Before you begin read: https://www.energy.gov/sites/prod/files/2014/03/f13/C2M2-v1-1_cor.pdf
Our class focuses on integrating many different aspects of cybersecurity, information security, and information assurance. Recent developments in the field of cybersecurity have resulted in a number of “maturity models” which can be used by external assessors to evaluate the maturity level of an organization’s cybersecurity management program.
For this discussion paper, you will need to research the Department of Energy’s Cybersecurity Maturity Model and then compare it to the NIST Cybersecurity Framework and other frameworks listed in the course readings. After you have done so, write a position paper in which you recommend a cybersecurity framework or maturity model as the basis for assessing the cybersecurity program for Padgett-Beale Financial Services. Assessments will be performed on an annual basis beginning one year after the company launches its new operations.
Remember: Each sector has regulators that use the framework to rate your security program. You need to pay attention to what framework the regulators in your sector (our case study is Financial Sector) are familiar with as you do not want to have to train them on your framework while you are being audited or examined.
Your 5-7 paragraph position paper must answer the following questions (at a minimum). (You will need to write clearly and concisely to fit all required information into this restricted length.)
What approach should the organization take in developing the Cybersecurity Management program? (What standards or frameworks should be used?)
What laws and regulations must be addressed by the Cybersecurity Management Program in a financial services firm?
What are the best practices that should be put into place to assess the maturity of PBI-FS’s cybersecurity management program?
Before you begin read: https://www.energy.gov/sites/prod/files/2014/03/f13/C2M2-
By admin