SEC 402 The Critical Need for Information Security

Strayer SEC 402 Cyber Security, Case Study 1, The Critical Need for Information Security, 7 pages, 1517 words, Graded A. Cybersecurity: The essential body of knowledge
Exclusive and Original document Available only on Course Answer
Write a four to five page paper in which you:
1. Identify at least three benefits or key knowledge points that could be derived from using cyber-attack simulator systems and research, and suggest how this insight could assist in defining the needs for security within an organization.
2. Analyze and determine which sector, public or private, has greater insight on the potential of cyberattacks. Justify your answer by citing at least three (3) examples.
3. Suggest at least four (4) best practices that should be implemented when developing a cybersecurity strategy within a security enterprise. Then, evaluate the required roles and functions of Information Technology (IT) personnel that would be required to sustain these best practices.
4. Describe the role of planning when developing a cybersecurity strategy and what key deliverables would ensure an effective implementation and transition.
5. Suggest how public-private partnerships can strengthen cybersecurity efforts and effectiveness in a:
a. Corporate environment
b. Regional level
c. National level


Download Now
(sent via email)



Discussion 1

Interpret how context, scope, and feasibility influence the development of a security process, and provide an example of a security solutions development process with your response. Context: You must look at the social, economic and technical variables and tailor the security system around them. Scope: This answers the question of the protected environment will house what and who will be responsible for it. Standards, regulations and policies will be referenced within the scope. Identify boundaries for storing, communication and processing of information and mapping. Exact specifications and evaluation of performance once implemented needs to be conducted. Feasibility: Consider the cost of what is to be held secure and if it is worth the cost to initiate and maintain. RIO must be calculated and future technology investments should be factored into the equation. Also, knowing what your resources are to support the security system at initiation. As we see in the book’s example, the US team traveling to Singapore threw out the work instructions and developed a security solution tailored to fit the needs of the Singapore client. Realizing the context, scope and feasibility of the Singapore culture and economics were different from the United State’s way of doing things, it was imperative to utilize the generic EBK framework. This trickled into creating passwords which were more familiar to Singapore’s culture and easier to remember for the end user’s.

Discussion 2

Analyze the key functions a Chief Information Officer (CID) performs to define, develop, implement, and support ongoing security countermeasures. Determine the function that you believe is the most important in supporting the security of information. Out of the many functions of the CIO, I feel that the most important is The Management of Incidents. Since many organizations are being targeted daily, the possibility of a breach or incident is greater. Worst-case scenario: A successful cyberattack could shut down a business for good. Plus, the compromise of Pll, sensitive data etc messes with the reputation. So with that being said, the effective management of incidents is a top priority. Hopefully, robust security countermeasures are deployed appropriately to prevent incidents, but just in case a strong incident response plan is necessary. •Determine what you believe are the three most important ways the security compliance officer supports the role of the CIO and explain why. I always say, Don’t mess with the government! There are many ways to skin a cat, but when it comes to compliance you don’t want to cut any corners. Failing to comply is a huge risk that organizations do not need. The SCO makes sure compliance is included into the organization’s risk management process (Shoemaker, 2012). The following are also ways that the security compliance officer supports the role of the CIO (i-Sight, 2015): 1. Access Controls: Ensuring that info is used only by authorized users and for its intended purposes. 2. Helps set the tone for the CIO. The SCO sets the ethical tone for the IT staff that represents the voice from the CIO. 3. Incorporates compliance into the business process. Compliance should be a part of the business process and the organizations systems, not as an afterthought. This also holds everyone accountable for their actions. i-Sight. 2015. 3 ways you Chief Information and Chief Security Officers can be Ethics Heroes. i-Sight Inc. Shoemaker, D., Conklin, W.A., (2012). Cybersecurity: The essential body of knowledge (1st ed.). Boston, MA: Cengage Learning.