Cybersecurity threats have continued to pose significant problems to multiple organizations, which have concentrated their efforts to fight cyber-threats from
external sources. Most organizations forget to address internal human errors. The 2018 IBM X-Force Threat Intelligence Index, an annual evaluation that
reports cybersecurity threats industries are dealing with, and the EY Global Information Security Survey 2018-2019 reflect that over 95% of all cybersecurity
incidents investigated involved human error. Although human error can never be eliminated entirely, incidents can be reduced by establishing clear
cybersecurity, policies, standards, procedures, guidelines, and providing regular employee training.
The CEO of NCU-FSB has stated that the recent cybersecurity attacks on the organization’s resources were due to internal errors from HR employees. As the
newly employed chief information security officer (CISO) for NCU-FSB, the CEO has asked you write a report on cybersecurity providing an overview that will
be presented to the board of trustees of the organization.
Your presentation should:
Provide a brief overview of the differences between policies, standard procedures, guidelines, and baselines for the protection of paper and electronic
processes, forms, and reports.
Provide a clear explanation of the information security lifecycle and the role risk management plays in each phase.
Describe a policy hierarchy of the implementation.
Describe a clear cybersecurity policy component.
Data encryption tool (firewalls, activity-tracker, monitoring tools, etc.).
Describe the policy impact assessment.