Cyber Security: Critical Policies, Risks, Framework and Implementation

Verified

Added on 2023/06/10

AI Summary

This article discusses the five critical policies and risks that organizations face in cyber security. It also recommends the NIST 800 37 framework for risk management and highlights the time, resources, and technology required for implementation.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: CYBER SECURITY
Cyber Security
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1CYBER SECURITY
Question 1.
Name five critical policies you feel the organization should have and why
they are important.
Ans. The five critical policies that the organization must have are:
1. Acceptable Use Policy.
2. Information Security.
3. Security Awareness.
4. Incident Response.
5. Change Management.
The acceptable use policy is implemented on the all employee to make sure
that they will be aware of the all the rules of the company. Several resources of the
corporate are associated with this policies are: computer network of the company, file
servers, host computers, communication servers and many other (Olson et al., 2018).
The policy of the information security look like to manage the security of the
organizations. The information security consists of success control of the system,
access of the information, user id and the password, and several policy of the
password.
The purpose of the security awareness is aware the employees of the
organization about the policies of the data security. One incident of security can make
harm a lot to the business. It is necessary to implement the several policies of the
security (Wall et al., 2017).
It is important for the management to response the incident that happen in the
organization accordingly. If any urgent incident happens then the management can
take the action and send the response to the upper management.

2CYBER SECURITY
It is very important to track and approved the change that is happening in the
management. In the IT corporate world the management change happens very
frequently so it is needed to be tracked and maintain as per the requirements.
Question 2
Name five critical risks most organizations face and how they can be
addressed
Ans. The five critical risks that the most of the organization face are:
1. Strategic risks
2. Financial risk
3. Operational risk
4. Cyber security
5. Employee risks.
The strategic risks contains the analysis of the market that is the competitor of
the organization. One organization must have to track the activity of the competitor to
stay in the market race (Reichrath et al., 2018).
The financial risks involved with the loan that the company is taken from the
bank. If the loan cannot be returned in time so that the financial crisis cannot happen
in the organisation.
The operational risk involved the theft of any kind of equipment in the
organization. To prevent the risk of the operation a proper implementation of the
security is needed.

3CYBER SECURITY
In the recent time the risk of the cybersecurity grown rapidly it can harm the
whole organisation. To prevent any type of cyber-attack the organization, just
implement security of the data like the data encryption, firewalls, antivirus and many
other precautions (Ongkowijoyo & Doloi 2017).
The risk of the employee happen when the employee are not efficient or the
employee don’t have the skill to do the required work. To mitigate the risks with the
employee the duty of the organization is to train the employee as per the requirement.
Question 3.
What framework or certification process would you recommend the
organization implement and why?
Ans. The framework that is recommended for the organization is the NIST 800 37. This
framework is a risk management framework that is applied to the organization to manage the
risks that are associated with the organization. The main purpose of the NIST 800 37 is to
provide the guidelines for the application in the risks management framework to the
information system of the federal for the activities conduction for the categorisation of the
security, control selection of the security and for the implementation, assessment of the
security control (Iorga & Karmel 2015). These are the reason why the NIST 800 37 is
recommended to the organization.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4CYBER SECURITY
Question 4.
Indicate time, resources, and technology that may be required as part of
the implementation process.
Ans. Time is the essential thing for any kind of implementation process for any kind of
organization. If the implementation is done within the estimated time then the cost of the
implementation can be controlled and the project will deliver within the time. For any kind of
implementation the amount of resource must be sufficient so that using the resource the
implementation can dome smoothly (Mellor, Hao & Zhang 2014). In the recent time the
technology field has emerged a lot so if the company or the organization wants the efficient
way of implementation of the processes then the company must adapt and use the new
technologies. These are the essential things for the implementation process in the
organization. For the cyber security various security technologies like the firewall and the
antivirus need to be implemented in the organization.

5CYBER SECURITY
Reference:
Iorga, M., & Karmel, A. (2015). Managing Risk in a Cloud Ecosystem. IEEE Cloud
Computing, 2(6), 51-57.
Mellor, S., Hao, L., & Zhang, D. (2014). Additive manufacturing: A framework for
implementation. International Journal of Production Economics, 149, 194-201.
Olson, E. M., Slater, S. F., Hult, G. T. M., & Olson, K. M. (2018). The application of human
resource management policies within the marketing organization: The impact on
business and marketing strategy implementation. Industrial Marketing
Management, 69, 62-73.
Ongkowijoyo, C., & Doloi, H. (2017). Determining critical infrastructure risks using social
network analysis. International Journal of Disaster Resilience in the Built
Environment, 8(1), 5-26.
Reichrath, J., Lindqvist, P. G., De Gruijl, F. R., Pilz, S., Kimball, S. M., Grant, W. B., &
Holick, M. F. (2018). A Critical Appraisal of the Recent Reports on Sunbeds from the
European Commission's Scientific Committee on Health, Environmental and
Emerging Risks and from the World Health Organization. Anticancer research, 38(2),
1111-1120.
Wall, T., Trail, J., Gevondyan, E., Phillips, J., Ford, J., & Marks, J. (2017). The Influence of
State Policies on Critical Infrastructure Resilience: An Approach for Analyzing
Transportation and Capital Investment (No. ANL/GSS-17/4). Argonne National Lab.
(ANL), Argonne, IL (United States).

1 out of 6

+13062052269

info@desklib.com

Cyber Security: Critical Policies, Risks, Framework and Implementation

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

Cyber Security: BYOD Risk Assessment, Certificate-based Authentication, and Anti-phishing Guideline

Develop and Implement Policy: A Case Study of Widget Enterprises

Security Plan And Security Management

Cybersecurity Training

Information Security System: Analysis of Incidents and Management Measures

Importance of Cyber Security Framework and its Components