Question
In: Computer Science
Adoption of the Critical Security Controls is a hot topic in today’s organizations.
Adoption of the Critical Security Controls is a hot topic in today’s organizations. Review the CSC survey document and provide at least one suggestion on three different controls for an organization to move from awareness of the CSC’s to implementation. Please feel free to make assumptions as needed for you to develop recommendations for a fictional company. The document is attached. https://www.sans.org/reading-room/whitepapers/analyst/2013-critical-security-controls-survey-moving-awareness-action-35065
Solutions
Expert Solution
In order to do this question you can go through the document, however, the main focus of the question is to provide atleast one suggestion for each of the three different controls for real/imaginary organization to move from awareness of the CSC's to implementation.
The three different controls are:
1. Mature Control
2. Evolving Control
3. Immature Control
Suggestions can be like a scenario description like below:
for mature control: Suppose a manager in the organization is
storing data only in the hard drive of his desktop. One day, his
hard drive crashes then with his hard drive all the data is also
gone. So, in order to prevent that, he should have made a copy of
the data and stored it in cloud or some other safer server. In
order to recover from this type disaster, organizations often make
it employees to store data in cloud or a common server which is
guarded by recovery techniques.
You can provide suggestions in similar way for the other two controls too.
venereology answered 1 year agoRelated Solutions
A hot topic in today’s news is the rising cost of health care and how we,...
A hot topic in today’s news is the rising cost of health care
and how we, as a country can provide health coverage. Is healthcare
a right or choice? Do you believe health care should be regulated
and government funded? Or do you believe health care should be
provided by the private sector and allow competition to manage the
risk and access of healthcare. In addition, what are some viable
alternatives to this problem? What implications might these
alternatives have...
In today’s world, IT organizations are finding alternative ways of delivering value to their customers, and...
In today’s world, IT organizations are finding alternative ways
of delivering value to their customers, and to achieve these
objectives there has been advocates of IT Outsourcing, you are an
IT Manager of newly setup Savings and Loans Company, SAVELOAN Inc,
and you have been tasked by your management to do a presentation to
the Board of Directors who are not very sure of the way to go in
accepting the sourcing options that will make them competitive
since they...
1. What are the major external forces for change in today’s organizations? 2. What are the...
1. What are the major external forces for change in today’s
organizations?
2. What are the advantages of using an external change agent? An
internal change agent?
3. Can organizations prevent resistance to change? If so,
how?
Accreditation is the evaluation of the security controls of an IT system to establish the extent...
Accreditation is the evaluation of the security controls of an
IT system to establish the extent to which a particular design and
implementation meets a set of specified security requirements. The
risk management strategy used for A&A is depicted in the
document, Risk Management Framework. Select ONE of the six
steps of the framework illustrated in the Risk Management
Framework.
In at least 250 words, discuss the following:
Identify the step and associated government document.
Discuss the importance of the...
Accreditation is the evaluation of the security controls of an IT system to establish the extent...
Accreditation is the evaluation of the security controls of an
IT system to establish the extent to which a particular design and
implementation meets a set of specified security requirements. The
risk management strategy used for A&A is depicted in the
document, Risk Management Framework. Select Three of the
six steps of the framework illustrated in the Risk Management
Framework below:
STEPS: 1: Categorize Information System 2: Implement Security
Controls 3: Assess Security Controls 4: Select Security Controls 5:
Authorize...
- List some of Windows Server threats and the security controls?
- List some of Windows Server threats and the security
controls?
Managing IT security and risks Information security is critical in the development and implementation of information...
Managing IT security and risks Information security is critical
in the development and implementation of information systems in
organizations. Assume that you are developing a customer
relationship management system for Morita Loan, list five methods
that you can use to protect the data in such a system and discuss
how you can implement these five means for information
security.
Retailing is a hot topic in the news. Experts think that we are in the midst...
Retailing is a hot topic in the news. Experts think that we are
in the midst of a significant shift in retailing. Many more people
are shopping on line. Amazon in dominating the e-commerce
world. Find a current article(s) on the state of
retailing. Read and summarize the article or articles points. What
are some of the emerging trends you are seeing? What are the
greater implications for retail businesses and consumers?
Research and include the following: Security Risk Mitigation Plan: Select and document security policies and controls.
Security Mitigation Plan discuss the following Research and include the following: Security Risk Mitigation Plan: Select and document security policies and controls. Create password policies. Document administrator roles and responsibilities. Document user roles and responsibilities. Determine authentication strategy. Determine intrusion detection and monitoring strategy. Determine virus detection strategies and protection. Create auditing policies and procedures. Develop education plan for employees on security protocols and appropriate use. Provide risk response. Avoidance Transference Mitigation Acceptance Address change Management/Version Control. Outline acceptable use of organizational assets and data. Present employee policies (separation of duties/training). Explain incident response. Incident types/category definitions Roles and responsibilities Reporting requirements/escalation Cyber-incident response...
Research and include the following: Security Risk Mitigation Plan: Select and document security policies and controls....
Research and include the
following:
Security Risk Mitigation Plan:
Select and document security policies and controls.
Create password policies.
Document administrator roles and responsibilities.
Document user roles and responsibilities.
Determine an authentication strategy.
Determine an intrusion detection and monitoring strategy.
Determine virus detection strategies and protection.
Create auditing policies and procedures.
ADVERTISEMENT
ADVERTISEMENT
Latest Questions
- Economists widely agree that Rent Control and Rent Ceilings are very unfavorable to use. This brings...
- Researching career options can be fun. You never know what's out there until you look! List...
- I want specific Constraints and success for coffee shop project? each one separate graph
- [Python programming] Functions, lists, dictionary, classes CANNOT BE USED!!! This assignment will give you more experience...
- In procedure 2: suppose red light passes through a double slit and falls on a screen....
- Based on the following: The estimated purchase price for the equipment required to move the operation...
- can someone please check the code below? Thank you Hunterville College Tuition Design a program for...
ADVERTISEMENT