Assessment Description
Using all of the previous assignment information, students will present a comprehensive Cybersecurity Program that reports on the final state of their enterprise.
Refer to the “Cybersecurity Program Template,” prior to beginning the assignment to become familiar with the expectations for successful completion. .
APA style is not required, but solid academic writing is expected.
This assignment uses a rubric. Please review the rubric prior to beginning the assignment to become familiar with the expectations for successful completion.
You are not required to submit this assignment to LopesWrite.
Benchmark Information
This benchmark assignment assesses the following programmatic competencies:
MS Cybersecurity
4.1: Develop cybersecurity program aligned with business needs, regulations, and compliance standards to enhance an organization’s security posture (CAE KU 2, 10, 11, 12, 13, 17).
4.2: Determine appropriate business strategies to ensure business sustainability, availability, and reliability and articulate these needs to relevant stakeholders (CAE KU 13, 14, 16).
4.4: Interpret risk assessments, gap analysis, and current cybersecurity trends to formulate a cybersecurity governance strategy that establishes mitigation plans for future challenges to achieve security objectives (CAE KU 6, 10, 11, 12, 15).
CYB-690 Cybersecurity Program Template
Directions: The following program components are required within the Cybersecurity Program. Note: Add sections or subsections to the template as needed.
Program Components
Executive Summary
To include a business description.
Applicable Security Policies, Laws, and Regulations
Current System Description
To include a Workflow Diagram.
Cybersecurity Risk Assessment/Testing
To include an Organizational Risk Assessment Chart.
Recommendations
Cybersecurity Countermeasures
Proposed System Description
To include a Web Portal Diagram, Architectural Diagram, and System Design Document.
Monitoring
Incident Response Management
To include an Incident Response Plan.
Training and Communication
To include a Training Plan.
Continuous Improvement
To include a Cybersecurity Program Maintenance Plan.