During your time in this course, you have selected one of the following industries: aerospace, healthcare, or government agencies. You have completed assignments in Units I through VII that were designed to build towards this final project submission. For this project, you will combine all your assignments into one project. Please model your project on theUnit VIII Project Template. Your projectmust beat least 10 pages in length.
CAUTION: Before submitting your final project, make sure you have made any corrections in your previous unit assignments based on feedback given by your professor.
Adhere to APA Style when creating citations and references for this project assignment. APA Style formatting, however, is not required.
Unit SEC 4320, IS Security Capstone 1 Course Learning Outcomes for Unit VIII Upon completion of this unit, students should be able to: 1. Compile a vulnerability assessment using the current security posture. 2. Create an IS Security Plan. 3. Develop a budget plan for incident response and disaster recovery. 4. Propose a security plan for a project solution. 5. Construct preventative measures to ensure critical assets are secure. Course/Unit Learning Outcomes Learning Activity 1 Article: “Cybersecurity Risks and Controls” Article: “Auditing for Cybersecurity Risk” Unit VIII Project 2 Unit Lesson Unit VIII Project 3 Unit VIII Project 4 Article: “Cybersecurity at the Grassroots: American Local Governments and the Challenges of Internet Security” Unit VIII Project 5 Unit VIII Project Required Unit Resources In order to access the following resources, click the links below. Al-Moshaigeh, A., Dickins, D., & Higgs, J. L. (2019, June). Cybersecurity risks and controls. The CPA Journal, 89(6), 36–41. https://libraryresources.columbiasouthern.edu/login?url=http://search.ebscohost.com/login.aspx?direct =true&db=bsu&AN=136901848&site=ehost-live&scope=site Norris, D. F., Mateczun, L., Joshi, A., & Finin, T. (2018, September). Cybersecurity at the grassroots: American local governments and the challenges of Internet security. Journal of Homeland Security & Emergency Management, 15(3), 1–14. https://libraryresources.columbiasouthern.edu/login?url=http://search.ebscohost.com/login.aspx?direct =true&db=asn&AN=132626748&site=ehost-live&scope=site Wertheim, S. (2019, June). Auditing for cybersecurity risk. The CPA Journal, 89(6), 68–71. https://libraryresources.columbiasouthern.edu/login?url=http://search.ebscohost.com/login.aspx?direct =true&db=bsu&AN=136901855&site=ehost-live&scope=site UNIT VIII STUDY GUIDE Security Project https://libraryresources.columbiasouthern.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bsu&AN=136901848&site=ehost-live&scope=site https://libraryresources.columbiasouthern.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=asn&AN=132626748&site=ehost-live&scope=site https://libraryresources.columbiasouthern.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bsu&AN=136901855&site=ehost-live&scope=site SEC 4320, IS Security Capstone 2 UNIT x STUDY GUIDE Title Unit Lesson Congratulations! This is the last lesson for this course, but it is a very important lesson. During your time in this course, you have selected an industry in one of the following areas: aerospace, healthcare, or government agencies. You developed a request for proposal, vendor assessment checklist, security framework, critical security control identification, information technology (IT) risk and mitigation, and a business continuity plan. You also looked at many kinds of regulations and frameworks such as the National Institute of Standards and Technology (NIST), Cybersecurity and Infrastructure Security Agency (CISA), Center for Internet Security (CIS) Critical Security Controls (CSC), National Vulnerability Database (NVD), Common Vulnerabilities and Exposures (CVE), and those other regulations and or frameworks that each one of you have researched for your industry. This accumulation of research will be appended together as a project. However, more importantly, it will be known as your personal cyber security project. This project is your interpretation of how a request for proposal is structured in the event that you need to develop a request for proposal within a security environment. It also described how to use certain security tools to mitigate risks and vulnerabilities to properly secure the IT infrastructure and people. Of course, there are those critical controls that need to be identified and addressed in order to inform management of their importance. Remember, it is upper management who determines which assets are critical and how much risk they are willing to accept from the vulnerabilities for which you recommend mitigation. Once you have put all the pieces of your individual assignments together, you will gain a better understanding of what is needed to protect the organization’s assets and people. Each of you will have different projects depending on which area of industry you have selected. Each project will have its own regulations such as the Health Insurance Portability Accountability Act (HIPAA) that regulates healthcare industries. Of course, there are the different security frameworks that each organization will adopt. What you have researched and learned to piece together is just the tip of the iceberg, but it is a very important piece of security governance. However, you must realize that in today’s world, it is not good enough just to plan for security. It is more important to conduct a means of continual security oversight. In other words, organizations must make sure that the security processes that have been put in place work efficiently and correctly. Without such security oversight, the IT assets are vulnerable to outside or inside cybersecurity attacks. The project that you have created in Unit VIII could be used as a capstone portfolio for a prospective security employer, as it describes what you have learned during your degree program. Just make sure that you have corrected all the issues for each of those assignments by reviewing your professor’s feedback, as it would be embarrassing to show your prospective employer that your project had spelling or grammatical errors, that it was not formatted correctly, or that tables or drawings were too small to read. Therefore, take pride in the project you have done. Since for many of you, this is your last course or last core requirement, you might be looking for a job in cybersecurity. The following two videos contain information that may help you in your job search: Cyber Security Skills Employers Want video The Best Guide to Entry Level Cyber Security Jobs video Transcripts and closed captioning for both videos are available once you access them. Again, congratulations on completing the IS Security Capstone course. https://c24.page/2ztuukdd5skj5k5h2c7ukae4rr https://c24.page/zpvwfvrh7vymf45a7uwzeamqvd Course Learning Outcomes for Unit VIII Required Unit Resources Unit Lesson Title Student Name Date of Submission Table of Contents Executive Summary (one page or less) Chapter I RFO Outline Chapter II Vendor Assessment Checklist Chapter III Cybersecurity Framework Chapter IV Security Assessment Tool Chapter V CIS Critical Security Control Assessment Chapter VI IT Risk and Mitigation Identification Chapter VII Business Continuity Plan References (Be sure to include all references used in the unit assignments)