The CISO of the organization reaches out to you, the senior information security officer, and tasks you with creating an agency-wide security awareness program. He states that he
The CISO of the organization reaches out to you, the senior information security officer, and tasks you with creating an agency-wide security awareness program. He states that he will give you all of his support to complete this project (remember, this is the first component of security awareness program). He hands you a security gap analysis (the second component of a security awareness program) that was conducted, which shows 10 major security findings. These 10 deficiencies will serve as the foundation for developing the agency's security awareness program (see the Case Document for more details on the gap analysis)
Based on the scenario provided in the Case Document, develop the Introduction to your Proposal. In your introduction, be sure to include the purpose of the proposal, address the security concerns of the chief executive officer (CEO), explain why the security awareness proposal will be vital to the organization, describe how the security posture will be addressed, clarify how human factors will be assessed, and list any organizational factors that will contribute to the status of the security posture:
The final project for this course is the creation of a security awareness program proposal. In Module Two, you will take the first step in completing this project by creating the introduction section of your proposal. Begin by reviewing the Case Document, which will provide you with information about the organization for which you are creating the security awareness program proposal. Then, based on the scenario provided in the Case Document, write an introduction to your proposal that addresses the concerns of the chief executive officer and explains why the security awareness proposal will be vital to the organization.
Specifically, the following critical elements must be addressed:
- What is the purpose of your proposal? Why is the new security awareness program vital for the organization? Use specific examples to illustrate your claims.
- Overall, how would you characterize the security posture of the organization? What were the major findings in your risk assessment of the organization’s current security awareness policies, practices, and processes?
- Specifically, are there human factors that adversely affect the security climate within the organization? If so, how? Be sure to consider unintentional and intentional threats to a healthy security culture.
- Specifically, are there organizational factors that contribute to an unhealthy security culture in the organization? If so, how? Be sure to consider organizational data flow, work setting, work planning and control, and employee readiness.
What to Submit
Your paper must be submitted as a two- to four-page Word document with double spacing, 12-point Times New Roman font, and one-inch margins, in APA format.
See attached case ….
IT 552 Case for Final Project
BACKGROUND:
You were just hired as the new chief information security officer for Multiple Unite Security Assurance (MUSA) Corporation whose security posture is low. The first thing your chief executive officer tells you is that they have recently seen a presentation by one of the information security team members emphasizing the importance of having a security awareness program. As a result, you have been asked to develop a security awareness program for MUSA Corporation based on the following 10 security gaps:
1. No annual cyber security awareness training, which is causing high phishing and social engineering attacks
2. No configuration change management policy (to reduce unintentional threats)
3. No intrusion detection/prevention system
4. Logs are not being collected or analyzed
5. No media access control policy
6. No encryption or hashing to control data flow and unauthorized alteration of data
7. Vulnerability assessment is conducted every three years; unable to assess the security posture status
8. High turnover and low morale among the employees (due to lack of employee readiness programs and work planning strategy)
9. High number of theft reports and security incidents; possible unethical/disgruntled employees
10. No segregation of duties or mandatory vacation policies (to mitigate intentional threats)
To that end, you will make recommendations for enhancing security policies, practices, and processes that are currently contributing to a dysfunctional security culture. Your chief goal is to build a program that will foster a healthy security culture and ensure continuous improvement. Your task is to develop a security awareness program that consists of four major components:
1. Proposal Introduction
2. Security Policies Development
3. Continuous Monitoring Plan
4. Communication Plan
image1.jpeg
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.
