Answered You can buy a ready-made answer or pick a professional tutor to order an original one.
Prepare a two page briefing paper (5 to 7 paragraphs) for the senior leadership and corporate board of the case study "company" which addresses planning (what do we need to do?), programming (how will
Prepare a two page briefing paper (5 to 7 paragraphs) for the senior leadership and corporate board of the case study "company" which addresses planning (what do we need to do?), programming (how will we do it?), and budgeting (how will we pay for it?) processes for IT security program management.
1. Use the case study and enterprise architecture diagrams to identify five or more risks which require a financial investment. Financial investments should be categorized as: people investments, process investments, and/or technology investments.
2. Choose one of the four strategies for reducing the costs associated with responding to cyberattacks from the Rand report (A Framework for Programming and Budgeting for Cybersecurity):
- Minimize Exposure
- Neutralize Attacks
- Increase Resilience
- Accelerate Recovery
3. Discuss how your selected strategy can be used in the planning (what do we need to do?) and programming (how will we do it?) phases of budget preparation to identify less costly solutions for implementing technical, operational, and management controls.
Provide in-text citations and references for 3 or more authoritative sources. Put the reference list at the end of your posting.
Readings
http://www.nationalcybersecurityinstitute.org/genenral-public-interests/cyber-security-budget-planning-for-small-businesses/
http://www.rand.org/content/dam/rand/pubs/tools/TL100/TL186/RAND_TL186.pdf
https://www.isaca.org/Certification/CGEIT-Certified-in-the-Governance-of-Enterprise-IT/Prepare-for-the-Exam/Study-Materials/Documents/Developing-a-Successful-Governance-Strategy.pdf
http://csrc.nist.gov/publications/nistpubs/800-100/SP800-100-Mar07-2007.pdf
http://csrc.nist.gov/publications/nistpubs/800-55-Rev1/SP800-55-rev1.pdf
- @
- 165 orders completed
- ANSWER
-
Tutor has posted answer for $20.00. See answer's preview
******* ******** *** ManagementStudent’s ******************** ******** *** ManagementIntroductionThe ********** ** risks is * major concern ** ** ********** ******** **** the ********* objectives of *** business *** not jeopardized by ** failures ** ******* risks are progressively a ***** level ******* ** *** ****** on *** ******** ** an ** failure be ** ** *********** ******** ******** ***** or a ******* ******* can **** decimating results As * ****** ** ******* ******** ** risks *** ********** ********** ************** ** a *********** experience *** business directors ********** with ********* ************ * ******** ** ** expanding ****** ** ************** ********* *** *********** ********** danger ******** data As * ****** ************** is ********** ********* whether ***** are ***** ******* ****** tended ** and **** ******* ************* **** ******* are under ******* ******** ******** ********** ********* has to ****** ******* *** ******* *** ********* risksInvestment ******** ***** access ********* ***** integrity **** availability risk ******* ********* risk and infrastructural risk ********* investments ** counter ***** ***** **** cut ****** *** ***** ********* *** ******************* ** ProcessesProcess ****** *** **** ****** *** ***** **** in *** ********* of ** *********** *** the ********** ******** or operation **** *** venture ** proposed ** ******* ** addition *** ******* configuration *** complete process ************* ***** ** include ********** ******* ********** **** ********** rules parts ******** *** *** ******* process ******************** in ********** The innovation can ** **** ********** ********** synthetic ** ******* ** ****** **** a specific ********* or *********** ***** *** ***** ** focusing ** *** **** ** ** *********** ******* in *********** *** ******* ********** some elements ********** *** ******** ** ** ********* ******** applications operating ******* **** ******* data administration **** uprightness systems ********** business ****** *** ********** of *********** ********** **** *** *********** documentation ******** ********** ************** *** *** ******** to ** **** ** in *** *********** ** *** (Abercrombie ** ** ************** ** ****** ********* ** ****** ******** **** ************ **** *** other *********** ************ refers both to *** ********** **** ****** *** ******* *** ********** *** the ******* ** * ******* way) but **** *** ****** ************ *** ******* ******** ****** that ********** ******** *** include *** ********** Roles job definitions ********* *********** ******** ******* ******** ******* ******** ********* *********** ********* requirements ***** ************ ********* ********* ********** ****** **** ****** *********** assessment ********* ****** attitudes beliefs ****** ********* working conditions social environment ********* *********** ******* *** ***** considerationsMinimizing ******** *************** and networks are defenseless *** ********** ** *** degree **** ****** can ** ******** and *********** ******* just to *** ****** **** **** *********** ****** ** *** ****** **** ******** *** *** segments: ********* the ******** ******* * ********* and the rest ** *** ***** ********* *** entrance ** ******** ** ********** ** *** ********** and lessening the **** and ************* procedures *** *********** programs *** executables) **** *** **** ** ***** ** the framework ** ***** *** ********** ** inside *********** ****** a framework can ******** the **** from ** ******* ** ****** it troublesome *** *** subverted hub ** * ****** ** subvert ****** Minimizing ******** *** ** **** ** ******** *** *********** *** ********** the ***** in **** ****** **** (Ghernaouti ***** **** *** ******* ********** ********* ******** access points computational ********* *** *** sensitive **** ** *** ********* ***************************** * Ferragut * Sheldon F & Grimaila * (2011) ********** *** need for ************ in *** CSE ********* **** ********* ** ************* Intelligence ** ***** ******** ****** ************************************************** * ****** ************* ********** *** ******** ************* Conflict And ******** ** ********** ******* *************************************** * (2012) ******** ******* measures and ***** ************* *** ********** ********** ****** ***** **** Security20(5) ******* ****************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************