cybersecurity policy section of the manual

ATTN: This teacher is very anal about how the papers are written so please make sure to read the Rubric and the Word Doc i attached on How to complete Writing Assignments. There is a template that is included that went with the assignment. I also added What i did in milestone one just incase it is needed.Overview: For the final project in this course you will assume the role of a training manager at a cybersecurity firm needing to create a training manual for new information security analyst hires. For milestone two, complete the cybersecurity policy section of the manual. Remember, use the same manual you used to complete milestone one.Prompt: You will submit the cybersecurity policy section of the training manual. The training manual will include a discussion of the purpose and value of cybersecurity, illuminate core tenets of cybersecurity, and illustrate best practices for addressing common threat scenarios. Use the information on each of these topics to develop a customized training manual for newly hired cybersecurity professionals at CyberLeet.Specifically, the following critical elements must be addressed:I. How to Develop Cybersecurity Policies: In this part of the training manual, you will develop the cybersecurity policies in four distinct areas for new hires at CyberLeet. Based on information you have learned on cybersecurity use and governance, you will develop policies for end-user passwords, acceptable use, basic users, and user training. For each of these areas, follow the guiding questions to develop effective use policies that new hires will be trained on. Review the directions in each section of the manual template to guide your response. Be sure you delete all of the directions in each section prior to finalizing the information.A. What principles should the information security analyst apply in order to develop appropriate password policies for their clients? Make sure you address confidentiality, integrity, and availability of information.B. What principles should the information security analyst apply in order to develop appropriate acceptable use policies for the client? Make sure you address confidentiality, integrity, and availability of information.C. What principles should the information security analyst apply in order to develop appropriate user training policies for the client? Make sure you address confidentiality, integrity, and availability of information.D. What principles should the information security analyst apply in order to develop appropriate basic user policies for the client? Make sure you address confidentiality, integrity, and availability of information.RubricGuidelines for Submission: Use the template provided to complete this assignment. Review each section and follow the prompts accordingly. All prompts should be deleted. Remember, you are responsible for every section of a completed training manual.Instructor Feedback: This activity uses an integrated rubric in Blackboard. Students can view instructor feedback in the Grade Center. For more information, review these instructions.
example_of_how_you_should_write_your_assignments.docx

it380_milestone_two_guidelines_and_rubric.pdf

Don't use plagiarized sources. Get Your Custom Essay on
cybersecurity policy section of the manual
Just from $13/Page
Order Essay

milestone_one_.doc

it380_final_project_template__1_.doc

Unformatted Attachment Preview

Students,
There is a grading rubric on each of your written assignments. Similar to the following:
Based on the grading rubric in each of your assignments do the following:
EXAMPLE OF HOW YOU SHOULD WRITE YOUR ASSIGNMENTS!!!
TITLE PAGE
Enter your text here: Title page with course name, your name, date.
REPORT Section
Note to Student: Take the critical element title in each rubric and make it a section in your
assignment to turn in.
Identification of Violated Cybersecurity Tenets
Enter your text here: Write paragraphs.
Analysis of Data Defense
Enter your text here: Write paragraphs.
Best Practices Recommendation
Enter your text here: Write paragraphs.
Note: You do not need to add the “Proper Use of Writing, Mechanics, and Grammar”
critical element in your paper. This is for me to grade your overall work.
IT 380 Milestone Two Guidelines and Rubric
Overview: For the final project in this course you will assume the role of a training manager at a cybersecurity firm needing to create a training manual for new
information security analyst hires. For milestone two, complete the cybersecurity policy section of the manual. Remember, use the same manual you used to
complete milestone one.
Prompt: You will submit the cybersecurity policy section of the training manual. The training manual will include a discussion of the purpose and value of
cybersecurity, illuminate core tenets of cybersecurity, and illustrate best practices for addressing common threat scenarios. Use the information on each of
these topics to develop a customized training manual for newly hired cybersecurity professionals at CyberLeet.
Specifically, the following critical elements must be addressed:
I.
How to Develop Cybersecurity Policies: In this part of the training manual, you will develop the cybersecurity policies in four distinct areas for new hires
at CyberLeet. Based on information you have learned on cybersecurity use and governance, you will develop policies for end-user passwords, acceptable
use, basic users, and user training. For each of these areas, follow the guiding questions to develop effective use policies that new hires will be trained
on. Review the directions in each section of the manual template to guide your response. Be sure you delete all of the directions in each section prior to
finalizing the information.
A. What principles should the information security analyst apply in order to develop appropriate password policies for their clients? Make sure you
address confidentiality, integrity, and availability of information.
B. What principles should the information security analyst apply in order to develop appropriate acceptable use policies for the client? Make sure
you address confidentiality, integrity, and availability of information.
C. What principles should the information security analyst apply in order to develop appropriate user training policies for the client? Make sure
you address confidentiality, integrity, and availability of information.
D. What principles should the information security analyst apply in order to develop appropriate basic user policies for the client? Make sure you
address confidentiality, integrity, and availability of information.
Rubric
Guidelines for Submission: Use the template provided to complete this assignment. Review each section and follow the prompts accordingly. All prompts should
be deleted. Remember, you are responsible for every section of a completed training manual.
Instructor Feedback: This activity uses an integrated rubric in Blackboard. Students can view instructor feedback in the Grade Center. For more information,
review these instructions.
Critical Elements
How To:
Password
Policies
How To:
Acceptable Use
Policies
How To: User
Training Policies
How To: Basic
User Policies
Exemplary (100%)
Meets “Proficient” criteria and
demonstrates keen insight into
best practices for defending the
confidentiality, integrity, and
availability of information
Meets “Proficient” criteria and
demonstrates keen insight into
best practices for defending the
confidentiality, integrity, and
availability of information
Meets “Proficient” criteria and
demonstrates keen insight into
best practices for defending the
confidentiality, integrity, and
availability of information
Meets “Proficient” criteria and
demonstrates keen insight into
best practices for defending the
confidentiality, integrity, and
availability of information
Proficient (85%)
Identifies specific principles for
developing appropriate password
policies that address
confidentiality, integrity, and
availability of information
Identifies specific principles for
developing appropriate
acceptable use policies that
address confidentiality, integrity,
and availability of information
Identifies specific principles for
developing appropriate user
training policies that address
confidentiality, integrity, and
availability of information
Identifies specific principles for
developing appropriate basic user
policies that address
confidentiality, integrity, and
availability of information
Needs Improvement (55%)
Not Evident (0%)
Identifies principles for developing Does not identify principles for
password policies but fails to fully developing password policies
address all relevant aspects or
there are gaps in logic or accuracy
Identifies principles for developing
acceptable use policies but fails to
fully address all relevant aspects
or there are gaps in logic or
accuracy
Identifies principles for developing
user training policies but fails to
fully address all relevant aspects
or there are gaps in logic or
accuracy
Identifies principles for developing
basic user policies but fails to fully
address all relevant aspects or
there are gaps in logic or accuracy
Value
25
Does not identify principles for
developing acceptable use policies
25
Does not identify principles for
developing user training policies
25
Does not identify principles for
developing basic user policies
25
Total
100%
Company Training Manual
Company Training Manual
Prepared by:
CYBERLEET TRAINING MANUAL
MANUAL OVERVIEW
SECTION 1:
INTRODUCTION: WELCOME TO CYBERLEET
4
5
1.1 INTRODUCTION ………………………………………………………………………………………………………………………………. 5
1.2 YOUR ROLE AT CYBERLEET…………………………………………………………………………………………………………….. 6
1.3 PURPOSE OF THIS MANUAL ……………………………………………………………………………………………………………… 6
SECTION 2:
CORE TENETS OF CYBERSECURITY
7
2.1 CONFIDENTIALITY ………………………………………………………………………………………………………………………….. 7
2.2 INTEGRITY …………………………………………………………………………………………………………………………………….. 8
2.3 AVAILABILITY ……………………………………………………………………………………………………………………………….. 9
SECTION 5: REFERENCES
Company Manual
10
Page |3
CYBERLEET TRAINING MANUAL
MANUAL OVERVIEW
You are the training manager at CyberLeet Technologies, a midsized firm that provides
cybersecurity services to other businesses. CyberLeet’s core customer base is sole
proprietorships and other mom-and-pop shops that are too small to have their own IT
departments and budgets. Generally speaking, your clients have a reasonably high risk
tolerance, and put a premium on the functionality of their IT systems over stringent security
measures. However, you also have clients that must protect highly sensitive information in
order to continue operating successfully. For example, CyberLeet supports a few small
public-accounting firms that need to maintain important tax-related information, as well as
several day-care businesses that must keep children’s health records private while allowing
necessary access for certain caregivers. In the past year, CyberLeet has experienced rapid
growth, which means you can no longer personally provide one-on-one training to every
new information security analyst as they are hired. Therefore, you have decided to create a
training manual that will explain to the current and future cohorts of new hires the essential
principles and practices that they must understand in order to be successful in their role as
information security analysts at CyberLeet.
Manual Layout
There are four sections in the manual, which cover all the components of a new employee training
manual. As the training manager, you must complete each section using information you learned in
this course. Refer to the background information on CyberLeet and apply the appropriate
information that best matches based on the size of the company, the value of cybersecurity, and its
core tenets. Apply best practices of cybersecurity principles for addressing the common threat
scenarios of a sole proprietary business. The main sections of the manual you are responsible for
completing are the following:
•
Introduction
•
Core tenets of cybersecurity
•
Developing cybersecurity policies
•
Threat mitigation scenarios
Company Manual
Page |4
CYBERLEET TRAINING MANUAL
SECTION 1: Introduction: Welcome to CyberLeet
1.1 Introduction
Cyberleet Technologies is a midsized firm that offers technology solutions and cybersecurity
services to small companies. The company’s clientele comprises majorly of small sole
proprietorships and mom-and-pop shops that cannot maintain their own IT departments due
to their small sizes and budgets.
CyberLeet Technologies operates under a set of values. The key value is the offering of
quality services to the small businesses. CyberLeet also strives to provide highly secure
services to its customers with a view to protecting their data at a low cost. The company also
seeks to provide support services to companies in the management of their data and
maintain high levels of accountability.
There is a demand for information security services in a business environment. For the past
two decades, both large and small businesses have been migrating from the traditional data
maintenance methodologies such as the traditional filing systems to modern technological
methods so as to raise their efficiency and improve the security of their information (Sanders
Randall & Smith, 2013). At the same time, the cost of maintaining information through
technology has declined significantly, which has allowed smaller companies to venture in
services that were once reserved for large companies. Unfortunately, new threats keep on
emerging, and whose growth rate has grown to match the drastic growth of technology
during the ongoing technological revolution (Peltier, 2010). Many authorities such as
governments and information security agencies are thus implementing policies seeking to
raise accountability and security level of information held by organizations, thus prompting a
further need for information security by both the information owners and the service
providers.
Cybersecurity issues have a significant impact on business resources. In this case,
businesses are required to invest heavily in cyber security so as to ensure that their
information is secure. This is even made more expansive due to the new threats that keep
on emerging. Unlike the past, however, businesses require significantly lesser personnel to
manage their information. The cost that is saved on human resources, the increased
efficiency, and a rise in productivity thus leverage the rise in operational cost needed to put
up information security infrastructure and constant cybersecurity measures.
Company Manual
Page |5
CYBERLEET TRAINING MANUAL
1.2 Your Role at CyberLeet
New hires have a number of roles in CyberLeet technologies. They should always work
towards ensuring that the system is operating optimally and that no unnecessary downtimes
are recorded by the company so as to maintain the convenience of the customers. The new
hires are also responsible for managing the data and ensuring that the security level of the
system is maintained. Due to the rising security threats, they should always monitor the
performance of the system so as to identify and mitigate against any potential threats as the
repercussions can be too devastating and expensive (Stallings & Brown, 2012). New hires
should provide a supportive role to their superior technicians and particularly in providing
supportive services in the server section, network security operations, data and threat
analysis, security assessment, and development of the network infrastructure, among others
as may be designated by their team leaders and the senior personnel.
The ultimate goals of the new hires should be the satisfaction of the clients. Satisfaction of
the existing clients is important for the growth of the company. As such, they should always
ensure that the data is managed properly and that they maintain high security standards and
safety of the data. They should thus form an important part of CyberLeet Technologies
growth.
1.3 Purpose of This Manual
It is important that new hires familiarize themselves with this document and ensure that they
meet its stipulated requirements. Notably, information security is becoming a significant part
of information and data management. New threats are arising each day, and that could lead
to information theft, information loss, or the damage to the information systems altogether.
CyberLeet Technologies has been growing as a result of its high information security
standards and ability to meet the needs of the customers. These have been necessitated by
the adherence of existing customers to the set organizational guidelines, requirements,
goals, and values. For continued growth, it is important that the new hires ensure that they
fully understand and comply with the document requirements. Moreover, policies regarding
information security are on the increase and target to safeguard the data owners as well as
the employees, which means that service providers need to be highly accountable.
A lot is at stake in the event that new hires fail to adhere to the document’s requirements
and providing high-quality services. Notably, there is rising competition in the information
security services industry, which means that CyberLeet could easily lose its customers if it
does not provide quality services, the repercussions of which are set to be felt by both the
company and the employees. At the same time, CyberLeet appraises its employees based
on their accountability, diligence, and quality of work. Therefore, each of them should ensure
that they excel in their fields. Government agencies are becoming strict on adherence to the
set information security standards, and where service providers could easily lose their
business licensure and be fined large amounts of money in the event that client data was
compromised as was the case with (Abrams, 2017).
Company Manual
Page |6
CYBERLEET TRAINING MANUAL
SECTION 2: Core Tenets of Cybersecurity
2.1 Confidentiality
Confidentiality revolves around data disclosure. Notably, different data sets are designed for
different purposes and should thus two data sets could have two groups of individuals each
of which is allowed to access each of them. At the same time, it is also possible that two
groups could access a particular data set but their access privileges differ. This is what is
referred to as confidentiality, and that involves the protection of information from access by
unauthorized personnel (Stallings & Brown, 2012). It is a core tenet of cybersecurity. In the
case of CyberLeet Technologies, for example, the data stored within the systems comprises
of various clients that offer relatively different services. While it is important to ensure that no
organization has access to data belonging to another, it is equally important to ensure that
no unauthorized employees access data within the organization as it may compromise its
security and confidentiality. Therefore, methods of maintaining information confidentiality
such as passwords and encryption of data will always form a core component of CyberLeet
Technology operations.
From a business perspective, it is important to understand that CyberLeet Technologies’
clients hold confidential information of their clients. At the same time, one of their purposes
of contracting CyberLeet is because they lack the necessary infrastructure to maintain data
confidentiality on their premises. Therefore, it is the duty of CyberLeet to ensure that vital
information does not fall into the wrong hands. Rather, only the personnel that the clients
authorize will access this data and particularly since the clients will be supplied with security
clearance such as passwords. Maintaining data confidentiality is important when it comes to
building trust between the client and the service provider.
Company Manual
Page |7
CYBERLEET TRAINING MANUAL
2.2 Integrity
Data integrity revolves around the accuracy and consistency of the data systems. Notably,
the clients submit their data in unprocessed forms. It is thus the duty of CyberLeet
employees to enter the data and process it with the support of the company’s sophisticated
information system. At the same time, different clients submit different types of data to the
company, and they may need this data availed in their preferred forms and processed in a
particular way. These differences could make it difficult to maintain this data, and that could
be worsened by the possibility of data mix up due to the presence of many clients. All these
are some of the components of data integrity, and that seeks to ensure consistency and
accuracy of the data (Stallings & Brown, 2012).
Other than the above issues, there may be a challenge when it comes to availing the data to
the clients. This may arise as a result of tampering with the data either at the company or in
the course of transmission. To ensure integrity at the company’s premises, only authorized
personnel will edit or modify the data. As had been indicated earlier, data will be stored and
transmitted in encrypted form. To ensure that the encrypted data reaches the clients in the
right form and in full, hashing methods may be necessary, and where the transmitted
packets are checked on the client-side against a checksum that is generated when
transmitting the data (Sanders, Randall & Smith, 2013). This will thus be a critical area in the
service delivery at CyberLeet Technologies.
Company Manual
Page |8
CYBERLEET TRAINING MANUAL
2.3 Availability
Clients may need to access their data from time to time. In this case, it is important that the
data is always accessible and available on-demand. This may be a challenge for many
organizations and particularly due to the possibility of the system and network failure or
information loss. This may come as a frustration to the clients and particularly since they do
not request the data in advance from the organization. Rather, their target is to have access
whenever they wish. Organizations can easily lose data as a result of negligence amongst
the employees, system failure, failure of components, and even malware that may wipe all
the data from the system. As such. Availability of data is the ability of the clients to access
the data and in the right form, while at the same time ensuring that it is only available to the
authorized personnel (Stallings & Brown, 2012).
At CyberLeet Technologies, the technicians have the responsibility to ensure that the system
is online at all times and, in the event that the system is to undergo upgrading and
maintenance, it should be done at a time when it causes the least possible inconvenience to
the clients. In fact, all clients need to be alerted in a …
Purchase answer to see full
attachment

Order a unique copy of this paper
(550 words)

Approximate price: $22

Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
The price is based on these factors:
Academic level
Number of pages
Urgency

Order your essay today and save 15% with the discount code ESSAYHELP