PART 1
Scenario:
As the head of the domestic cybersecurity unit, you have been tasked by the chief security officer (CSO) of NCU-FSB to prepare a short presentation for executive management, in which you address the privacy concerns that a loss of mobile device can cause to the organization.
Instructions:
For this assignment, you must research mobile device management (MDM) tools for data protection, and create a presentation that presents the results of your analysis, and recommend a tool to reduce the risk of compromised data, when a mobile device is lost or misused.
Your presentation should include the following:
- Title, introduction, conclusion, and references
- Introduction on privacy management in a cloud and mobile environment. Focus on legal mandates, such as General Data Protection Regulation (GDPR), Sarbanes-Oxley (SOX), HIPAA, HITECH and Omnibus Rule for electronic health patient record privacy protection, FERPA rule, and many others that now requires control structures be established to protect data integrity and security when transmitted over the cloud.
- Research on risks associated with mobile device management.
- Analysis of the security framework in terms of:
- How it addresses attacks on mobile devices
- Benchmark on MDM tools—recommend one with justification for your selection
- Framework of recommended mitigation strategies on privacy concerns
- Dependencies the framework has with other frameworks
- Speaker notes on each slide to assist with the delivery of the presentation
- Use the Record Audio feature in PowerPoint to record your presentation of each slide
Length: 13-15 slides
References: Minimum of 5 scholarly resources each should be cited within the slides
PART 2
For the final assignment, you must design a corporate risk management plan for NCU-FSB as part of their corporate security program. The format for the plan must be as follows:
- Introduction – State of the Organization
- corporate management of systems and applications
- threats every organization or institution faces in the era of mobile and cloud computing
- Organizational chart
- Network diagram
- Objectives of the Risk Management Plan – Risk Statement with a definition of IT emergencies, ranking the nature of incidents—whether they are natural, technical, human resources, or cyber-threats.
- Business Impact Analysis (BIA) for NCU-FSB
- Plan of Action and Milestones (POAM) – Action Plan for Incident
- Risk Reduction Strategies for Mobile Device Management (MDM)
- Tool recommendations
- Response and Risk Management
- Strategies to assess and mitigate risk and maintain privacy when cloud computing is used in a production environment.
- Sequence, workflow, or flowchart illustrating the steps to follow when responding to an incident.
- Steps to follow and recommended tools to use to perform a vulnerability assessment.
- Disaster Recovery Sites – Remote Locations
- IP lines redirect to a different location inside the organization (cold site).
- Temporary IT center contracted for the purposes of partial recovery of business functions (hot site).
- Inventory – Hardware and network architecture, databases, and applications—classified in criticality levels.
- Backup Strategy that documents protection and electronic files replication.
- Transfer Strategy – Steps to follow to transfer operations to a remote location.
- Testing Plan for implementing drills, including frequency and results reporting.
- Plan Distribution
- User Awareness and Training of Emergency Committee Personnel
Length: 15-17 page technical paper
References: Minimum of 10 scholarly resources each cited with the paper using APA 7 standards
The completed assignment should demonstrate thoughtful consideration of the ideas and concepts presented in the course and provide new thoughts and insights relating directly to this topic. Your response should reflect scholarly writing and current APA 7 standards.
0 comments