You were just hired as the new chief information security officer for Multiple Unite Security Assurance (MUSA) Corporation whose security posture is low. The first thing your chief executive officer tells you is that they have recently seen a presentation by one of the information security team members emphasizing the importance of having a security awareness program. As a result, you have been asked to develop a security awareness program for MUSA Corporation based on the following 10 security gaps:
We Write Essays for Students
Tell us about your assignment and we will find the best writer for your paper
Get Help Now!1. No annual cyber security awareness training, which is causing high phishing and social engineering attacks
2. No configuration change management policy (to reduce unintentional threats)
3. No intrusion detection/prevention system
4. Logs are not being collected or analyzed
5. No media access control policy
6. No encryption or hashing to control data flow and unauthorized alteration of data
7. Vulnerability assessment is conducted every three years; unable to assess the security posture status
8. High turnover and low morale among the employees (due to lack of employee readiness programs and work planning strategy)
9. High number of theft reports and security incidents; possible unethical/disgruntled employees
10. No segregation of duties or mandatory vacation policies (to mitigate intentional threats)
To that end, you will make recommendations for enhancing security policies, practices, and processes that are currently contributing to a dysfunctional security culture. Your chief goal is to build a program that will foster a healthy security culture and ensure continuous improvement. Your task is to develop a security awareness program that consists of four major components:
1. Proposal Introduction
2. Security Policies Development
3. Continuous Monitoring Plan
4. Communication Plan
IT 552 Milestone Three Guidelines and Rubric In Module Six, you will submit a continuous monitoring plan laying out the foundation for continuously monitoring the organization against malicious activities and intentional and unintentional threats. This milestone also focuses on work setting techniques and work planning policies to help employees improve their stress anxiety, fatigue, and boredom. As part of the planned solution, you will propose to mitigate the security gaps for the corporation given in the Case Document. You will need to explain what security tools (firewall, intrusion prevention system/intrusion detection system, antivirus, content filtering, encryption, etc.) and employee readiness strategies (training programs, rewards systems, physical wellness programs, etc.) will be used. Specifically, the following critical elements must be addressed:
ii. Work Settings: What strategies do you propose to address distractions, insufficient resources, poor management systems, or inadequate security practices?
iii. Work Planning and Control: What strategies do you propose to address job pressure, time factors, task difficulty, change in routine, poor task planning or management practice, or lack of knowledge, skills, and ability?
iv. Employee Readiness: What strategies do you propose to address inattention, stress and anxiety, fatigue and boredom, illness and injury, drug side effects, values and attitudes, or cognitive factors (e.g., misperception, memory, or judgment)?
Guidelines for Submission: Your paper must be submitted as a four- to five-page Microsoft Word document, with double spacing, 12-point Times New Roman font, and one-inch margins, in APA format.
Critical Elements Exemplary (100%) Proficient (90%) Needs Improvement (70%) Not Evident (0%) Value
Organizational: Work Settings
Meets “Proficient” criteria substantiated with research to support solutions that effectively protect against inoperative organizational factors associated with work settings
Describes strategies to address distractions, insufficient resources, poor management systems, or inadequate security practices
Minimally describes strategies to address distractions, insufficient resources, poor management systems, or inadequate security practices
Does not describe strategies to address distractions, insufficient resources, poor management systems, or inadequate security practices
25
Organizational: Work Planning
Meets “Proficient” criteria substantiated with evidence to support rationale around proposed strategies
Proposes strategies that address job pressure, time factors, task difficulty, change in routine, poor task planning or management practice, or lack of knowledge, skills, and ability
Strategies that address job pressure, time factors, task difficulty, change in routine, poor task planning or management practice, or lack of knowledge, skills, and ability are lacking in detail
Does not propose strategies that address job pressure, time factors, task difficulty, change in routine, poor task planning or management practice, or lack of knowledge, skills, and ability
25
Organizational: Employee Readiness
Meets “Proficient” criteria substantiated with evidence to support rationale around employee readiness
Proposes strategies to address inattention, stress and anxiety, fatigue and boredom, illness and injury, drug side effects, values and attitudes, or cognitive factors (e.g., misperception, memory, or judgment)
Inefficiently proposes strategies to address inattention, stress and anxiety, fatigue and boredom, illness and injury, drug side effects, values and attitudes, or cognitive factors (e.g., misperception, memory, or judgment)
Does not propose strategies to address inattention, stress and anxiety, fatigue and boredom, illness and injury, drug side effects, values and attitudes, or cognitive factors (e.g., misperception, memory, or judgment)
25
Articulation of Response
Submission is free of errors related to citations, grammar, spelling, syntax, and is presented in a professional and easy-to-read format
Submission has no major errors related to citations, grammar, spelling, or syntax
Submission has major errors related to citations, grammar, spelling, syntax, or organization that negatively impact readability and articulation of main ideas
Submission has critical errors related to citations, grammar, spelling, syntax, or organization that prevent the understanding of ideas
25
Earned Total 100%
The post Developing a security awareness program for MUSA Corporation appeared first on Versed Writers.
Welcome to originalessaywriters.com, our friendly and experienced essay writers are available 24/7 to complete all your assignments. We offer high-quality academic essays written from scratch to guarantee top grades to all students. All our papers are 100% plagiarism-free and come with a plagiarism report, upon request
Tell Us “Write My Essay for Me” and Relax! You will get an original essay well before your submission deadline.
