I believe that five areas any plan must include are as follows.

Discussion

.

Respond to two colleagues (BELOW): (Half a page each and please, provide each reference separately)

Discussion Topic

Despite the rise in cyberattacks over the last 10 years, many organizations still do not have an established security program. Identify five key areas that should be included in any strategic plan in the development of a cybersecurity program. Explain why these items are critical.

Post from colleague 1

Good morning everyone,

As technology increases, every day so does those new and creative ways that someone can attack a system. With that in mind its more important than ever for a business to develop plans to remedy any security issues in the immediate, as well as always planning on what will need to be added, removed, or changed moving into the future.

I believe that five areas any plan must include are as follows.

1) Maintain the system with updates and patches. Especially as new software or hardware is added to the system they will need to be patched, and updated with the newest software to make sure they are as safe as possible from any outside attackers. Have a plan of when to do the updates and changes that will not affect the business.

2) Realize Vulnerabilities. Perhaps with smaller businesses, this isn’t as much of an issue due to them not having as many devices connected to the system at one time, but large corporations can have many different types of systems, devices, software, and hardware all running different operating systems at one time. Know any vulnerabilities in those systems and plan accordingly.

3) Equipment Updates. This goes with the updating and replacing as well, know that as technology gets older some of them rather than be patched and updated must be replaced, same with regular wear and tear on the equipment. Also, realize that this equipment may not run the same as the older equipment and take time to make sure the new hardware is as safe and secure as the previous.

4) Documentation. Everything has to be written down, recorded, and documented. This is valuable in the event of an attack as it can be recorded how the attack occurred, how an attacker made it in the system. Also document policies, changes to those policies, and which ones are no longer in place.

5) Lastly, always remember outside entities. Such as supply chains, using outside server services like with cloud computing. They are only as safe as your business is and security can be a give and take scenario. You may be secure but if the outside service isn’t? That means an attacker has a backdoor into your systems.

Dorris, W. (2019, July 30). In What to Consider When Developing a Cybersecurity Strategy. Retrieved from https://www.securitymagazine.com/articles/90628-what-to-consider-when-developing-a-cybersecurity-strategy

Post from colleague 2

Hello Class,

A strategic plan for cybersecurity in any organization should stand the test of time and allow for adaptability. With these traits in mind, it’s my belief that the strategic plan should include areas such as technology infrastructure, IT applications & business systems, governance, and mitigation protocols. To reduce this number to 5 is troublesome as several additional categories which influence the or possibly supervene could be mentioned. Having technology infrastructure is necessary but will be a continual consideration in the effectiveness of an organization’s security. If key components of the infrastructure remain outdated or are not aligned with larger strategic goals, as any cybersecurity strategic plan should, then this leave the organization significantly vulnerable (Hayward, 2019). IT application & business system will need adaptable configurations and ongoing updates which require hands on implementation. For a global software such as CRM or MySQL, consistent troubleshooting and reconfigurations should be expected and likewise, its proper use concerns security. Governance can be likened to leadership in this plan, as IT leaders should have in place a chain-of-command for security goals that align with their respective duties. An organizations mitigation protocols will necessarily change overtime with new threats emerging. Likewise, as the business grows there will be a greater need for strong mitigation strategies to protect the progress of an organization.

Reference

Hayward, H (2019). Building Your Cyber Security Strategy: A Step-By_Step Guide. Retrieved from https://www.uptycs.com/blog/cyber-security-strategy

Collepals.com Plagiarism Free Papers

Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.

Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS

Why Hire Collepals.com writers to do your paper?

Quality- We are experienced and have access to ample research materials.

We write plagiarism Free Content

Confidential- We never share or sell your personal information to third parties.

Support-Chat with us today! We are always waiting to answer all your questions.