A client company has asked your cybersecurity consulting firm to provide it with a 2 to 3 page white paper which discusses the business need for investments in cybersecurity. The purpose of this white paper is to “fill in the gaps” in a business case that was already prepared by the company’s Chief Information Officer. The target audience for your paper is the company’s C-suite executives. These executives will be meeting later this month to discuss budget requests from department heads. The company has requested that your white paper use the same investment categories as are already in use for the CIO’s business case: people, processes, and technologies.
1. Read / Review the Week 1 readings.
a. Cyberspace and the Need for Cybersecurity(Course Module)
b. Preparing a Business Case (p. 1 only) http://www.ctg.albany.edu/publications/guides/smartit2?chapter=5&PrintVersion=2
c. An Introduction to the Business Model for Information Security http://www.isaca.org/knowledge-center/research/documents/introduction-to-the-business-model-for-information-security_res_eng_0109.pdf
d. http://philosophy.lander.edu/ethics/kant.html (Duty Ethics)
e. The social contract, social enterprise, and business model innovation http://ezproxy.umuc.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=102369404&site=ehost-live&scope=site
f. http://philosophy.lander.edu/ethics/calculus.html (Utilitarianism)
g. Definition of Cybersecurity at http://niccs.us-cert.gov/glossary
h. What is cybersecurity? http://www.umuc.edu/cybersecurity/about/cybersecurity-basics.cfm
2. Find three or more additional sources which provide information about best practice recommendations for cybersecurity and other reasons why businesses should invest in people, processes, and technologies related to cybersecurity. These additional sources can include analyst reports (e.g. Gartner, Forrester, Price-Waterhouse, Booz-Allen) and/or news stories about recent attacks / threats, data breaches, cybercrime, cyber terrorism, etc.
Write a two to three page summary of your research. At a minimum, your summary must include the following:
1. An introduction or overview of cybersecurity which provides definitions and addresses the business need for cybersecurity. This introduction should be suitable for an executive audience.
2. A separate section which addresses ethical considerations which drive the business need for investments in cybersecurity.
3. A review of best practices and recommendations which can be added to the existing business case to provide justification for cybersecurity-focused investments in the three investment categories identified by the company: people, processes, and technologies.
Your white paper should use standard terms and definitions for cybersecurity. The following sources are recommended:
· NICCS Glossary http://niccs.us-cert.gov/glossary
· The Five Pillars of Information Security: protection, detection, reaction, documentation, prevention (Ameri, 2004). http://cf.rims.org/Magazine/PrintTemplate.cfm?AID=2409
Submit For Grading & Discussion
1. Submit your case study in MS Word format (.docx or .doc file) using the Case Study #1 Assignment in your assignment folder. (Attach the file.)
2. Post your case study for discussion with your classmates. First, create a new topic in the Case Study #1 Discussion Forum. Then, paste the contents of your Case Study #1 document directly into that message. (Do not attach the file.)
3. Last posting or no posting for discussion will be penalized heavily so it is in your best interests to post your case study before the assigned due date.
1. Use standard APA formatting for the MS Word document that you submit to your assignment folder. Formatting requirements and examples are found under Course Resources > APA Resources.
2. Use the “Paste from Word” paste option in the LEO editor when posting your Case Study to the Case Study #1 Discussion forum.
1. You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs. These items are graded under Professionalism and constitute 20% of the assignment grade.
2. You are expected to credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must comply with APA 6th edition Style requirements. Failure to credit your sources will result in penalties as provided for under the university’s Academic Integrity policy.