SlideShare ist ein Scribd-Unternehmen logo

Instruction for the Final ReportAdministration Cybersecurity Pol.docx

Als DOCX, PDF herunterladen
C
carliotwaycave

The document provides instructions for a final report on administration cybersecurity policy that should include: - A review of current and prior administration cybersecurity policies and their key tenets. - An analysis of FISMA and the role of NIST in cybersecurity standards and guidelines. - A statement agreeing or disagreeing with the idea that not all agencies need strict cybersecurity policies since attacks cause no real harm. The report should be tailored for a non-technical audience and address cybersecurity issues, policies, standards, stakeholders, and defense vs attack strategies. Templates and modules are provided to help with researching administration policies, comparing FISMA and NIST, and drafting the final report.

Bildung
1 von 8
Instruction for the Final Report Administration Cybersecurity Policy Review This comprehensive report should include the sections listed below and conclude with a statement that addresses (agree or disagree) with the following comment: "Not all federal agencies need to follow FISMA or NIST recommendations for maintaining cybersecurity. After all, if the cyberinfrastructure of a government agency is attacked, no real harm is done to anyone except the complainants." Review the work you have done throughout the project. If necessary, review the eLearning modules in steps 1 and 5 and your Simtray Report completed in Step 4 along with the feedback from your instructor. And remember to tailor your report to your nontechnical audience. Be sure to address the following items at some point in your report: · Document the cybersecurity policy issues faced by the United States. · Analyze the interrelations among cybersecurity technology decisions and cybersecurity policies. · Translate how cybersecurity policy choices affect cybersecurity technology research and development. · Compare and contrast key federal and state cybersecurity standards. · Assess the key points and principles in the NIST standards for cloud cybersecurity. · Develop an awareness program of the linkage(s) between US national security and US national priorities for securing cyberspace. · Compare and contrast US cybersecurity standards bodies. · Identify stakeholders to be contacted in the event of an organizational cybersecurity incident. · Compare and contrast cyberdefense and cyberattack, and discuss the relevant policies that underpin each term.
Report Sections · Title Page · Table of Contents · Introduction · Key Current Administration Cybersecurity Policy Tenets · Key Prior Administration Cybersecurity Policy Tenets · Comparison of Current and Prior Tenets · FISMA Conclusions · NIST Conclusions · Conclusion · Pro/Con Current vs. Prior · Pro/Con FISMA Regulation · Pro/Con NIST Guidelines · Reference Page Administration Policy Matrix Current Administration Regulation Name and Date Four Key Principles Reference Previous Administration Regulation Name and Date Four Key Principles Reference Relevant State Law or Regulation Name and Date Four Key Principles Reference
Federal Cybersecurity Agency Simtray Report – 1 page Administration Policy Matrix – chart Administration Compare and Contrast Chart – 1 page chart Focus on FISMA Report - 2 page discussion NIST Template – refer to nist template document Final Report on National Cybersecurity Policy – refer to final report document you will analyze the current and previous administration's cybersecurity policies within the context of current cybersecurity concerns. You will identify the issues in the policies about which an organization should be concerned, taking into account the effects of the policy on civil liberties with some focus on FISMA and NIST. You will also evaluate FISMA's ability to both assess compliance and insure accountability. By the end of the course, you will understand the effect that administration cybersecurity policy has on your own organization, public or private sector Scenario As the newly hired cybersecurity policy analyst, you are the most qualified in your company to understand the overall framework of cybersecurity initiatives, which often change and evolve over several presidential administrations. Knowing your background, your boss asks you to prepare a comprehensive overview that compares cyber policy tenets from the prior administration to the current. She will present the report to the board of directors. "It's important for us to take a step back periodically to see where we've been, where we are now, and where we are going,"
she says. The report can include recommendations for improving the current policies with a look toward maintaining civil liberties. The report, your boss says, also should feature updates and the effects of the Federal Information Security Management Acts (FISMA) of 2002 and 2014, and also should consider the role that the National Institute of Standards and Technology (NIST) assumes in terms of cybersecurity policy. You realize that your report has to be crafted in plain language so that the board members who do not have the technical background in cybersecurity matters will understand. Creating such a broad-based document will require some historical research as well as a look at the current laws. It is due in two weeks, so it's best to get started right away. Federal Cybersecurity Agency Simtray Report In this step, you should continue to explore the scenarios within SIMTRAY, "Federal Cybersecurity Agency: Find Your Way in Three Days." If you have not already, you will most likely encounter the following topics in this exercise: classifying information types, intellectual property issues ( intellectual property - cybersecurity), Cybersecurity Law, Common Criteria Evaluation and Validation Scheme (CCEVS), state cybersecurity law, broadband, and the TIE Model. Document events that you experience in the exercise that might affect the federal policy. Think about how these issues will be affected by current or pending legislation and begin to explore how you might be able to influence Congress to pass appropriate legislation. The SIMTRAY will provide you with scores to give you a sense on how well you are grasping the concepts. The sections are timed for 30 minutes; however, you can run the SIMTRAY as many times as you need. Compile your recorded scores, lessons learned and documented industry issues into a one-page report.
Administration Policy Matrix In this step, you will complete the Recent Administration Cybersecurity Policy eLearning module to better understand how the prior administration handled cybersecurity policy. You will cover the key points of the Cyberspace Policy Review and the U.S. Government Accountability Office (GAO) report, which is a follow-up to the review. You will also cover the role of the cyber czar, and how the Cyberspace Policy Review findings eventually led to the new cyber command, USCYBERCOM Now that you have familiarized yourself with how cybersecurity law and policy is developed and how the recent administration has handled cybersecurity policy, you are ready to begin your analysis. Conduct research on the current administration's key cybersecurity policies. This information can be found in official government communications (e.g., whitehouse.gov or dhs.gov websites) as well as in publications about or transcripts of statements/speeches made by administration officials. You will use the Administration Policy Matrix to record your findings. Include one state law or regulation that is relevant to cybersecurity and four respective key principles. You will continue to use this matrix in the following step. In the previous step, you began your analysis by reviewing the current administration's key cybersecurity policy tenets. In this step, you will conduct research on the previous administration's key cybersecurity policies. As in the previous step, you may find information in official government communications (e.g., whitehouse.gov or dhs.gov websites) as well as in publications about or transcripts of statements/speeches made by administration officials. Continue using the Administration Policy Matrix that you began in the last step. You will use your findings in the following step. Administration Compare and Contrast Chart Now that you have documented tenets from both the current and previous administration's cybersecurity policies, you will analyze them using a compare and contrast methodology. Using
your completed Administration Policy Matrix, prepare a one- page chart that compares and contrasts the cybersecurity administration policies of the previous and current administration. Submit both the Administration Policy Matrix and your Administration Compare and Contrast Chart for feedback Focus on FISMA Report Until now, you have focused on analyzing current and past administrations' cybersecurity policy. However, your analysis would not be complete without considering a focus on statutes and organizations that determine standards such as FISMA and NIST. Using the discussion board, pair with another student in the cybersecurity management and policy arena and discuss the introduction of and the effectiveness of FISMA for the federal government. Conduct a high-level review of the FISMA document. Evaluate FISMA's ability to both assess compliance and ensure accountability. This discussion will be useful for your FISMA report in the following step. Use your discussion from the previous step as a basis for the report in this step. Remember, there are methods that the government uses for quantifying information security and loss. Create a two-page document that summarizes the impact of FISMA upon the quantification within the government, how FISMA implementation can affect the quantification, and the need for FISMA adherence across the federal government. Write a two-page discussion with the following points: · Describe and discuss the objectives of policy makers. · Describe and discuss the general problems that limit the effectiveness of vehicles that try to govern cybersecurity. · Considering the general problems discussed in the previous point, discuss ideas for improving cybersecurity. · Discuss how well you think FISMA works in the workplace.
NIST Template Now that you have considered FISMA, it is time to consider an organization that defines standards and guidelines to comply with FISMA. The National Institute of Standards and Technology (NIST) is an organization that works collaboratively with government and industry to create cybersecurity policies and standards. While much of the work that NIST does is more technical, in this segment you will explore the cybersecurity policy side of NIST. Your policy research should include FIPS 200 and SP 800-53, addressing both the intent of these policies as well as assessing how well they have been implemented. Through researching the NIST cybersecurity documents, complete the NIST Template to create a high-level list of the "management and policy" cybersecurity issues put forth by NIST for government agencies and private industry. This document will help you compose the NIST conclusions section of your final report. Submit your Focus on NIST report for feedback. Final Report on National Cybersecurity Policy Throughout this project, you have reviewed and analyzed the presidential administration's cybersecurity policy, FISMA, and NIST. You will now compile your findings in a final report for your boss to deliver to the board of directors. Refer to the instruction for the final report for additional guidelines. Submit your completed final report. Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them in your work. · 1.4: Tailor communications to the audience. · 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem. · 7.1: Evaluate national cybersecurity policy.
NIST Template Document Number Document Name Date NIST Guidance

Empfohlen

Administration Policy MatrixCurrent AdministrationRegulation Nam.docx
Administration Policy MatrixCurrent AdministrationRegulation Nam.docxAdministration Policy MatrixCurrent AdministrationRegulation Nam.docx
Administration Policy MatrixCurrent AdministrationRegulation Nam.docx
daniahendric
 
Topic 5 ReviewThis topic review is a tool designed to prepare st.docx
Topic 5 ReviewThis topic review is a tool designed to prepare st.docxTopic 5 ReviewThis topic review is a tool designed to prepare st.docx
Topic 5 ReviewThis topic review is a tool designed to prepare st.docx
juliennehar
 
Businesses involved in mergers and acquisitions must exercise due di.docx
Businesses involved in mergers and acquisitions must exercise due di.docxBusinesses involved in mergers and acquisitions must exercise due di.docx
Businesses involved in mergers and acquisitions must exercise due di.docx
dewhirstichabod
 
ISE 620 Final Project Guidelines and Rubric Overview .docx
ISE 620 Final Project Guidelines and Rubric Overview .docxISE 620 Final Project Guidelines and Rubric Overview .docx
ISE 620 Final Project Guidelines and Rubric Overview .docx
christiandean12115
 
Standards For Wright Aircraft Corp
Standards For Wright Aircraft CorpStandards For Wright Aircraft Corp
Standards For Wright Aircraft Corp
Antoinette Williams
 
As an IT analyst for Ballot a company providing.docx
As an IT analyst for Ballot a company providing.docxAs an IT analyst for Ballot a company providing.docx
As an IT analyst for Ballot a company providing.docx
4934bk
 
As an IT analyst for a company providing voting.docx
As an IT analyst for a company providing voting.docxAs an IT analyst for a company providing voting.docx
As an IT analyst for a company providing voting.docx
4934bk
 
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDFGT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
Laurie Mosca-Cocca
 

Empfohlen

Administration Policy MatrixCurrent AdministrationRegulation Nam.docx
Administration Policy MatrixCurrent AdministrationRegulation Nam.docxAdministration Policy MatrixCurrent AdministrationRegulation Nam.docx
Administration Policy MatrixCurrent AdministrationRegulation Nam.docx
daniahendric
 
Topic 5 ReviewThis topic review is a tool designed to prepare st.docx
Topic 5 ReviewThis topic review is a tool designed to prepare st.docxTopic 5 ReviewThis topic review is a tool designed to prepare st.docx
Topic 5 ReviewThis topic review is a tool designed to prepare st.docx
juliennehar
 
Businesses involved in mergers and acquisitions must exercise due di.docx
Businesses involved in mergers and acquisitions must exercise due di.docxBusinesses involved in mergers and acquisitions must exercise due di.docx
Businesses involved in mergers and acquisitions must exercise due di.docx
dewhirstichabod
 
ISE 620 Final Project Guidelines and Rubric Overview .docx
ISE 620 Final Project Guidelines and Rubric Overview .docxISE 620 Final Project Guidelines and Rubric Overview .docx
ISE 620 Final Project Guidelines and Rubric Overview .docx
christiandean12115
 
Standards For Wright Aircraft Corp
Standards For Wright Aircraft CorpStandards For Wright Aircraft Corp
Standards For Wright Aircraft Corp
Antoinette Williams
 
As an IT analyst for Ballot a company providing.docx
As an IT analyst for Ballot a company providing.docxAs an IT analyst for Ballot a company providing.docx
As an IT analyst for Ballot a company providing.docx
4934bk
 
As an IT analyst for a company providing voting.docx
As an IT analyst for a company providing voting.docxAs an IT analyst for a company providing voting.docx
As an IT analyst for a company providing voting.docx
4934bk
 
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDFGT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
Laurie Mosca-Cocca
 
As an IT analyst for Ballot Online, a company providing voting s.docx
As an IT analyst for Ballot Online, a company providing voting s.docxAs an IT analyst for Ballot Online, a company providing voting s.docx
As an IT analyst for Ballot Online, a company providing voting s.docx
alisondakintxt
 
PKI and Encryption at WorkLearning Objectives and Outcomes· De.docx
PKI and Encryption at WorkLearning Objectives and Outcomes· De.docxPKI and Encryption at WorkLearning Objectives and Outcomes· De.docx
PKI and Encryption at WorkLearning Objectives and Outcomes· De.docx
JUST36
 
Delivering an Oral StatementYou will need to deliver an oral sta.docx
Delivering an Oral StatementYou will need to deliver an oral sta.docxDelivering an Oral StatementYou will need to deliver an oral sta.docx
Delivering an Oral StatementYou will need to deliver an oral sta.docx
cuddietheresa
 
As a recent graduate of the umgc masters in cybersecurity program
As a recent graduate of the umgc masters in cybersecurity programAs a recent graduate of the umgc masters in cybersecurity program
As a recent graduate of the umgc masters in cybersecurity program
AASTHA76
 
Cyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework PanelCyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework Panel
Paul Di Gangi
 
crucet1crucet2crucet
crucet1crucet2crucetcrucet1crucet2crucet
crucet1crucet2crucet
MargenePurnell14
 
Fdic ffiec cyber_security_assessments
Fdic ffiec cyber_security_assessmentsFdic ffiec cyber_security_assessments
Fdic ffiec cyber_security_assessments
Ken M. Shaurette
 
Agile Policy Making
Agile Policy MakingAgile Policy Making
Agile Policy Making
Bill Brantley
 
Project Deliverable 1This assignment consists of two (2) section.docx
Project Deliverable 1This assignment consists of two (2) section.docxProject Deliverable 1This assignment consists of two (2) section.docx
Project Deliverable 1This assignment consists of two (2) section.docx
briancrawford30935
 
CHAPTER 3 Security Policies and Regulations In this chap
CHAPTER 3 Security Policies and Regulations In this chapCHAPTER 3 Security Policies and Regulations In this chap
CHAPTER 3 Security Policies and Regulations In this chap
EstelaJeffery653
 
Final risk assessment and compliance report (seven to 12-page rep
Final risk assessment and compliance report (seven to 12-page repFinal risk assessment and compliance report (seven to 12-page rep
Final risk assessment and compliance report (seven to 12-page rep
aman39650
 
Case Study on Effective IS Governance within a Department of Defense Organiza...
Case Study on Effective IS Governance within a Department of Defense Organiza...Case Study on Effective IS Governance within a Department of Defense Organiza...
Case Study on Effective IS Governance within a Department of Defense Organiza...
Chris Furton
 
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSAImproving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
GovCloud Network
 
Innovative Technologies And Software For Higher Education...
Innovative Technologies And Software For Higher Education...Innovative Technologies And Software For Higher Education...
Innovative Technologies And Software For Higher Education...
Robin Anderson
 
ISSC471_Final_Project_Paper_John_Intindolo
ISSC471_Final_Project_Paper_John_IntindoloISSC471_Final_Project_Paper_John_Intindolo
ISSC471_Final_Project_Paper_John_Intindolo
John Intindolo
 
So you want to be a CISO - 5 steps to Success
So you want to be a CISO - 5 steps to SuccessSo you want to be a CISO - 5 steps to Success
So you want to be a CISO - 5 steps to Success
Gary Hayslip CISSP, CISA, CRISC, CCSK
 
Please read the instructions and source that provided, then decide.docx
Please read the instructions and source that provided, then decide.docxPlease read the instructions and source that provided, then decide.docx
Please read the instructions and source that provided, then decide.docx
LeilaniPoolsy
 
Are NIST standards clouding the implementation of HIPAA security risk assessm...
Are NIST standards clouding the implementation of HIPAA security risk assessm...Are NIST standards clouding the implementation of HIPAA security risk assessm...
Are NIST standards clouding the implementation of HIPAA security risk assessm...
David Sweigert
 
NHTSA Cybersecurity Best Practices
NHTSA Cybersecurity Best PracticesNHTSA Cybersecurity Best Practices
NHTSA Cybersecurity Best Practices
Dr Dev Kambhampati
 
make sure to discuss the following•your understanding of t.docx
make sure to discuss the following•your understanding of t.docxmake sure to discuss the following•your understanding of t.docx
make sure to discuss the following•your understanding of t.docx
carliotwaycave
 
make sure to discuss the following•your understanding of .docx
make sure to discuss the following•your understanding of .docxmake sure to discuss the following•your understanding of .docx
make sure to discuss the following•your understanding of .docx
carliotwaycave
 
make sure to discuss the following•your understanding o.docx
make sure to discuss the following•your understanding o.docxmake sure to discuss the following•your understanding o.docx
make sure to discuss the following•your understanding o.docx
carliotwaycave
 

Weitere ähnliche Inhalte

Ähnlich wie Instruction for the Final ReportAdministration Cybersecurity Pol.docx

As an IT analyst for Ballot Online, a company providing voting s.docx
As an IT analyst for Ballot Online, a company providing voting s.docxAs an IT analyst for Ballot Online, a company providing voting s.docx
As an IT analyst for Ballot Online, a company providing voting s.docx
alisondakintxt
 
PKI and Encryption at WorkLearning Objectives and Outcomes· De.docx
PKI and Encryption at WorkLearning Objectives and Outcomes· De.docxPKI and Encryption at WorkLearning Objectives and Outcomes· De.docx
PKI and Encryption at WorkLearning Objectives and Outcomes· De.docx
JUST36
 
Delivering an Oral StatementYou will need to deliver an oral sta.docx
Delivering an Oral StatementYou will need to deliver an oral sta.docxDelivering an Oral StatementYou will need to deliver an oral sta.docx
Delivering an Oral StatementYou will need to deliver an oral sta.docx
cuddietheresa
 
crucet1crucet2crucet
crucet1crucet2crucetcrucet1crucet2crucet
crucet1crucet2crucet
MargenePurnell14
 
Project Deliverable 1This assignment consists of two (2) section.docx
Project Deliverable 1This assignment consists of two (2) section.docxProject Deliverable 1This assignment consists of two (2) section.docx
Project Deliverable 1This assignment consists of two (2) section.docx
briancrawford30935
 
CHAPTER 3 Security Policies and Regulations In this chap
CHAPTER 3 Security Policies and Regulations In this chapCHAPTER 3 Security Policies and Regulations In this chap
CHAPTER 3 Security Policies and Regulations In this chap
EstelaJeffery653
 
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSAImproving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
GovCloud Network
 
Innovative Technologies And Software For Higher Education...
Innovative Technologies And Software For Higher Education...Innovative Technologies And Software For Higher Education...
Innovative Technologies And Software For Higher Education...
Robin Anderson
 
ISSC471_Final_Project_Paper_John_Intindolo
ISSC471_Final_Project_Paper_John_IntindoloISSC471_Final_Project_Paper_John_Intindolo
ISSC471_Final_Project_Paper_John_Intindolo
John Intindolo
 
Please read the instructions and source that provided, then decide.docx
Please read the instructions and source that provided, then decide.docxPlease read the instructions and source that provided, then decide.docx
Please read the instructions and source that provided, then decide.docx
LeilaniPoolsy
 

Ähnlich wie Instruction for the Final ReportAdministration Cybersecurity Pol.docx (19)

As an IT analyst for Ballot Online, a company providing voting s.docx
As an IT analyst for Ballot Online, a company providing voting s.docxAs an IT analyst for Ballot Online, a company providing voting s.docx
As an IT analyst for Ballot Online, a company providing voting s.docx
 
PKI and Encryption at WorkLearning Objectives and Outcomes· De.docx
PKI and Encryption at WorkLearning Objectives and Outcomes· De.docxPKI and Encryption at WorkLearning Objectives and Outcomes· De.docx
PKI and Encryption at WorkLearning Objectives and Outcomes· De.docx
 
Delivering an Oral StatementYou will need to deliver an oral sta.docx
Delivering an Oral StatementYou will need to deliver an oral sta.docxDelivering an Oral StatementYou will need to deliver an oral sta.docx
Delivering an Oral StatementYou will need to deliver an oral sta.docx
 
As a recent graduate of the umgc masters in cybersecurity program
As a recent graduate of the umgc masters in cybersecurity programAs a recent graduate of the umgc masters in cybersecurity program
As a recent graduate of the umgc masters in cybersecurity program
 
Cyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework PanelCyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework Panel
 
crucet1crucet2crucet
crucet1crucet2crucetcrucet1crucet2crucet
crucet1crucet2crucet
 
Fdic ffiec cyber_security_assessments
Fdic ffiec cyber_security_assessmentsFdic ffiec cyber_security_assessments
Fdic ffiec cyber_security_assessments
 
Agile Policy Making
Agile Policy MakingAgile Policy Making
Agile Policy Making
 
Project Deliverable 1This assignment consists of two (2) section.docx
Project Deliverable 1This assignment consists of two (2) section.docxProject Deliverable 1This assignment consists of two (2) section.docx
Project Deliverable 1This assignment consists of two (2) section.docx
 
CHAPTER 3 Security Policies and Regulations In this chap
CHAPTER 3 Security Policies and Regulations In this chapCHAPTER 3 Security Policies and Regulations In this chap
CHAPTER 3 Security Policies and Regulations In this chap
 
Final risk assessment and compliance report (seven to 12-page rep
Final risk assessment and compliance report (seven to 12-page repFinal risk assessment and compliance report (seven to 12-page rep
Final risk assessment and compliance report (seven to 12-page rep
 
Case Study on Effective IS Governance within a Department of Defense Organiza...
Case Study on Effective IS Governance within a Department of Defense Organiza...Case Study on Effective IS Governance within a Department of Defense Organiza...
Case Study on Effective IS Governance within a Department of Defense Organiza...
 
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSAImproving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
 
Innovative Technologies And Software For Higher Education...
Innovative Technologies And Software For Higher Education...Innovative Technologies And Software For Higher Education...
Innovative Technologies And Software For Higher Education...
 
ISSC471_Final_Project_Paper_John_Intindolo
ISSC471_Final_Project_Paper_John_IntindoloISSC471_Final_Project_Paper_John_Intindolo
ISSC471_Final_Project_Paper_John_Intindolo
 
So you want to be a CISO - 5 steps to Success
So you want to be a CISO - 5 steps to SuccessSo you want to be a CISO - 5 steps to Success
So you want to be a CISO - 5 steps to Success
 
Please read the instructions and source that provided, then decide.docx
Please read the instructions and source that provided, then decide.docxPlease read the instructions and source that provided, then decide.docx
Please read the instructions and source that provided, then decide.docx
 
Are NIST standards clouding the implementation of HIPAA security risk assessm...
Are NIST standards clouding the implementation of HIPAA security risk assessm...Are NIST standards clouding the implementation of HIPAA security risk assessm...
Are NIST standards clouding the implementation of HIPAA security risk assessm...
 
NHTSA Cybersecurity Best Practices
NHTSA Cybersecurity Best PracticesNHTSA Cybersecurity Best Practices
NHTSA Cybersecurity Best Practices
 

Mehr von carliotwaycave

Major DiseasesCHAPTER 10Chapter 10Maj.docx
Major DiseasesCHAPTER 10Chapter 10Maj.docxMajor DiseasesCHAPTER 10Chapter 10Maj.docx
Major DiseasesCHAPTER 10Chapter 10Maj.docx
carliotwaycave
 
Major Approaches to Clinical Psychology PresentationSelect one.docx
Major Approaches to Clinical Psychology PresentationSelect one.docxMajor Approaches to Clinical Psychology PresentationSelect one.docx
Major Approaches to Clinical Psychology PresentationSelect one.docx
carliotwaycave
 
Make a 150 word response to the following. Incorporarte what was sai.docx
Make a 150 word response to the following. Incorporarte what was sai.docxMake a 150 word response to the following. Incorporarte what was sai.docx
Make a 150 word response to the following. Incorporarte what was sai.docx
carliotwaycave
 
Major dams and bridges were built by the WPA during the New Deal o.docx
Major dams and bridges were built by the WPA during the New Deal o.docxMajor dams and bridges were built by the WPA during the New Deal o.docx
Major dams and bridges were built by the WPA during the New Deal o.docx
carliotwaycave
 
Major Paper #1--The Point of View EssayWe will be working on this .docx
Major Paper #1--The Point of View EssayWe will be working on this .docxMajor Paper #1--The Point of View EssayWe will be working on this .docx
Major Paper #1--The Point of View EssayWe will be working on this .docx
carliotwaycave
 
Major Essay for Final needs to be 5 pages long on the topic below an.docx
Major Essay for Final needs to be 5 pages long on the topic below an.docxMajor Essay for Final needs to be 5 pages long on the topic below an.docx
Major Essay for Final needs to be 5 pages long on the topic below an.docx
carliotwaycave
 
Major AssignmentObjectivesThis assignment will provide practice .docx
Major AssignmentObjectivesThis assignment will provide practice .docxMajor AssignmentObjectivesThis assignment will provide practice .docx
Major AssignmentObjectivesThis assignment will provide practice .docx
carliotwaycave
 
magine that you are employed by one of the followingT.docx
magine that you are employed by one of the followingT.docxmagine that you are employed by one of the followingT.docx
magine that you are employed by one of the followingT.docx
carliotwaycave
 
M A N N I N GRobert I. KabacoffSECOND EDITION IN A.docx
M A N N I N GRobert I. KabacoffSECOND EDITION IN A.docxM A N N I N GRobert I. KabacoffSECOND EDITION IN A.docx
M A N N I N GRobert I. KabacoffSECOND EDITION IN A.docx
carliotwaycave
 

Mehr von carliotwaycave (20)

make sure to discuss the following•your understanding of t.docx
make sure to discuss the following•your understanding of t.docxmake sure to discuss the following•your understanding of t.docx
make sure to discuss the following•your understanding of t.docx
 
make sure to discuss the following•your understanding of .docx
make sure to discuss the following•your understanding of .docxmake sure to discuss the following•your understanding of .docx
make sure to discuss the following•your understanding of .docx
 
make sure to discuss the following•your understanding o.docx
make sure to discuss the following•your understanding o.docxmake sure to discuss the following•your understanding o.docx
make sure to discuss the following•your understanding o.docx
 
Major DiseasesCHAPTER 10Chapter 10Maj.docx
Major DiseasesCHAPTER 10Chapter 10Maj.docxMajor DiseasesCHAPTER 10Chapter 10Maj.docx
Major DiseasesCHAPTER 10Chapter 10Maj.docx
 
Main questions of the essay1. What are types of daily-lived situat.docx
Main questions of the essay1. What are types of daily-lived situat.docxMain questions of the essay1. What are types of daily-lived situat.docx
Main questions of the essay1. What are types of daily-lived situat.docx
 
Make a simple plan to observe and evaluate a facility in your school.docx
Make a simple plan to observe and evaluate a facility in your school.docxMake a simple plan to observe and evaluate a facility in your school.docx
Make a simple plan to observe and evaluate a facility in your school.docx
 
Major Approaches to Clinical Psychology PresentationSelect one.docx
Major Approaches to Clinical Psychology PresentationSelect one.docxMajor Approaches to Clinical Psychology PresentationSelect one.docx
Major Approaches to Clinical Psychology PresentationSelect one.docx
 
Make a powerpoint presentation. At least 4 to 6 pages. Your pape.docx
Make a powerpoint presentation. At least 4 to 6 pages. Your pape.docxMake a powerpoint presentation. At least 4 to 6 pages. Your pape.docx
Make a powerpoint presentation. At least 4 to 6 pages. Your pape.docx
 
Make a 150 word response to the following. Incorporarte what was sai.docx
Make a 150 word response to the following. Incorporarte what was sai.docxMake a 150 word response to the following. Incorporarte what was sai.docx
Make a 150 word response to the following. Incorporarte what was sai.docx
 
Major dams and bridges were built by the WPA during the New Deal o.docx
Major dams and bridges were built by the WPA during the New Deal o.docxMajor dams and bridges were built by the WPA during the New Deal o.docx
Major dams and bridges were built by the WPA during the New Deal o.docx
 
Major Paper #1--The Point of View EssayWe will be working on this .docx
Major Paper #1--The Point of View EssayWe will be working on this .docxMajor Paper #1--The Point of View EssayWe will be working on this .docx
Major Paper #1--The Point of View EssayWe will be working on this .docx
 
Major Essay for Final needs to be 5 pages long on the topic below an.docx
Major Essay for Final needs to be 5 pages long on the topic below an.docxMajor Essay for Final needs to be 5 pages long on the topic below an.docx
Major Essay for Final needs to be 5 pages long on the topic below an.docx
 
Major AssignmentObjectivesThis assignment will provide practice .docx
Major AssignmentObjectivesThis assignment will provide practice .docxMajor AssignmentObjectivesThis assignment will provide practice .docx
Major AssignmentObjectivesThis assignment will provide practice .docx
 
magine that you are employed by one of the followingT.docx
magine that you are employed by one of the followingT.docxmagine that you are employed by one of the followingT.docx
magine that you are employed by one of the followingT.docx
 
M4D1 Communication TechnologiesIn this module, we have focused .docx
M4D1 Communication TechnologiesIn this module, we have focused .docxM4D1 Communication TechnologiesIn this module, we have focused .docx
M4D1 Communication TechnologiesIn this module, we have focused .docx
 
M A N N I N GRobert I. KabacoffSECOND EDITION IN A.docx
M A N N I N GRobert I. KabacoffSECOND EDITION IN A.docxM A N N I N GRobert I. KabacoffSECOND EDITION IN A.docx
M A N N I N GRobert I. KabacoffSECOND EDITION IN A.docx
 
Luthans and Doh (2012) discuss three major techniques for responding.docx
Luthans and Doh (2012) discuss three major techniques for responding.docxLuthans and Doh (2012) discuss three major techniques for responding.docx
Luthans and Doh (2012) discuss three major techniques for responding.docx
 
Lyddie by Katherine Paterson1. If you were Lyddie how would you h.docx
Lyddie by Katherine Paterson1. If you were Lyddie how would you h.docxLyddie by Katherine Paterson1. If you were Lyddie how would you h.docx
Lyddie by Katherine Paterson1. If you were Lyddie how would you h.docx
 
Luthans and Doh (2012) discuss feedback systems. Why is it important.docx
Luthans and Doh (2012) discuss feedback systems. Why is it important.docxLuthans and Doh (2012) discuss feedback systems. Why is it important.docx
Luthans and Doh (2012) discuss feedback systems. Why is it important.docx
 
Luthans and Doh (2012) discuss factors affecting decision-making aut.docx
Luthans and Doh (2012) discuss factors affecting decision-making aut.docxLuthans and Doh (2012) discuss factors affecting decision-making aut.docx
Luthans and Doh (2012) discuss factors affecting decision-making aut.docx
 

Kürzlich hochgeladen

The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
negromaestrong
 

Kürzlich hochgeladen (20)

The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIFood Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptx
 

Instruction for the Final ReportAdministration Cybersecurity Pol.docx

  • 1. Instruction for the Final Report Administration Cybersecurity Policy Review This comprehensive report should include the sections listed below and conclude with a statement that addresses (agree or disagree) with the following comment: "Not all federal agencies need to follow FISMA or NIST recommendations for maintaining cybersecurity. After all, if the cyberinfrastructure of a government agency is attacked, no real harm is done to anyone except the complainants." Review the work you have done throughout the project. If necessary, review the eLearning modules in steps 1 and 5 and your Simtray Report completed in Step 4 along with the feedback from your instructor. And remember to tailor your report to your nontechnical audience. Be sure to address the following items at some point in your report: · Document the cybersecurity policy issues faced by the United States. · Analyze the interrelations among cybersecurity technology decisions and cybersecurity policies. · Translate how cybersecurity policy choices affect cybersecurity technology research and development. · Compare and contrast key federal and state cybersecurity standards. · Assess the key points and principles in the NIST standards for cloud cybersecurity. · Develop an awareness program of the linkage(s) between US national security and US national priorities for securing cyberspace. · Compare and contrast US cybersecurity standards bodies. · Identify stakeholders to be contacted in the event of an organizational cybersecurity incident. · Compare and contrast cyberdefense and cyberattack, and discuss the relevant policies that underpin each term.
  • 2. Report Sections · Title Page · Table of Contents · Introduction · Key Current Administration Cybersecurity Policy Tenets · Key Prior Administration Cybersecurity Policy Tenets · Comparison of Current and Prior Tenets · FISMA Conclusions · NIST Conclusions · Conclusion · Pro/Con Current vs. Prior · Pro/Con FISMA Regulation · Pro/Con NIST Guidelines · Reference Page Administration Policy Matrix Current Administration Regulation Name and Date Four Key Principles Reference Previous Administration Regulation Name and Date Four Key Principles Reference Relevant State Law or Regulation Name and Date Four Key Principles Reference
  • 3. Federal Cybersecurity Agency Simtray Report – 1 page Administration Policy Matrix – chart Administration Compare and Contrast Chart – 1 page chart Focus on FISMA Report - 2 page discussion NIST Template – refer to nist template document Final Report on National Cybersecurity Policy – refer to final report document you will analyze the current and previous administration's cybersecurity policies within the context of current cybersecurity concerns. You will identify the issues in the policies about which an organization should be concerned, taking into account the effects of the policy on civil liberties with some focus on FISMA and NIST. You will also evaluate FISMA's ability to both assess compliance and insure accountability. By the end of the course, you will understand the effect that administration cybersecurity policy has on your own organization, public or private sector Scenario As the newly hired cybersecurity policy analyst, you are the most qualified in your company to understand the overall framework of cybersecurity initiatives, which often change and evolve over several presidential administrations. Knowing your background, your boss asks you to prepare a comprehensive overview that compares cyber policy tenets from the prior administration to the current. She will present the report to the board of directors. "It's important for us to take a step back periodically to see where we've been, where we are now, and where we are going,"
  • 4. she says. The report can include recommendations for improving the current policies with a look toward maintaining civil liberties. The report, your boss says, also should feature updates and the effects of the Federal Information Security Management Acts (FISMA) of 2002 and 2014, and also should consider the role that the National Institute of Standards and Technology (NIST) assumes in terms of cybersecurity policy. You realize that your report has to be crafted in plain language so that the board members who do not have the technical background in cybersecurity matters will understand. Creating such a broad-based document will require some historical research as well as a look at the current laws. It is due in two weeks, so it's best to get started right away. Federal Cybersecurity Agency Simtray Report In this step, you should continue to explore the scenarios within SIMTRAY, "Federal Cybersecurity Agency: Find Your Way in Three Days." If you have not already, you will most likely encounter the following topics in this exercise: classifying information types, intellectual property issues ( intellectual property - cybersecurity), Cybersecurity Law, Common Criteria Evaluation and Validation Scheme (CCEVS), state cybersecurity law, broadband, and the TIE Model. Document events that you experience in the exercise that might affect the federal policy. Think about how these issues will be affected by current or pending legislation and begin to explore how you might be able to influence Congress to pass appropriate legislation. The SIMTRAY will provide you with scores to give you a sense on how well you are grasping the concepts. The sections are timed for 30 minutes; however, you can run the SIMTRAY as many times as you need. Compile your recorded scores, lessons learned and documented industry issues into a one-page report.
  • 5. Administration Policy Matrix In this step, you will complete the Recent Administration Cybersecurity Policy eLearning module to better understand how the prior administration handled cybersecurity policy. You will cover the key points of the Cyberspace Policy Review and the U.S. Government Accountability Office (GAO) report, which is a follow-up to the review. You will also cover the role of the cyber czar, and how the Cyberspace Policy Review findings eventually led to the new cyber command, USCYBERCOM Now that you have familiarized yourself with how cybersecurity law and policy is developed and how the recent administration has handled cybersecurity policy, you are ready to begin your analysis. Conduct research on the current administration's key cybersecurity policies. This information can be found in official government communications (e.g., whitehouse.gov or dhs.gov websites) as well as in publications about or transcripts of statements/speeches made by administration officials. You will use the Administration Policy Matrix to record your findings. Include one state law or regulation that is relevant to cybersecurity and four respective key principles. You will continue to use this matrix in the following step. In the previous step, you began your analysis by reviewing the current administration's key cybersecurity policy tenets. In this step, you will conduct research on the previous administration's key cybersecurity policies. As in the previous step, you may find information in official government communications (e.g., whitehouse.gov or dhs.gov websites) as well as in publications about or transcripts of statements/speeches made by administration officials. Continue using the Administration Policy Matrix that you began in the last step. You will use your findings in the following step. Administration Compare and Contrast Chart Now that you have documented tenets from both the current and previous administration's cybersecurity policies, you will analyze them using a compare and contrast methodology. Using
  • 6. your completed Administration Policy Matrix, prepare a one- page chart that compares and contrasts the cybersecurity administration policies of the previous and current administration. Submit both the Administration Policy Matrix and your Administration Compare and Contrast Chart for feedback Focus on FISMA Report Until now, you have focused on analyzing current and past administrations' cybersecurity policy. However, your analysis would not be complete without considering a focus on statutes and organizations that determine standards such as FISMA and NIST. Using the discussion board, pair with another student in the cybersecurity management and policy arena and discuss the introduction of and the effectiveness of FISMA for the federal government. Conduct a high-level review of the FISMA document. Evaluate FISMA's ability to both assess compliance and ensure accountability. This discussion will be useful for your FISMA report in the following step. Use your discussion from the previous step as a basis for the report in this step. Remember, there are methods that the government uses for quantifying information security and loss. Create a two-page document that summarizes the impact of FISMA upon the quantification within the government, how FISMA implementation can affect the quantification, and the need for FISMA adherence across the federal government. Write a two-page discussion with the following points: · Describe and discuss the objectives of policy makers. · Describe and discuss the general problems that limit the effectiveness of vehicles that try to govern cybersecurity. · Considering the general problems discussed in the previous point, discuss ideas for improving cybersecurity. · Discuss how well you think FISMA works in the workplace.
  • 7. NIST Template Now that you have considered FISMA, it is time to consider an organization that defines standards and guidelines to comply with FISMA. The National Institute of Standards and Technology (NIST) is an organization that works collaboratively with government and industry to create cybersecurity policies and standards. While much of the work that NIST does is more technical, in this segment you will explore the cybersecurity policy side of NIST. Your policy research should include FIPS 200 and SP 800-53, addressing both the intent of these policies as well as assessing how well they have been implemented. Through researching the NIST cybersecurity documents, complete the NIST Template to create a high-level list of the "management and policy" cybersecurity issues put forth by NIST for government agencies and private industry. This document will help you compose the NIST conclusions section of your final report. Submit your Focus on NIST report for feedback. Final Report on National Cybersecurity Policy Throughout this project, you have reviewed and analyzed the presidential administration's cybersecurity policy, FISMA, and NIST. You will now compile your findings in a final report for your boss to deliver to the board of directors. Refer to the instruction for the final report for additional guidelines. Submit your completed final report. Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them in your work. · 1.4: Tailor communications to the audience. · 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem. · 7.1: Evaluate national cybersecurity policy.
  • 8. NIST Template Document Number Document Name Date NIST Guidance