23 Oct In Module Six, you will submit a continuous monitoring plan laying out the foundation for continuously monitoring the organization against malicious activities and intentional and uni
In Module Six, you will submit a continuous monitoring plan laying out the foundation for continuously monitoring the organization against malicious activities and intentional and unintentional threats. This milestone also focuses on work setting techniques and work planning policies to help employees improve their stress anxiety, fatigue, and boredom. As part of the planned solution, you will propose to mitigate the security gaps for the corporation given in the Case Document. You will need to explain what security tools (firewall, intrusion prevention system/intrusion detection system, antivirus, content filtering, encryption, etc.) and employee readiness strategies (training programs, rewards systems, physical wellness programs, etc.) will be used.
Specifically, the following critical elements must be addressed:
- Work Settings: What strategies do you propose to address distractions, insufficient resources, poor management systems, or inadequate security practices?
- Work Planning and Control: What strategies do you propose to address job pressure, time factors, task difficulty, change in routine, poor task planning or management practice, or lack of knowledge, skills, and ability?
- Employee Readiness: What strategies do you propose to address inattention, stress and anxiety, fatigue and boredom, illness and injury, drug side effects, values and attitudes, or cognitive factors (e.g., misperception, memory, or judgment)?
What to Submit
Your paper must be submitted as a four- to five-page Microsoft Word document, with double spacing, 12-point Times New Roman font, and one-inch margins, in APA format.
See attached case..
IT 552 Case for Final Project
BACKGROUND:
You were just hired as the new chief information security officer for Multiple Unite Security Assurance (MUSA) Corporation whose security posture is low. The first thing your chief executive officer tells you is that they have recently seen a presentation by one of the information security team members emphasizing the importance of having a security awareness program. As a result, you have been asked to develop a security awareness program for MUSA Corporation based on the following 10 security gaps:
No annual cyber security awareness training, which is causing high phishing and social engineering attacks
No configuration change management policy (to reduce unintentional threats)
No intrusion detection/prevention system
Logs are not being collected or analyzed
No media access control policy
No encryption or hashing to control data flow and unauthorized alteration of data
Vulnerability assessment is conducted every three years; unable to assess the security posture status
High turnover and low morale among the employees (due to lack of employee readiness programs and work planning strategy)
High number of theft reports and security incidents; possible unethical/disgruntled employees
No segregation of duties or mandatory vacation policies (to mitigate intentional threats)
To that end, you will make recommendations for enhancing security policies, practices, and processes that are currently contributing to a dysfunctional security culture. Your chief goal is to build a program that will foster a healthy security culture and ensure continuous improvement. Your task is to develop a security awareness program that consists of four major components:
1. Proposal Introduction
Security Policies Development
Continuous Monitoring Plan
Communication Plan
image1.jpeg
