An organization should establish an effective cybersecurity training program for personnel having authorized access to critical cyber assets.
Create a training plan for everyone who works at the organization. The training plan should address (but is not limited to) the following:
Articulate a culture of security awareness, collaboration, and buy-in among management, staff, clients, and stakeholders.
Describe common security risks and how to avoid them.
Describe policies, access controls, and procedures developed for critical electronic devices and communication networks.
Describe the proper use of critical electronic devices and communication networks.
Describe the proper handling of critical information.
Present action plans and procedures to recover or reestablish critical electronic devices and communication networks.
Address the risks resulting from insecure behavior of employees.
APA style is not required, but solid academic writing is expected.
Refer to "CYB-690 Cybersecurity Training Scoring Guide," prior to beginning the assignment to become familiar with the expectations for successful completion.
CYB- 690 Cybersecurity Training Scoring Guide Performance Level Ratings Meets Expectations Performance consistently met expectations in all essential areas of the assignment criteria, at times possibly exceeding expectations, and the quality of work overall was very good. The most critical goals were met. Near Expectations Performance did not consistently meet expectations. Performance failed to meet expectations in one or more essential areas of the assignment criteria, one or more of the most critical goals were not met. Below Expectations Performance was consistently below expectations in most essential areas of the assignment criteria, reasonable progress toward critical goals was not made. Significant improvement is needed in one or more important areas. Criteria Below Expectations Near Expectations Meets Expectations Earned The student creates a comprehensive training to: Articulate a culture of security awareness, collaboration, and buy-in among management, staff, clients, and stakeholders. 0 pts – 2 pts 3 pts – 4 pts 5 pts Describe common security risks and how to avoid them. 0 pts – 6 pts 7 pts – 9 pts 10 pts Describe policies, access controls, and procedures developed for critical electronic devices and communication networks. 0 pts – 6 pts 7 pts – 9 pts 10 pts Describe the proper use of critical electronic devices and communication networks. 0 pts – 2 pts 3 pts – 4 pts 5 pts Describe the proper handling of critical information. 0 pts – 6 pts 7 pts – 9 pts 10 pts Present action plans and procedures to recover or reestablish critical electronic devices and communication networks. 0 pts – 6 pts 7 pts – 9 pts 10 pts Address the risks resulting from insecure behavior of employees. 0 pts – 2 pts 3 pts – 4 pts 5 pts Prose is largely free of mechanical errors. The writer uses a variety of effective sentence structures, figures of speech, and industry terminology. 0 pts – 2 pts 3 pts – 4 pts 5 pts TOTAL /60 Instructor Feedback You may have your template, but please don't forget my requirements since day one: Cover page, Table of contents, Introduction, References, etc. Now, here is the assignment, and I want to break it down even more in pieces so you can understand what I want to see in your report. An organization should establish an effective cybersecurity training program for personnel having authorized access to critical cyber assets. Create a training plan for everyone who works at the organization. The training plan should address (but is not limited to) the following: 1 - Articulate a culture of security awareness, collaboration, and buy-in among management, staff, clients, and stakeholders. Write in a meaningful way; how would be the best way to protect your organization's assets. And it continues to provide you information such as collaboration, buy-in among management, staff, clients, and stakeholders. Always remember (but is not limited) 2 - Describe common security risks and how to avoid them. A report in detail about common security risks and how to avoid them. I don't want to see it: "If my organization has a virus, we buy anti-virus." It's not only monotonous writing but also dull, and for a master class, you need to practice your writing and enhance your skills - content and quality are essential. 3 - Describe policies, access controls, and procedures developed for critical electronic devices and communication networks. A report detailing issues related to policies, access controls, and procedures developed for critical electronic devices and communication networks. Although I understand that many electronic devices are involved, such as cell phones, iPad, laptops, desktops, Servers, Cameras, Proximity cards, and the list goes on and on depending on your organization. You don't have to provide me a manual for each device with all the characteristics, but I need to know what you have and use to protect. 4 - Describe the proper use of critical electronic devices and communication networks. A report detailing how to: handling, locking, deal with privacy issues, etc.). 5 - Describe the proper handling of critical information. A report detailing how to handle PII, HIPAA, etc. 6 - Present action plans and procedures to recover or reestablish critical electronic devices and communication networks. A report in detail and much more; please check the powerful words of this sentence. Once again, I don't want to see it: "If my organization has a virus, we buy anti-virus." 7 - Address the risks resulting from the insecure behavior of employees. A report in detail and much more. What will happen if you have to come up with an Issue, an Action, and the Outcome. Remember, this is a training plan. As much detail you provide is better. /