Assessment Description Implement a security framework to identify and close gaps between an organization's current cybersecurity status and its target (future) cybersecurity status. Make sure to align

Assessment Description

Implement a security framework to identify and close gaps between an organization’s current cybersecurity status and its target (future) cybersecurity status. Make sure to align to an appropriate regulation (e.g., PCI DSS, HIPAA, SOX, GLBA). In CYB-650, the NIST Cybersecurity Framework was utilized, and therefore it cannot be utilized for this assignment.

Develop a report that addresses the following:

Organizational Objectives and Priorities

Current Framework Compliance Status: Describe the current cybersecurity environment, such as processes, information, and systems directly involved in the delivery of services. Describe the current risk management practices, threat environment, legal and regulatory requirements, business/mission objectives, and organizational constraints using the framework identified. Include a diagram related to the common workflow of information and decisions at the major levels within the organization.

Future Cybersecurity Policy Implementations: Describe the critical cybersecurity needs that should be in place to ensure compliance with the appropriate regulation (e.g., PCI DSS, HIPAA, SOX, GLBA) and then prioritize organizational efforts, business needs, and outcomes.

Operational Compliance and Risk Assessment

Cybersecurity Risk Assessment: Describe the likelihood of risks occurring and the resulting impact. Identify threats to, and vulnerabilities of, those systems and assets. Express risks both internally and externally. Determine the acceptable level of risk (risk tolerance). Describe the response to the risk. Describe how identified risks are managed and resolved. Include an Organizational Risk Assessment Chart.

Privacy Risk Management: Describe how the business is integrating privacy laws and regulations, prioritizing, and measuring progress.

Compliance Gaps: Describe the type of audits that should be performed in order to keep a consistent measure of risk. Determine what type of gap analysis should be performed in order to properly identify the security elements and variables within the environment that pose the most risk. Formulate a cybersecurity governance strategy that establishes mitigation plans to achieve security objectives.

Web Portal Diagram: Create a web portal data flow diagram of the hypothetical organization’s operational environment using Visio or a similar diagramming software. Within the web portal data flow diagram, students will show how the web portal is compliant. The web portal data flow diagram must: a) Display the organization’s technical requirements (related and unrelated applications, services, and links); b) display the compliance of associated servers, routers, access-control components, data storage, internal and external data communication, data backup, e-mail servers, and so forth; c) identify related systems and assets, regulatory requirements, and overall risk approach; and d) demonstrate each IT task to the next as aligned to regulations/compliance (e.g., start with the user logging in, and then go through each step and how it is validated.

APA style is not required, but solid academic writing is expected.

Refer to “CYB-690 Cybersecurity Framework Scoring Guide,” prior to beginning the assignment to become familiar with the expectations for successful completion.

You are not required to submit this assignment to LopesWrite.

Attachments

Assessment Description Implement a security framework to identify and close gaps between an organization’s current cybersecurity status and its target (future) cybersecurity status. Make sure to align
Sub m is sio n I d e: 5 4 197 457 -3 352 -4 60 c-9 1 f0 -4 0bac9 c3 2 355 50 % SIM IL A RIT Y S C O RE 15 CIT A TIO N I T E M S 10 GRA M MAR I S SU E S 0 FE ED BA C K C O M MEN T In te rn et S ourc e 1 % In stitu tio n 49 % Sea n S te p hen Cybers e cu rity F ra m ew ork S um mary   1083 W ord s 1 2 O PE R ATIO NAL C O M PL IA NCE Opera tio n al c o m plia n ce. 3  Spellin g m is ta ke: VLA Ns  Pla ns  Stu d en t: Subm itte d to G ra nd C any on U niv ers ity  Stu d en t: Subm itte d to G ra nd C any on U niv ers ity  Stu d en t: Subm itte d to G ra nd C any on U niv ers ity Data f lo w d ia g ra m . Fir m ‘s t e ch nic a l r eq uir em en ts. The f o llo w in g a re t h e e x am ple s o f a n o rg an iz atio n ‘s t e ch nic a l r e q u ir e m en ts ; • We a re c o n nectin g t h e d ev ic es a s r e q u ir e d . • They w ere i n dic a tin g a ll t h e VLA Ns t o geth er w it h t h eir n ecessa ry se g m en ta tio n . • Loca te a ll d ev ic es i n d ata c en te rs , p h ysic a l, a n d a n y h ostin g s it e s f o r t h e th ir d p arty a n d v en dors . • Rou te i n dic a tio n o f h ow d ata t r a v els i n t h e n etw ork . F or e x am ple , a ll pay m en t c o n nectio n s a re t h ro u gh d ata e x it p oin ts a n d e n tr y p oin ts . • Pay m en t o f c a rd f o r d ata s to ra g e a n d t r a n sm is sio n . • IP a d dre sse s a n d a sp ects o f t h e f ir e w all. • Availa b ilit y o f w ir e le ss n etw ork s a n d d ev ic es. Com plia n ce w it h a sso cia te d r o u te rs, s e rv ers, d ata s to ra ge, d ata b ack up, a cce ss co n tr o l c o m pon en ts, a n d e x te rn al a n d i n te rn al d ata c o m munic a tio n . Thro u gh s e rv er-s id e t e ch nolo gy , t h ere i s t h e i n co rp ora tio n o f s e v era l l a n gu ag es l ik e; PY TH ON a n d C G I P E R L, P H P, a n d t h e o pera tin g s y ste m s t h at r u n o n M ac-O S r u nnin g o n t h e Ora cle s e rv ers . More o ver, c u sto m er e n d t e ch nolo gie s r u n o n u ndete cte d v aria tio n s a n d Ja v aS crip t a n d H TM L, a n d C SS. A dobe F la sh i s c o m mon ly u se d f o r b ette r u tiliz atio n a n d pla n nin g o f d if fe re n t m ult im ed ia c o m pon en ts . T he f ra m ew ork s o f t h e f ir m a n d t h e c o n te n t man ag em en t s y ste m a re m an ag ed t h ro u gh a s id e k now n a s W ord P re ss. Akon ye, ( 2 01 9). How ev er, s e v era l u se s o f s o ftw are p ro gra m min g a re p rim arily u se d i n f a cilit a tin g o n lin e in te rfa ces. T hese a re t h e c o m pan y s o ftw are a n d w eb p orta l p ro gra m min g l a y ers t h at c o ver a ll t h e 4 5 th e m ain b en efit t o t h e o rg an iz atio n t h at e m plo y s c lie n t-s e rv er t e ch nolo gy . S ecu rit y c o m plia n ce s is o f s e v era l u se s i n t h e o rg an iz atio n , a n d i t h elp s i n cre a se p ro du ctiv it y , f le x ib ilit y , p ro per utiliz atio n o f r e so u rc es, a n d c o st r e d u ctio n . della B ad ia S im on , ( 2 01 9). Addit io n ally , t h e s e rv er’s a p plic a tio n h osts l a n gu ag es v aria tio n f o r p erfo rm in g b ette r se rv ic es f ro m t h e o n lin e c lie n t t h ro u gh t h e w eb s e rv er, w hic h i s e sse n tia l i n a ll t h e H TTP  Stu d en t: Subm itte d to G ra nd C any on U niv ers ity  Stu d en t: Subm itte d to G ra nd C any on U niv ers ity  Spellin g m is ta ke: cy ber-s e cu rity  Stu d en t: Subm itte d to G ra nd C any on U niv ers ity  Passiv e v oic e: it w as in vestig ate d th at  Stu d en t: Subm itte d to G ra nd C any on U niv ers ity to ols , m eth ods, p ro cesse s, a n d g en eric p h ra se s. The m odels i n volv ed i n t h e p ro cess a re u se d t o dev elo p a w eb p orta l w it h a l in ea r, a n d s e q u en tia l m eth od a n d m odel r e fe rre d t o a s W ate rfa ll Model. Thro u gh s e v era l l a y ers o f t h e p orta l s y ste m s, t h ere w ill b e a n i m ple m en ta tio n o f t h e Access c o n tr o l i n t h e s y ste m . M ore o ver, t h ere i s t h e i n co rp ora tio n o f a d m in is tr a tiv e a ccess co n tr o l b y t h e s tr a te g ie s t h at c a n b e c a te g oriz ed a t t h e m an ag em en t l e v el o f t h e f ir m . T here fo re , th e o rg an iz atio n u tiliz es s o m e p ro ced u re s t o e n su re t h at t h ey a re p art o f t h e p ro ced u re s a n d sta n dard s o f a ccess c o n tr o l. M ore o ver, t h is i s d on e t o e n su re a n a d eq u ate s e cu rit y p olic y t h at in volv es t h e q u alit y l e v el o f p la n t h at h elp s p ro te ct t h e m an ag em en t f ro m t h e s y ste m s e cu rit y t h at sh ou ld b e u se d a n d a ccep te d w it h in t h e c o m pan y r e g ard le ss o f t h e h ig h c h an ces o f r is k s l e v el t h e fir m . How ev er, t h e s ta n dard s o f a ccess c o n tr o l a re d eriv ed f ro m t h e f ir m ‘s l a w a n d r e g u la tio n s re la te d t o t h e c o m pan y’s o bje ctiv es t h at s a fe g u ard t h e f ir m ‘s o pera tio n s. T he p olic y o f t h e f ir m ‘s cy ber-s e cu rit y p ro vid es a d ir e ctio n a n d p la tf o rm s f o r e v ery e m plo y ee t o geth er w it h t h at o f t h e dep artm en ta l i m ple m en ta tio n o f t h eir s e cu rit y s y ste m a n d s h ow s t h e i m pact o f n on co m plia n ce. Addit io n ally , t h e s ta n dard s a n d p ro ced u re l a y ou t c o m es o u t w it h t h e i n fo rm atio n t h at ru le s a n d s u pports t h e c o m pan y’s s e cu rit y p olic y . The a ctu al c o ach u se s a m odel f o r c lie n t-s e rv er co m pu tin g t h at i s i m ple m en te d w ell t o k eep t h e a ccessib ilit y o f t h e w eb p orta l r e g ard le ss o f t h e in te g ra tio n . T hro u gh n etw ork a n d w eb l in ks, e v ery c lie n t a n d t h e w hole w ork sta tio n i s l in ked t o th e h ost s e rv er. A n i n vestig atio n w as p erfe ctly m ad e, a n d it w as i n vestig ate d t h at t h is a ct w ill en ab le t h e c lie n t t o b e m ore a ccessib le t o t h e c o ach in g s o ftw are a n d t h e a p plic a tio n o f t h e hard w are w it h in t h e w ork sta tio n i n C olo ra d o. More o ver, t h e m ain a d van ta g e o f t h e f ir m ‘s h ard w are a n d s o ftw are i n te g ra tio n c o m pon en t is t h at i t w ill h elp c o n su m ers p u rc h ase m ore c o ach in g p ro du cts t h at a re a v aila b le o n t h e s it e . Every w eb c o m pon en t i s m ad e a ccessib le a n d m an ag ed t h ro u gh a b u sin ess o ffe r, a n d s e rv ers a re re q u ests . T hese r e q u ests a re , i n t u rn , a p ro gra m t h at e n su re s a ll t h e d ata b ase q u erie s h av e a b ette r str u ctu re d a n d o rg an iz ed f o rm at t h at e n co u ra g es t h e s u bm is sio n o f t h e t y pic a l f ir m t h at i s pro cessin g. More o ver, t h e p ro to co ls f o r accu ra te c o ach c o m munic a tio n e n su re a s ta n dard iz ed s e t of c o m plia n ce p ro ced u re s f o r a u th en tic a tio n r e q u ests , d ete n tio n f o r t h e c lie n t r e q u este d e rro rs , an d d ata r e p re se n ta tio n . How ev er, t h e r o u tin g s y ste m f o r t h e c o m pan y h as h ig h ly i m pro ved i n q u alit y , t o geth er wit h s e v era l r o u te rs b ein g f a st d u al o n t h e t r ip le -b an d r o u te rs , w hic h w ill e n co u ra g e a m ult ip le netw ork c o n nectio n . When i t c o m es t o d ata s to ra g e, t h e a ctu al c o ach u se s n etw ork -a tta ch ed sto ra g e t h at p ro vid es r e lia b ilit y a n d r e la tiv e f a st, m ak in g a w eb p orta l f o r d ata in t h e i n te rn et pro to co l t o t h e e n vir o n m en t. M ore o ver, c lo u d s o lu tio n s tr a te g ie s p ro vid e g ood d ata s e cu rit y a n d en su re t h at u nau th oriz ed p ers o n nel f ro m a ccessin g t h e i n fo rm atio n . D ue t o t h is r e a so n , d ata re co very m eth ods a n d b ack u ps a re e x erc is e d t o e n su re t ig h t s a fe ty . The a d van ta g e o f t h e c lo u d se rv er s y ste m i s t o r e sto re a n d r e tr ie v e a ll t h e e m ail r e g is tr ie s f ro m t h e c u sto m er’s d ata b ase . HAM IS I, ( 2 02 0). Rela te d s y ste m s a n d a sse ts, o v era ll r is k a p pro a ch , a n d r eg u la to ry r eq uir em en ts. The f ir m e m plo y s a w id e v arie ty o f r e la te d s tr a te g ic p la n s t o t h e a sse ts a n d s y ste m s ir re sp ectiv e o f t h e m an ag em en t a n d t h e r is k e v alu atio n . T his i n clu des t h e r e g u la to ry 6 re q u ir e m en ts o f d if fe re n t f ir m p ro cesse s a n d t h e t e ch nolo gic a l i n fra str u ctu re f o r a s e cu re s y ste m . More o ver, t h e w hole r is k a p pro ach i n volv es a sse ssin g a n d e v alu atin g t h e a sse t v alu e t h at p re d ic ts all t h e i m pacts o f r is k s a n d c o n se q u en ces. T he m ost i m porta n t t h in g t o n ote i s t h at t h is a p pro ach i s n ot c o m mon ly a p plie d t o t h e sy ste m b u t i s a k now le d ge-b ase d a rc h it e ctu re f o r e v alu atio n . H ow ev er, t h e a sse t s y ste m s a n d perfe ct c la ssif ic a tio n s p la y a n e sse n tia l r o le i n t h e f ir m r e g u la to ry s y ste m . On t h e o th er h an d , d u e to t h e h ig h m it ig atio n r is k a p pro ach t a k en t o s a fe g u ard t h e r is k o f t h e a sse t, i t m ay r e d u ce s o m e ris k s c o n cern in g t h e n u m ber o f a sse ts . T here fo re , t h is i s v ery i m porta n t s in ce i t p re d ic ts a ll t h e non -r e g u la to ry a n d r e g u la to ry r e sp on se s. All t h e a sse ts o w ned b y t h e f ir m a n d t h e s y ste m a re p u t under a r e g u la to ry f ra m ew ork f o r m it ig atio n a n d r is k i d en tif ic a tio n . IT t a sk a s a lig n ed t o c o m plia n ce /r eg u la tio n s. The u se r lo ggin gs r e q u ir e m en t i s b eca u se o f a ccess c o n tr o l a n d c o n fid en tia lit y , w hic h i s th e c o m plia n ce r e q u ir e m en t t h at i s i m ple m en te d , d efin ed , a n d d ocu m en te d t o r e d u ce a n y unau th oriz ed a ccess a n d t h e c o n se q u en ces o f t h e p erfo rm an ce. The u se r l o gin o f d ata i s k ep t priv ate t h ro u gh e n cry ptio n t h ro u gh a p assw ord f o r t h e s e cu rit y o f i n fo rm atio n a n d d ata . Turn er, (2 02 1  Stu d en t: Subm itte d to G ra nd C any on U niv ers ity  accu ra te : accu ra te  rig ht  Stu d en t: Subm itte d to G ra nd C any on U niv ers ity  Collo ca tio n e rro r: in th e in te rn et  Stu d en t: Subm itte d to G ra nd C any on U niv ers ity  Stu d en t: Subm itte d to G ra nd C any on U niv ers ity  on th e o th er h and ( …: On th e o th er h and  But  Stu d en t: Subm itte d to G ra nd C any on U niv ers ity  Stu d en t: Subm itte d to G ra nd C any on U niv ers ity  Spellin g m is ta ke: lo g gin g s  lo g gin g  Stu d en t: Subm itte d to G ra nd C any on U niv ers ity 7  Web C onte n t: http s:/ /a tr e v ie w .o rg /a d m in /1 238 99007 98 187/A TR % 203_ 4_ % 208 3 % 20- % 2098 .p d f …  Cohere n t s p el…: non-c o m plia nc…  nonco m plia nce  Spellin g m is ta ke: Mzum be  Mum ble  Unpair e d b ra ces, b ra ck ets , q uota tio n m …: (Refe re n ces. Akon ye, C . ( 2 01 9). Reg u la to ry non -c o m plia n ce c h arg es a n d p erfo rm an ce o f d ep osit m on ey ban ks i n N ig eria . http ://w ww.z b w .e u /e co n is – arc h iv /b it s tr e a m /1 1159/4 449/1 /1 6968 3867 3.p df della B ad ia S im on , M . ( 2 01 9). E ffe ctiv ely m an ag in g o pera tio n s t o a ch ie v e c o m plia n ce w it h sa fe ty p ro gra m s. Jo urn al o f H ea lth ca re M anagem en t , 64 (1 ), 1 0-1 4. http s://jo u rn als .l w w.c o m /jh m on lin e/F ullt e x t/2 01 9/0 2 000/E ffe ctiv ely _M an ag in g_ O pera tio ns_ to _ A ch ie v e.4 .a sp x HAM IS I, H . ( 2 02 0). An A sse ssm en t o f t h e F acto rs A ffe ctin g P ro cu re m en t C om plia nce i n P ublic Org aniz a tio ns ( D octo ra l d is se rta tio n , Mzu m be U niv ers it y ). http ://s c h ola r.m zu m be.a c.t z /h an dle /1 1192 /3 831 Turn er, S . ( 2 02 1). Im pro vin g O pera tio nal E ffic ie n cy, C om plia nce a nd C om munity P erc ep tio n with R ea l- T im e R adia tio n a nd R adon D ata ( No. I A EA -C N –2 79). http s://in is .i a ea .o rg /s e a rc h /s e a rc h .a sp x ?o rig _ q= R N :5 2124315

Assessment Description Implement a security framework to identify and close gaps between an organization’s current cybersecurity status and its target (future) cybersecurity status. Make sure to align

DISCLAIMER

CONTACT US

Our Special Guarantees