Professional Documents
Culture Documents
Milestone 1
Milestone 1
Milestone 1
The Center for Internet Security (CIS) and the National Institute of Standards and Technology
(NIST) are two organizations publishing some of the most all-inclusive cybersecurity standards
that can be adopted by modern entities like Kingmakers to sharply improve their cybersecurity
awareness (Darren, 2021). NIST offers a broad set of non-compulsory guidelines for entities that
desire to improve their cybersecurity practices. Similarly, the CIS guideline contains 20 controls
that entities can implement to enhance their cybersecurity readiness. These cybersecurity
standards or controls would help improve cybersecurity practices at Kingmakers, especially data
security.
Background: The key reason for this paper is to ascertain the current cybersecurity
stance at Kingmakers and to establish where the need to be, looking at cybersecurity best
practices. This would provide the necessary insight on how to enhance the company’s
guidelines.
Purpose of the Guideline: Cybersecurity guidelines are sets of best practices that an
entity can utilize to enhance its cybersecurity posture (Cybersecurity Standards and
to protect the organization’s data from cyber threats. They would also provide the
incidents.
History of the Organization
Kingmakers, whose trade name is Betking was founded in Nigeria in February 2018 by Byron
Petzer and Adekunle Adeniji. Kingmakers is a pan-African sports betting company. Betking is
also the trade name of Blue Lake Ventures Limited. MultiChoice Nigeria, a pay-TV operator
controls a 49 per cent stake in Kingmakers with the balance bread among other numerous
shareholders. The company currently operates in Nigeria, Kenya, Ethiopia, Ghana and South
Africa with administrative offices in Dubai, Uk and Malta (Nigeria’s Top Five Leading Betting
Mission and Vision: The mission statement of Kingmaker is “to create an efficient
system that enables the quests of our Kings and Kingmakers by providing the right
technology, radical innovation, and uncompromised service to all our customers” and its
Vision Statement is “To develop and radically expand the growth of Blueblood in
will help reduce Kingmakers’ exposure to cybersecurity weaknesses and vulnerabilities that
cybercriminals could take advantage of. It lays the structure, and foundation and provides
It will evaluate Kingmaker's current cybersecurity programs and help focus the
It will help Kingmakers identify loopholes in its current projects, workforce, and
guidelines.
It helps marshal open doors for development using a consistent and persistent process.
It would help highlight any present practice that could outperform the prescribed
involves implementing best practices to safeguard an entity from cyber threats or attached
(Shea, 2021). It also provides a baseline for an entity’s security program that allows an
entity to consistently adapt to emerging cyber threats and attacks. These guidelines are
developed using the Zero Trust model and Defence In-depth Strategy- multiple layers of
security for holistic protection. The goal of this strategy is to lay the foundation of
cyber-attack.
Proposed Budget
The cost of implementing cybersecurity frameworks is always a major concern in most entities,
including Kingmakers. There is this notion that cybersecurity is for big organizations with huge
financial means (Odogwu, 2022). This notion is wrong because all entities are vulnerable to
cyber-attack and as such, most implement some cyber security framework to protect their assets.
That said, our proposed budget is N20,000,000 which would be used to implement all of the
Prioritize and Scope: At this stage, Kingmakers needs to identify its cybersecurity
objective together with high-level priorities. This will allow the entity to come up with
strategic cybersecurity implementation decisions and ascertain the scope of the systems
Kingmakers. Here the entity needs to identify related assets, requirements of regulatory
bodies and the overall risk of the program. Kingmaker’s cybersecurity leaders need to
pinpoint the vulnerabilities and threats to its assets. For instance, if the scope of the
Create a Current Profile: At this stage, Kingmaker’s current profile will be developed
by highlighting which control outcomes of the framework are being actualized. Those
that are partially achieved should be well noted so that supporting baseline data
concerning subsequent steps can then be provided. To ascertain which control outcomes
cybersecurity attack and related impact. The entity’s overall risk management procedure
or previous risk assessment activities could provide a guide. The risk assessment should
Create a Target Profile: Here a target profile needs to be created for Kingmakers that
will focus on the assessment and set out the desired cybersecurity outcomes. It is
advisable that a rational approach is taken when creating the profile. The risk appetite
should be put into consideration and let the entity determines which risk vector is
acceptable.
Determine, Analyze, and Prioritize Gaps: At this step, Kingmakers needs to ascertain,
analyze and prioritize existing gaps. This should be linked to the target profile. These
gaps should then be addressed by a prioritized action plan together with consideration for
the cost-benefit, mission-driven and risk to achieve the expected target profile outcome.
well.
which action to take and execute the said actions to fix the gaps. If there is any need for
adjustment in the cybersecurity practices, it should be done without delay to achieve the
target profile.
seven-step procedure or process for the entity to follow in order to implement a strong
cybersecurity framework. These steps entail comparing the present state of the cybersecurity
program at Kingmakers with a target cybersecurity program and bridging the gaps to realize the
target state of the program. These steps provide a flexible roadmap for the implementation of a
program improvement.
References
Belding, G. (2019, December 29). NIST CSF: The seven-step cybersecurity framework process.
cybersecurity-framework-process/#:~:text=Step%201%3A%20Prioritize%20and
%20scope&text=Key%20to%20this%20step%20is
https://www.itgovernanceusa.com/cybersecurity-standards
Darren , G. (2021, December 22). Differences and Similarities Between NIST and CIS. Carbide.
https://carbidesecure.com/resources/differences-and-similarities-between-nist-and-cis/
https://www.thisdaylive.com/index.php/2022/11/17/nigerias-top-five-leading-betting-
companies/#:~:text=Betking%20was%20birthed%20and%20launched
MUO. https://www.makeuseof.com/implement-cybersecurity-low-cost/
Prokopets, M. (2022, July 21). CIS Vs. NIST: Side-by-Side Comparison. Nira.
https://nira.com/cis-vs-nist/
https://www.edureka.co/blog/cybersecurity-framework/
Shea, S. (2021, August). What is Cybersecurity? Everything You Need to Know. SearchSecurity.
https://www.techtarget.com/searchsecurity/definition/cybersecurity
Simplilearn. (2021, June 21). What is a Cyber Security Framework: Overview, Types, and
Wikipedia Contributors. (2019, October 14). Center for Internet Security. Wikipedia;
Wikimedia Foundation. https://en.wikipedia.org/wiki/Center_for_Internet_Security