Learning Goal: I’m working on a public service presentation and need an explanation and answer to help me learn.
You are an information system security professional for CCS International, a company that provides IT personnel for a variety of government and private contracts. The organization to which you are currently contracted hires a new chief security officer (CSO) after the previous CSO retires. Although the new CSO is in charge of security for the organization’s data assets, networks, and computer systems, her background and most recent experience is in physical security, and she knows very little about information security. Your manager explains that you have been assigned the task of preparing an information brief for the new CSO, which will provide her with the basics of cyber security, acquaints her with the current threats facing your organization’s data infrastructure, and the legal issues related to protecting the enterprise.
Your script should be written in an academic format, should be logically organized (e.g., introduction, body, and conclusion)
What is cyber security, and what are some of its key concepts?
What are the most significant threats to your data, and what are some of the root causes of those threats?
Are cyber criminals a real danger to your enterprise? Why or why not?
What is risk management, and how can the risk management process help you protect your infrastructure and data?
What are some computer security best practices that you would recommend, and how will they help protect your IT assets?
If your organization does become a victim of a cyber-crime or a security incident, how will you respond? What types of evidence would be important to your investigation, and how would they be used? What would law enforcement’s role be in your incident response plan?
Are there any laws at the local, state, federal, or even international level that protect your organization by imposing penalties on cyber criminals? Provide at least one example of a cyber-crime court case, and explain both its outcome and its significance.
What do you need from the CSO to best protect your organization? Justify your requests.
https://www.itu.int/en/ITU-D/Cybersecurity/Documents/Cybercrime2014_E.pdf – Chapter 2 The Phenomena of CyberCrime (Pages 11-76)
Chapter 3 The challenges of fighting cybercrime (Pages 77-100)
Chapter three: Legislation and frameworks, Pages 51-76,
Chapter five: Law enforcement and investigations, Pages 117-156