The written portion of the Enterprise Cybersecurity Program Report should be in a formal and descriptive format and include supplemental items to unify it for the board for directors. The items listed below should be included, and any supporting documentation that helped you to reach your conclusions can be included as addendums.
·
Executive Overview (introduction and purpose) (1 Page)
·
Framework Enhancement Proposal (2 Pages)
o
The first order of business in designing an enterprise cybersecurity program is to make a list of what you need to know, an inventory of the key elements to a cybersecurity framework. You will have to assess the cybersecurity posture currently taken at your financial institution. Select the framework you feel your organization is currently using.
o
Make notes, a paragraph or two, on the specifics of the framework to use in the next step of identifying any vulnerabilities.
o
The cybersecurity framework selected in the previous step is only a structure or blueprint of possible solutions. Specific solutions, application, and implementation within a given framework are industry-driven. For example, in response to the credit card fraud in the retail industry, the bank card industry adopted the chip-and-PIN standard for credit cards.
o
Based on your knowledge of the current state of vectors of cyberattacks and the notes made in the previous step, create a list of vulnerabilities and how to address them within the chosen framework. Identify both technical and policy options to improve the defense posture of the institution. Add this list to your notes from the previous step. You will use this work in the next step of the project.
o
Using the framework evaluation from the previous step, identify potential improvements or solutions to missing elements for your financial services organization. The improvements or solutions you identify in this step will be used to design your organization’s framework in a future step.
·
Cybersecurity Framework Report (3 Pages)
o
Using notes from previous steps, design and describe an enterprise cybersecurity framework specific to your organization. Create a comprehensive framework covering all aspects of the previous steps in both technology and policy. Fully explain the baseline framework and why it was selected, demonstrate a thorough knowledge of cybersecurity vulnerability that the framework addresses, and use the rankings to explain recommended enhancements to the framework. Explain the enhanced cybersecurity framework that will serve as the foundation for the final Enterprise Cybersecurity Program Report. Include your proposal for framework improvements and solutions in this step.
·
Simulation Program Design (3 Pages)
o
It’s time to begin to develop the specific elements needed for the enterprise cybersecurity program. The best plan is one that can reveal points of possible failure, providing an opportunity for adjustment ahead of time. It is also beneficial for the enterprise to practice implementation of the framework in such a way that the response is timely and with minimal error. Using the Cybersecurity Framework Report and feedback received, design a cybersecurity simulation program for key employees to hone their responses to potential cyberattacks. Compile your ideas from this step to create a simulation program design, the design of any training program will consider the following elements: training objectives, audience, scenario types, simulation types, timeframe, cost, evaluation.
o
See the “Simulation Design Template” attachment to assist you in molding your ideas from the last step into a Simulation Program Design.
Click here to request for this assignment help
#Project #Enterprise #Cybersecurity #Program #Report #Presentation
