This report provides a comprehensive cybersecurity plan and training program for an organization with over 1000 employees. It begins with an executive summary outlining the report's objectives, which are to understand cybersecurity threats and develop strategies for risk management. The report includes a case study analysis, identifying organizational holdings at risk, such as incident response, business continuity, and disaster recovery. It also details potential security threats, including computer viruses, rogue security software, Trojan horses, DDoS attacks, social engineering, ransomware, malware, phishing, rootkits, and spyware. The core of the report is the designed security plan, outlining physical and network security measures, responsibilities, and legal aspects. Countermeasures for each identified threat are provided, such as antivirus software, firewalls, and employee training. Finally, an InfoSec training and awareness program for employees is developed, focusing on data loss prevention and security best practices. The report concludes with a call to action for implementing the proposed plan and program.