Information Security Plan Survey

Information Security Program Survey As a new graduate of UMUC’s cybersecurity program, you have decided to apply in a competitive selection process to a joint federal-state government sponsored cybersecurity training program for new graduates (apprentices). As part of your application package, you must submit an essay (narrative) containing a written analysis of an information security program. You can use the worksheet to help organize your information.

The application package provides you with the following information: For your application to this program you are asked to prepare a high-level summary of an information security program.

We Will Write a Custom Case Study Specifically
For You For Only $13.90/page!


order now

Your summary should demonstrate that you are able to read, understand, apply, and write about common information security concepts at the apprentice level. Your summary must include an analysis that addresses strategic fit (how well the information security program supports the organization’s goals and objectives), breadth and coverage of the information security program (people, processes, technologies), any known or previously uncovered program deficiencies or implementation issues, and any stated costs and benefits of the program.

Choose one of the organizations listed in Table 1, review the pertinent documents, and then prepare a three- to five-page narrative summarizing your analysis of the organization’s information security program. Uniform Resource Locators (URLs) are provided for the pertinent documents and web pages. Applicant narratives must be submitted in electronic form as Microsoft Word documents. Use standard size (8. 5″ x 11″) pages. Include your name and the date at the top of each page. Use 1″ margins and Times New Roman 12-point font. Double-space your text.

Use black text (no colors) on a plain white background.

Do not include pictures, tables, or diagrams in your narrative. Cite your sources in APA format and use only authoritative/scholarly sources such as journal articles, books, government documents, and other industry publications (e. g. , trade journals or magazines for health care or security professionals). The title page and list of references are not included in the required page count.

You must also use and cite the documents listed in Table 1 for your chosen organization. Remember to check the spelling and grammar of your submission. Information Security Program Survey

As a new graduate of UMUC’s cybersecurity program, you have decided to apply in a competitive selection process to a joint federal-state government sponsored cybersecurity training program for new graduates (apprentices). As part of your application package, you must submit an essay (narrative) containing a written analysis of an information security program. You can use the worksheet to help organize your information. The application package provides you with the following information: For your application to this program you are asked to prepare a high-level summary of an information security program.

Your summary should demonstrate that you are able to read, understand, apply, and write about common information security concepts at the apprentice level. Your summary must include an analysis that addresses strategic fit (how well the information security program supports the organization’s goals and objectives), breadth and coverage of the information security program (people, processes, technologies), any known or previously uncovered program deficiencies or implementation issues, and any stated costs and benefits of the program.

Choose one of the organizations listed in Table 1, review the pertinent documents, and then prepare a three- to five-page narrative summarizing your analysis of the organization’s information security program. Uniform Resource Locators (URLs) are provided for the pertinent documents and web pages. Applicant narratives must be submitted in electronic form as Microsoft Word documents. Use standard size (8.

5″ x 11″) pages. Include your name and the date at the top of each page.

Use 1″ margins and Times New Roman 12-point font. Double-space your text. Use black text (no colors) on a plain white background.

Do not include pictures, tables, or diagrams in your narrative. Cite your sources in APA format and use only authoritative/scholarly sources such as journal articles, books, government documents, and other industry publications (e. g. , trade journals or magazines for health care or security professionals). The title page and list of references are not included in the required page count.

You must also use and cite the documents listed in Table 1 for your chosen organization.

Remember to check the spelling and grammar of your submission. Return to Project Descriptions menu Emerging Technologies Case Study You are a junior staff member assigned to the chief information security officer’s (CISO) team in a major medical center. The medical center’s senior leadership recently reviewed plans for changes to the center’s facilities and found that risks associated with the adoption of several new or emerging technologies had not been addressed.

To address this planning gap, the hospital’s chief operating officer (COO) has given the CISO two weeks to provide a quick-look evaluation of the risks associated with two of the planned expansion areas that may pose technology problems: a. moving one or more clinical IT support functions (including both fixed and mobile devices for end users) into a grid and/or cloud computing environment b.

including intelligent building capabilities (sensors, tracking devices, and the associated IT systems) in a new medical office building housing doctor’s offices, clinics, and outpatient services (e. . , labs for blood tests, physical therapy facilities) For this assignment, research and write a short case study (three pages) using one or more articles from the CISO’s emerging technologies reading list. In your case study, you must discuss one of the listed technology problems (a or b above) and include a discussion of the potential risks associated with the technologies discussed in your chosen article. Your case study must also answer the question, how can these technologies be secured? You have one week to complete your paper.

Remember to cite your sources in APA format and use only authoritative/scholarly sources such as journal articles, books, government documents, and other industry publications (e. g. , trade journals or magazines for health care or security professionals). The title page and list of references are not included in the required page count. Return to Project Descriptions menu Law and Policy Case Study Congratulations! You have just been hired by a major security consulting firm that has recently won several contracts to support chief information security officers (CISOs) in the Washington, DC, area.

As part of your first consulting assignment, you have been asked to research and write a short case study (three pages) in which you discuss the legal environment (i.

e. , policies, regulations, and laws) and its impact upon how an organization (e. g. , business, government agency, nonprofit) ensures the confidentiality, integrity, and availability of information and information systems. You have one week to complete your assignment.

The immediate audience for your case study is a group of senior managers (stakeholders) in a client organization ho are not familiar with information security laws and practices. These managers need a brief overview of the legal environment to assist them in reviewing and commenting upon a new governance policy for their organization’s information security program. Your case study should be general enough, however, that it can be reused with other clients. Your supervisor has also given you a “heads up” about a trap that previous consultants have missed when completing similar work for other clients: the term policy has two meanings that you must address: (a) government policies (e. . , those issued by federal, state, local, or tribal governments) and (b) organizational policies (e.

g. , those written to guide an organization’s compliance with laws, regulations, and policies). Remember to cite your sources in APA format and use only authoritative/scholarly sources such as journal articles, books, government documents, and other industry publications (e. g. , trade journals or magazines for health care or security professionals). The title page and list of references are not included in the required page count.

Return to Project Descriptions menu

Information Security White Paper Watch the Information Technology Security for Small Businesses video from the National Institutes of Standards and Technology (NIST): Video Transcript (Courtesy of NIST) Source: National Institute of Standards and Technology (Creator). (2009, September 30). Information technology security for small businesses [Video]. Retrieved from http://csrc. nist. gov/groups/SMA/sbc/library.

html#04. Then write an information security white paper that can be used to market your firm’s security consulting services to small businesses in the Washington, DC, area.

Your white paper must: * Be concise—no more than three pages long. * Provide a general explanation of the business need for information security (protection measures) even in the smallest of businesses (e. g. , protect against loss of profit, damage to company’s reputation, costs of litigation, etc.

). * Explain information security threats and vulnerabilities in plain English to small business owners who, while experts in their own business areas, have limited knowledge of computers, networks, and software. * Explain the following key concepts as part of the threats and vulnerabilities discussion: * confidentiality integrity * availability * non-repudiation * authentication * authorization * risk * Recommend technologies, processes, and policies that can be used to solve or mitigate one of the following common information security threats: * data breach and/or data theft (confidential client information) * denial-of-service (DOS) attacks * insider theft of intellectual property * deliberate corruption of electronic files (hacker attack or malicious insider) including virus/worm infections * Discuss the impact or results that can be expected: costs and benefits of effective protection measures * costs and penalties of ineffective or nonexistent protection measures Remember to present your white paper and cite your sources in APA format and use only authoritative/scholarly sources such as journal articles, books, government documents, and other industry publications (e. g. , trade journals or magazines for health care or security professionals). The title page and list of references are not included in the required page count.

Return to Project Descriptions menu

admin