Scribd Logo
Upload

Welcome to Scribd!

  • IT-552 Executive Summary

    Uploaded by

    Roland Beauchesne
    85 views12 pages
    The Security Awareness Program outlined in the document will implement a Security Training Program to educate employees on computer security policies and procedures. It aims to prevent costly IT incidents. The program establishes policies, a monitoring plan, communication plan, and defines roles and responsibilities to strengthen security and reduce threats.

    Original Description:

    Executive summary powerpoint of an Incident Response Plan.

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The Security Awareness Program outlined in the document will implement a Security Training Program to educate employees on computer security policies and procedures. It aims to prevent costly IT incidents. The program establishes policies, a monitoring plan, communication plan, and defines roles and responsibilities to strengthen security and reduce threats.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    85 views12 pages

    IT-552 Executive Summary

    Uploaded by

    Roland Beauchesne
    The Security Awareness Program outlined in the document will implement a Security Training Program to educate employees on computer security policies and procedures. It aims to prevent costly IT incidents. The program establishes policies, a monitoring plan, communication plan, and defines roles and responsibilities to strengthen security and reduce threats.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 12

    MUSA CORPORATION

    SECURITY AWARENESS PROGRAM SUMMARY


    SUMMARY

    The Security Awareness Program will include a Security Training Program which
    is critical in educating all employees, from the CEO on down, on the importance
    of computer security and explain the new policies and procedures. This program
    will aid in preventing a potentially costly and disastrous IT events.
    POLICIES

    • Policies and procedures are being implemented that will set the expectations
    for security compliance and standards
    • These policies will be effective in aiding in the defense of the organization
    and will be the foundation for current and future defense strategies.
    MONITORING PLAN

    • Work Planning
    • Work Setting
    • Employee Readiness
    COMMUNICATION PLAN

    • Provides Stakeholders with


    necessary information
    • Determine who is to be informed
    • Establishes timeline as to who is to
    be notified when.
    • Establishes the communication
    channels to be used
    REASON FOR IMPLEMENTATION

    • Currently, there is not a Security Awareness Plan/Program in existence


    • Configuration Change Management does not exist
    • No Intrusion Detection System in place
    • No policy regarding media access
    • Encryption/hashing not being used on sensitive information
    • Low morale and high turnover among all levels of the organization
    ROLES AND RESPONSIBILITIES

    • HR will ensure that employees complete required all training/retraining


    • Manger, IT Department will head the Incident Response Team
    • Incident Response Team consist of IT Dept Manager, CISO, CTO, and/or their
    designees.
    • All employees will learn of their basic responsibilities.
    • Cyber Security (Incident Response) position to be created and filled by
    qualified individual
    ASSESSMENT

    • Environmental Analysis
    • Threats to the Environment
    BEST PRACTICES

    • Intrusion Detection Systems


    • Firewalls
    • DMZ
    • Internal Audits
    • Least Permission
    CONCLUSION

    In order to have an effective security program it is essential to implement a


    security awareness plan. The plan will bring about much needed changes within
    the current culture which will, ultimately, strengthen the company, reduce threats,
    and make it more secure. These new policies and procedures will aid in
    providing better confidentiality, integrity, and availability.
    REFERENCES

    • Brecht, D. (2016, January 22). The importance of security awareness training for enterprise
    IT governance. Retrieved from https://www.enterprise-
    cio.com/news/2016/jan/22/importance-security-awareness-training-enterprise-it-governance/
    • Burroughs, A. (2018, January 29). Measure your organization’s security posture to ensure
    protection. Retrieved from http://www.sbnonline.com/article/measure-your-organizations-
    security-posture-to-ensure-protection/
    • EMPLOYEE ENGAGEMENT VS STRATEGY EXECUTION READINESS. (2018).
    Retrieved from https://humetriqs.com/blog/employee-engagement/employee-engagement-vs-
    strategy-execution-readiness/
    • Rouse, M. (2018). Security Awareness Training. Retrieved from
    https://searchsecurity.techtarget.com/definition/security-awareness-training
    • Rouse, M. (n.d.). countermeasure. Retrieved from
    https://searchsoftwarequality.techtarget.com/definition/countermeasure
    • Walt, C. v. (2001, August 27). Introduction to Security Policies, Part One: An
    Overview of Policies. Retrieved from
    https://www.symantec.com/connect/articles/introduction-security-policies-
    part-one-overview-policies

    You might also like