Read the following scenario and use it as the basis for your answers to the associated essay questions:
You are an information system security professional for CCS International, a company that provides IT personnel for a variety of government and private contracts. The organization to which you are currently contracted hires a new chief security officer (CSO) after the previous CSO retires. Although the new CSO is in charge of security for the organization’s data assets, networks, and computer systems, her background and most recent experience is in physical security, and she knows very little about information security. Your manager explains that you have been assigned the task of preparing an information brief for the new CSO, which will provide her with the basics of cyber security, acquaints her with the current threats facing your organization’s data infrastructure, and the legal issues related to protecting the enterprise. Prepare a slide presentation covering (at a minimum) the following topics:
What is cyber security, and what are some of its key concepts?
What are the most significant threats to your data, and what are some of the root causes of those threats?
Are cyber criminals a real danger to your enterprise? Why or why not?
What is risk management, and how can the risk management process help you protect your infrastructure and data?
What are some computer security best practices that you would recommend, and how will they help protect your IT assets?
If your organization does become a victim of a cyber-crime or a security incident, how will you respond? What types of evidence would be important to your investigation, and how would they be used? What would law enforcement’s role be in your incident response plan?
Are there any laws at the local, state, federal, or even international level that protect your organization by imposing penalties on cyber criminals? Provide at least one example of a cyber-crime court case, and explain both its outcome and its significance.
What do you need from the CSO to best protect your organization? Justify your requests.
Prepare a 15- to 20-slide presentation addressing the scenario and covering the topics above. Ensure that you create a title slide for your presentation (not included in the 15- to 20-slide count) displaying your name, the course title, and the date of submission. Be sure to use a background and fonts appropriate for your meeting with the CSO.
Prepare a script to go along with the slide presentation that could be read to provide an in-depth discussion of the topics highlighted on the slides. Research the topics above, using your textbook, information provided in class, and resources provided by the UMUC library or textbooks from previous courses. Your script should be written in an academic format, should be logically organized (e.g., introduction, body, and conclusion), and should include the following: