Your Perfect Assignment is Just a Click Away

We Write Custom Academic Papers

100% Original, Plagiarism Free, Customized to your instructions!

How It Works
Order Now
glass
pen
clip
papers
heaphones

Design a Security Awareness and Training Program Essay

Engineering

Engineering

Design a Security Awareness and Training Program Essay

Description

Communication and Network Security

Network security depends on the extent to which the network architecture and design mitigates risk. Cybersecurity practitioners need to have an understanding of the Open Systems Interconnection (OSI) Model and the Transmission Control Protocol/Internet Protocol (TCP/IP). These multilayer protocols within the OSI Model and TCP/IP conceptually represent different functionality within the network architecture and tend to be vendor-neutral to support compatibility and standardization. These models serve as guides and are generalized to support numerous applications and use cases.

Figure 3

The Open Systems Interconnection (OSI) Model

The Open Systems Interconnection (OSI) Model, including the seven layers

As business models evolve and advances in technology occur, security standards and implementation also need to change dynamically. Security management principles are applied iteratively with the security practitioner maintaining continued awareness of the latest threats and vulnerabilities. Security attacks committed by nefarious actors also become more evolved in technique and target, having implications for reviewing and renewing security protocols and policies within an organization regularly. The ubiquitous nature of the Internet, the prevalence of data sharing, and the need to remain competitive in a global economy serve to drive advances in criminal cybersecurity behavior to thwart detection and the need to remain vigilant in the cybersecurity industry.

Intrusion detection systems (IDS) are used to limit the number of false positives (flagging network activity suspicious when the traffic is normal) and limit the number of true positives of undesirable network traffic that are missed in the process. An important fact must be considered. Lowering thresholds for recognizing traffic patterns can allow the suspicious activity to go unrecognized. Network security personnel spend time tuning the system to learn the traffic patterns in the network. In doing this, a normal pattern can be established and then compared to a difference in pattern, presumed to be suspect when detected until proven otherwise. The ultimate goal of the security personnel is to achieve balance cost-effectively and securely.

Security Awareness

Organizations employ a variety of individuals who hold different roles. All employees must recognize that people are often considered the weakest link within an organization. Offering a security awareness training program is a useful tool for educating employees about the risk of accidentally or intentionally engaging in behavior that can threaten the security of information systems. Each functional area in the organization is critical to the business being able to accomplish its mission and goals. Having an integrated plan for security awareness and training permits the employees to assess the level of security knowledge, identify gaps in understanding, and provide remediation through the creation of policy and procedure. An organizational culture that maintains security awareness understands that not having a cyber defense is the supreme example of vulnerability. Attackers know that some organizations lack security awareness or consistency in implementing and maintaining adequate security protocols. Culturally, the organization must engage in normal practice as though the worse case security breach scenario is possible.

Weekly Resources and Assignments

Review the resources from the Course Resources link, located in the top navigation bar, to prepare for this week’s assignments. The resources may include textbook reading assignments, journal articles, websites, links to tools or software, videos, handouts, rubrics, etc.

Week 4 – Assignment: Design a Security Awareness and Training Program

Assignment

Task: Submit to complete this assignment

time Due March 13 at 11:59 PM

Using the NIST Cybersecurity Framework and the organizational knowledge gained in the prior assignments, apply the Protect function to design a Security Awareness and Training Program. Specifically, the training should educate all staff on the need to secure network components to ensure network security for all hardware, software, and business functions that could be impacted.

The training program should include the following from the IT Security Learning Continuum:

  1. Education – describe the level of education and professional development that is needed for staff who manage cybersecurity operations in the organization.
  2. Training – describe each competency area of focus and the intended user audience.
  3. Awareness – describe each topic to be included in each awareness session or material for distribution.
  4. Using the link to the NIST SP 800-50 document found in weekly resources as a guide, specifically Section 3 “Designing an Awareness and Training Program”, select Model 1, Model 2, or Model 3 to structure your program, and then, justify why this model is best aligned with the needs of the organization.
  5. Describe how the program supports relevant governance, risk, and compliance strategies and policies for improving information security within the organization.
  6. Justifications for each recommendation should be supported by the NIST CSF and other industry-accepted standards.

https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistsp…

COMMUNICATION AND NETWORK SECURITYNetwork security depends on the extent to which the network architecture and design mitigates risk. Cybersecurity practitioners need to have an understanding of the Open Systems Interconnection (OSI) Model and the Transmission Control Protocol/Internet Protocol (TCP/IP). These multilayer protocols within the OSI Model and TCP/IP conceptually represent different functionality within the network architecture and tend to be vendor-neutral to support compatibility and standardization. These models serve as guides and are generalized to support numerous applications and use cases.Figure 3The Open Systems Interconnection (OSI) ModelAs business models evolve and advances in technology occur, security standards and implementation also need to change dynamically. Security management principles are applied iteratively with the security practitioner maintaining continued awareness of the latest threats and vulnerabilities. Security attacks committed by nefarious actors also become more evolved in technique and target, having implications for reviewing and renewing security protocols and policies within an organization regularly. The ubiquitous nature of the Internet, the prevalence of data sharing, and the need to remain competitive in a global economy serve to drive advances in criminal cybersecurity behavior to thwart detection and the need to remain vigilant in the cybersecurity industry.Intrusion detection systems (IDS) are used to limit the number of false positives (flagging network activity suspicious when the traffic is normal) and limit the number of true positives of undesirable network traffic that are missed in the process. An important fact must be considered. Lowering thresholds for recognizing traffic patterns can allow the suspicious activity to go unrecognized. Network security personnel spend time tuning the system to learn the traffic patterns in the network. In doing this, a normal pattern can be established and then compared to a difference in pattern, presumed to be suspect when detected until proven otherwise. The ultimate goal of the security personnel is to achieve balance cost-effectively and securely.Security AwarenessOrganizations employ a variety of individuals who hold different roles. All employees must recognize that people are often considered the weakest link within an organization. Offering a security awareness training program is a useful tool for educating employees about the risk of accidentally or intentionally engaging in behavior that can threaten the security of information systems. Each functional area in the organization is critical to the business being able to accomplish its mission and goals. Having an integrated plan for security awareness and training permits the employees to assess the level of security knowledge, identify gaps in understanding, and provide remediation through the creation of policy and procedure. An organizational culture that maintains security awareness understands that not having a cyber defense is the supreme example of vulnerability. Attackers know that some organizations lack security awareness or consistency in implementing and maintaining adequate security protocols. Culturally, the organization must engage in normal practice as though the worse case security breach scenario is possible.WEEKLY RESOURCES AND ASSIGNMENTSReview the resources from the Course Resources link, located in the top navigation bar, to prepare for this week’s assignments. The resources may include textbook reading assignments, journal articles, websites, links to tools or software, videos, handouts, rubrics, etc.Week 4 – Assignment: Design a Security Awareness and Training ProgramAssignment Due March 13 at 11:59 PMUsing the NIST Cybersecurity Framework and the organizational knowledge gained in the prior assignments, apply the Protect function to design a Security Awareness and Training Program. Specifically, the training should educate all staff on the need to secure network components to ensure network security for all hardware, software, and business functions that could be impacted.The training program should include the following from the IT Security Learning Continuum:Education – describe the level of education and professional development that is needed for staff who manage cybersecurity operations in the organization.Training – describe each competency area of focus and the intended user audience.Awareness – describe each topic to be included in each awareness session or material for distribution.Using the link to the NIST SP 800-50 document found in weekly resources as a guide, specifically Section 3 “Designing an Awareness and Training Program”, select Model 1, Model 2, or Model 3 to structure your program, and then, justify why this model is best aligned with the needs of the organization.Describe how the program supports relevant governance, risk, and compliance strategies and policies for improving information security within the organization.Justifications for each recommendation should be supported by the NIST CSF and other industry-accepted standards.Length: 5 to 6-page paperReferences: Use the weekly resources to support your assignment.The completed assignment should address all of the assignment requirements, exhibit evidence of concept knowledge, and demonstrate thoughtful consideration of the content presented in the course. The writing should integrate scholarly resources, reflect academic expectations and current APA standards, and adhere to Northcentral University’s Academic Integrity Policy.this is all week 4

Week 4 – Assignment: Design a Security Awareness and Training Program Previous Next InstructionsUsing the NIST Cybersecurity Framework and the organizational knowledge gained in the prior assignments, apply the Protect function to design a Security Awareness and Training Program. Specifically, the training should educate all staff on the need to secure network components to ensure network security for all hardware, software, and business functions that could be impacted.The training program should include the following from the IT Security Learning Continuum:Education – describe the level of education and professional development that is needed for staff who manage cybersecurity operations in the organization.Training – describe each competency area of focus and the intended user audience.Awareness – describe each topic to be included in each awareness session or material for distribution.Using the link to the NIST SP 800-50 document found in weekly resources as a guide, specifically Section 3 “Designing an Awareness and Training Program”, select Model 1, Model 2, or Model 3 to structure your program, and then, justify why this model is best aligned with the needs of the organization.Describe how the program supports relevant governance, risk, and compliance strategies and policies for improving information security within the organization.Justifications for each recommendation should be supported by the NIST CSF and other industry-accepted standards.Length: 5 to 6-page paperReferences: Use the weekly resources to support your assignment.The completed assignment should address all of the assignment requirements, exhibit evidence of concept knowledge, and demonstrate thoughtful consideration of the content presented in the course. The writing should integrate scholarly resources, reflect academic expectations and current APA standards, and adhere to Northcentral University’s Academic Integrity Policy.When applicable, conduct a Turnitin pre-check and then upload your completed assignment and click the Submit to Dropbox button.

thiis is what is on the linkWeek 4 – Assignment: Design a Security Awareness and Training ProgramPrevious Next InstructionsUsing the NIST Cybersecurity Framework and the organizational knowledge gained in the prior assignments, apply the Protect function to design a Security Awareness and Training Program. Specifically, the training should educate all staff on the need to secure network components to ensure network security for all hardware, software, and business functions that could be impacted.The training program should include the following from the IT Security Learning Continuum:Education – describe the level of education and professional development that is needed for staff who manage cybersecurity operations in the organization.Training – describe each competency area of focus and the intended user audience.Awareness – describe each topic to be included in each awareness session or material for distribution.Using the link to the NIST SP 800-50 document found in weekly resources as a guide, specifically Section 3 “Designing an Awareness and Training Program”, select Model 1, Model 2, or Model 3 to structure your program, and then, justify why this model is best aligned with the needs of the organization.Describe how the program supports relevant governance, risk, and compliance strategies and policies for improving information security within the organization.Justifications for each recommendation should be supported by the NIST CSF and other industry-accepted standards.Length: 5 to 6-page paperReferences: Use the weekly resources to support your assignment.The completed assignment should address all of the assignment requirements, exhibit evidence of concept knowledge, and demonstrate thoughtful consideration of the content presented in the course. The writing should integrate scholarly resources, reflect academic expectations and current APA standards, and adhere to Northcentral University’s Academic Integrity Policy.When applicable, conduct a Turnitin pre-check and then upload your completed assignment and click the Submit to Dropbox button.

 

Order Solution Now

Our Service Charter

1. Professional & Expert Writers: School Assignment only hires the best. Our writers are specially selected and recruited, after which they undergo further training to perfect their skills for specialization purposes. Moreover, our writers are holders of masters and Ph.D. degrees. They have impressive academic records, besides being native English speakers.

2. Top Quality Papers: Our customers are always guaranteed papers that exceed their expectations. All our writers have +5 years of experience. This implies that all papers are written by individuals who are experts in their fields. In addition, the quality team reviews all the papers before sending them to the customers.

3. Plagiarism-Free Papers: All papers provided by School Assignment are written from scratch. Appropriate referencing and citation of key information are followed. Plagiarism checkers are used by the Quality assurance team and our editors just to double-check that there are no instances of plagiarism.

4. Timely Delivery: Time wasted is equivalent to a failed dedication and commitment. School Assignment is known for timely delivery of any pending customer orders. Customers are well informed of the progress of their papers to ensure they keep track of what the writer is providing before the final draft is sent for grading.

5. Affordable Prices: Our prices are fairly structured to fit all groups. Any customer willing to place their assignments with us can do so at very affordable prices. In addition, our customers enjoy regular discounts and bonuses.

6. 24/7 Customer Support: At School Assignment, we have put in place a team of experts who answer all customer inquiries promptly. The best part is the ever-availability of the team. Customers can make inquiries anytime.

Menu
Free resources
 
Dissertation help
 
Email
support@writeship.com
Schoolassignment.blog ©2023 All rights reserved. Terms of use | Privacy Policy