Waiting for answer This question has not been answered yet. You can hire a professional tutor to get the answer.
The importance of cybersecurity governance as a fundamental aspect of protecting an organization’s information systemsQuestion 1Unit 1 focused on various leadership roles and their respective respon
The importance of cybersecurity governance as a fundamental aspect of protecting an organization’s information systems
Question 1
Unit 1 focused on various leadership roles and their respective responsibilities in implementing an effective cybersecurity governance plan. Consider the leadership roles (CEO, CSO/CIO, and Program Managers) in Sony organization and their responsibilities in implementing the organization’s cybersecurity strategy:
· Explain the Sony’s organization’s governing structure, and its approach to cybersecurity. you may extrapolate the formal roles from the data available and contrast this with what was observed.
· Based on your substantiation above, recommend changes that should be implemented and, if applicable, propose a new cybersecurity leadership plan that addresses it Sony’s shortcomings.
· (Approx. 300–400 words)
Question 2
Unit 2 of this module described the management processes organizations should consider when developing a cybersecurity governance plan.
● Evaluate why the management processes utilized by Sony were insufficient to ensure good cybersecurity governance; and
● Based on your substantiation above, recommend management processes that would have addressed Sony’s shortcomings in implementing a cybersecurity governance plan and should be adhered to going forward.
(Approx. 300–400 words)
Question 3
Unit 3 focuses on the importance of keeping an organization’s cybersecurity awareness updated. To do so, think of types of Cybersecurity awareness training that are available and the topics that should ideally be included in training programs. In your answer, address the following:
· If relevant, identify any cybersecurity awareness programs or practices utilized by Sony.
· Based on your substantiation above, provide an outline of a cybersecurity awareness program you would suggest for Sony.
Your outline of the training program should cover the following three aspects:
1. The type of security awareness training (classroom or online);
2. The topics included in the training program;
3. The target audience; and
4. The roles and responsibilities of those responsible for executing the training program.
Each aspect should be accompanied by reasons for your choices based on the organization’s context and needs.
(Approx. 300–400 words)
Note:
The word counts for each question serve as a guide; your submission should not exceed 1,200 words in its entirety.
submission will be graded according to the following rubric:
Very poor
Poor
Satisfactory
Very good
Exceptional
Adherence to brief
Student answers all the three questions, which include: a cybersecurity leadership plan; cybersecurity management processes; and an outline of a cybersecurity awareness program.
Answer falls within the prescribed word count (1,200 words).
No submission.
OR
Student fails to address any element of the brief. (0)
Some key elements are not addressed. Most information provided is irrelevant.
OR
Answer does not fall within the prescribed word count (100 words over word count). (5.5)
Student adheres to most of the brief. Sufficient information is provided and is mostly relevant. (7)
Student adheres to almost all elements of the brief. Almost all information is provided and is relevant. (8.5)
Student fully adheres to the brief. All information provided is comprehensive and relevant. (10)
Question 1:
Insight into an organization’s leadership roles and their associated responsibilities in implementing cybersecurity governance
Student demonstrates their understanding by identifying the roles organizational leaders play in implementing cybersecurity governance strategies, evaluating the effectiveness of an organization’s leadership structure in relation to cybersecurity governance, and recommending changes to improve how an organization’s leadership executes cybersecurity strategies.
No submission.
OR
Student fails to demonstrate even basic understanding of the responsibilities of organizational leaders, and does not evaluate the leadership structure’s effectiveness or proposed recommended changes. (0)
Student shows an incomplete understanding of the responsibilities of organizational leaders and does not evaluate the leadership structure’s effectiveness or proposed recommended changes. (5.5)
Student demonstrates a satisfactory understanding of the responsibilities of organizational leaders and evaluates the leadership structure’s effectiveness and proposed recommended changes. (7)
Student demonstrates a strong understanding of the responsibilities of organizational leaders, and their evaluation of the leadership structure’s effectiveness. Recommended changes illustrate a degree of insight. (8.5)
Student demonstrates a thorough and an incisive understanding of the responsibilities of organizational leaders, and their evaluation of the leadership structure’s effectiveness. Recommended changes illustrate great depth of insight. (10)
Question 2:
Insight into an organization’s cybersecurity management processes
Student demonstrates their understanding by accurately describing management processes that are essential to an organization’s cybersecurity, evaluating whether an organization’s management processes are sufficient to ensure good cybersecurity governance, and providing recommendations for management processes that would improve an organization’s cybersecurity governance.
No submission.
OR
Student fails to demonstrate even basic understanding of the management processes that are essential to an organization’s cybersecurity and does not evaluate the organization’s management processes or recommended changes. (0)
Student shows an incomplete understanding of the management processes that are essential to an organization’s cybersecurity, and did not provide a satisfactory evaluation of the organization’s management processes, and does not provide satisfactory recommended changes. (5.5)
Student demonstrates a satisfactory understanding of the management processes that are essential to an organization’s cybersecurity and evaluates the organization’s management processes and recommended changes. (7)
Student demonstrates a strong understanding of the management processes that are essential to an organization’s cybersecurity, and their evaluation of the management processes. Recommended changes illustrate a degree of insight. (8.5)
Student demonstrates a thorough and an incisive understanding of the management processes that are essential to an organization’s cybersecurity, and their evaluation of the management processes. Recommended changes illustrate a great deal of insight. (10)
Question 3:
Insight into cybersecurity awareness and training
Student demonstrates their understanding by providing a substantial description of the types of cybersecurity awareness training, the topics that should be covered in cybersecurity awareness training, and the roles and responsibilities of those who need to execute the training program.
No submission.
OR
Student fails to demonstrate even basic understanding of cybersecurity awareness training and does not evaluate the organization’s training program or recommended changes. (0)
Student shows an incomplete understanding of cybersecurity awareness training and does not provide a satisfactory evaluation the organization’s training program, and does not provide satisfactory recommended changes. (5.5)
Student demonstrates a satisfactory understanding of cybersecurity awareness training and evaluates the organization’s training program and recommended changes. (7)
Student demonstrates a strong understanding of cybersecurity awareness training and evaluates the organization’s training program. Recommended changes convey a degree of insight. (8.5)
Student demonstrates a thorough and an incisive understanding of cybersecurity awareness training and evaluates the organization’s training program. Recommended changes illustrate a great deal of insight. (10)
Organization of writing
Answers are structured clearly and logically.
No submission.
OR
Complete lack of logical structure. (0)
Answers have some logical structure, but not enough to justify a passing grade. (5.5)
Answers are structured fairly well in terms of logic and clarity. (7)
Answers are structured very well in terms of logic and clarity. (8.5)
Answers are structured exceptionally well in terms of logic and clarity. (10)
Total: 50 marks