This report discusses the basic things included in a cybersecurity training plan for organizations. It covers topics such as security awareness, security risks, security policies and access controls, use of critical electronic devices, handling of critical information, action plans, and employee behavior.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running Head: Cybersecurity Training0 Cybersecurity Training Report Student name
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Cybersecurity Training1 The training plan There are some basic things include in the training plan that is necessary forthe cybersecurity of the organization.In the present era, most of the organizations have used information assets for their business functions to achieve high performance and profit in their business. there should be some potential challenges in front of an organization. Therefore, a project manager and staff members should know about these things, which areas: Culture of security awareness Security awareness is necessary to secure all the information assets from cyber-attacks and cybercrime. In addition, collaboration makes a huge impact on security and incident response. Besides, employees must care about the data and information of the company and their customers. In addition, stakeholders must know about the cybersecurity, which is necessary for their data and financial losses. An organization has many intellectual properties, which requires security from physical and technical ends(Andrijcic & Horowitz, 2016). Security risks There are three main security risks in an organization, which are physical, technical, and administrative. An organization should provide three protections to their information assets and resources, which areas: Physical protection: all the assets should be in the custody of security personnel, such as networking devices, servers, data centers, and many others. Technical Protection: it is necessary to use secure methods for data transfer, such as cryptography techniques and many others. It will secure their data from hackers. Administrative protection: legal and regulatory rule and guidelines should be used for employees and other stakeholders. Security policies and access controls There are various policies should be implemented for the access control in different secure and sensitive areas, such as server room, data center, and many others. No one can use the internet or private network on the premises. An organization always implements cybersecurity systems and experts to secure data and other things(Arlitsch & Edelman, 2014).
Cybersecurity Training2 Use of critical electronic devices There should be proper policies for use of own devices in the organization to secure all the data from hackers. In addition, business is based on information assets. Therefore, the company should secure them from different types of cyber-attacks(Callaghan, 2018).The organization should implement firewalls and IDS/IPS system to secure internal and external devices from attackers. There are various certification courses in the market, which are helpful for employees to secure their information assets from cyber-attacks(DeGroat, 2018). Handling of critical information The organization should have a disaster management plan for business continuity. Hence, the organization must maintain a backup of all the data in a data center, which is outside of the organization. Sometimes, employees are not satisfied with the salary, incentives, and seniors. Therefore, they make some mistakes in the electronic devices and communication network. Action plans The organization should have an action plan to recover critical electronic devices and communication networks. There are various rule and regulations for securing the information assets of an organization. In addition, the organization should implement international frameworks for securing data and information from cyber-attacks, such as ITIL, ISO 27001, TOGAF, and many others. Behavior of employees The organization should manage all the activities to reduce risk because of the behavior of employees towards the organization. Employees can sale the data for their personal benefits, which can damage the reputation of the organization, as well as financial losses, can be faced by the organization. References
Cybersecurity Training3 Andrijcic, E., & Horowitz, B. (2016). A Macro Economic Framework for Evaluation of Cyber Security Risks‐ Related to Protection of Intellectual Property.Risk analysis, 26(4), 907-923. Arlitsch, K., & Edelman, A. (2014). Staying safe: Cyber security for people and organizations.Journal of Library Administration, 54(1), 46-56. Retrieved from https://www.tandfonline.com/doi/abs/10.1080/01930826.2014.893116?journalCode=wjla20 Callaghan, S. (2018, October 29).PIPEDA: What Canadian businesses need to know. Retrieved from CIRA: https://cira.ca/blog/cybersecurity/pipeda-what-canadian-businesses-need-know DeGroat, T. (2018).5 Cybersecurity Certifications That Will Get You Hired. Retrieved May` 31, 2019, from https://www.springboard.com/blog/cybersecurity-certifications/