the case study document, which type of leadership do you expect Norman Joe to have? State clear reasons for your decision.
ii. What are the roles of management? Briefly outline what Norman Joe's security management team should do.
2. Develop a strategic plan for Norman Joe.
i. This should begin with:
• Mission Statement
• Vision Statement
• Values Statement
ii. This plan should then include the following:
• The strategic security goals for Norman Joe using best practice and industry standards.
• Information Security governance processes using best practice and industry standards.
• Asset identification and classification strategy (Note: you do not need to necessarily know the organisation's list of assets to do this
exercise, use an industry standard approach to classify assets using general categories)
iii. Be sure to include details indicating how this plan can be used protect the information assets that will be held by Norman Joe.
3. A detailed statement of the expected threats and vulnerabilities for ‘Norman Joe' the retailer, with clear reasons justifying your inclusions of these threats and vulnerabilities.
• As part of a preliminary threat modelling exercise to present to ‘the board' of the company, use the Mitre Att&ck Framework and Navigator based on one of the attack examples (Social engineering, ransomware or DDoS). Tables and screenshots may assist you, though you will have to explain your assessment process.
• Include what Mitre Att&ck Framework techniques and sub- techniques may be used in the attack.
4. Propose the security personnel required and their roles within Norman Joe (e.g., a security hierarchy for Norman Joe's Australian organisation
i. Include any security training requirements for the company.
5. A cybersecurity project management plan for Norman Joe. Be sure to include:
i. The security processes that you expect to be managed and how you might manage the roll-out.
ii. An outline of the proposed structure for this management process.
iii. Project management tools will assist you (e.g., Gantt chart).
Attachment:- Preliminary Cybersecurity Risk.rar
BUGEN 5930 Business, Society and the Planet Assignment
: BUGEN 5930 Business, Society and the Planet Assignment Help and Solution, Federation University - Assessment Writing Service
|
Explain how Barnett Ltd has made an operating profit
: Using the figures provided, explain how Barnett Ltd. has made an operating profit yet has suffered a significant negative operating cash flow
|
Compute the conditional probabilities
: (a) Let Ai be the event "an i is rolled" and B the event "five red balls are drawn". Compute the conditional probabilities P(B|Ai) for i ? {1,2,3,4,5,6}.
|
What is the annual amount of cash Stanton will pay
: Stanton Company issued on January 1, 2019, $400,000 9%, 5-year bonds at 96. What is the annual amount of cash Stanton will pay to bondholders for interest
|
What are the roles of management
: What are the roles of management? Briefly outline what Norman Joe's security management team - which type of leadership do you expect Norman Joe to have?
|
What is the annual effective interest rate
: What is the annual effective interest rate that Katerina is paying for her loan transaction? What is the nominal interest (annual percentage rate) for the loan
|
Find the absolute value of the critical values
: a) Find the absolute value of the critical values in terms of the standard normal scale, Z. Enter your answer to at least three decimal places. _____
|
Find the expected profit and variance of option
: Tom received a Php 100,000 cash award for his winning project in a science fair. His parents decided to invest his money. The family's financial advisor
|
Computing the value of pearson
: How to have an interpretation, after computing the value of Pearson's r?
|