PART 1: COMPANY SELECTION, ESTABLISH CYBERSECURITY AND RISK PROFILE
In Part 1 you will choose a company from the Inc. Magazine “2020 Inc. 5000”, a list of the fastest-growing companies in America, located at https://www.inc.com/inc5000/2020. When thinking of this, consider the organization you are examining in the final project effort.
Write an executive summary (about 2 pages) with the following information:
- Write a short summary of what your company does. When writing your summary answer questions such as, what products and services your business offers, what your customer base is, and the maturity of your organization (e.g. is it a startup or an established company?)
- Describe the company culture (company websites are great for this)
- Describe any regulatory/legal requirements that the company would have to follow
- Based on its business and regulatory requirements and culture, summarize the overall security risks the company faces and the impact of those risks. Describe at least 3 specific risks from a cybersecurity perspective that you think are the most impactful and why. Be specific and leverage concepts from the class.
PART 2: DEVELOP A CYBERSECURITY “HANDBOOK” FOR NEW EMPLOYEES
As part of your role as a cyber analyst for your selected company, you are part of the team developing an overall security awareness and training program. One of your team’s deliverables is to develop a New Employee Handbook that provides BOTH awareness and training to your company’s new employees based on company security policies related to regulatory impacts and the risks you developed in Part 1.
The goal of this handbook is to make new employees of your company aware of the company’s security policies, regulatory requirements, and risks from a cybersecurity perspective.
Your handbook should address and/or meet the following design requirements:
- Be long enough to cover everything below (about 3-4 pages in length)
- Use images, graphics, or other creative content (Encouraged, but as a compliment and not a substitute to your content). In other words, I won’t accept 3-4 pages of graphics and images, but you may add those to your content to help emphasize a particular topic area.
- Focus on the 3 risks identified in Part 1
- Be a balance of awareness and training; Awareness – Create awareness for your new employees around regulatory/legal and cybersecurity risks and best practices. Training – Encourage the proper behaviors and expectations for new employees
- Not be boring and must match the culture of the company
- Hint – I would do some research on examples of New Hire Cybersecurity Handbooks or something similar before starting. Please cite any sources as necessary
- FORMATTING REQUIREMENTSThis paper should be 5-6 pages in length. Use a clearly legible font and font size (11 point is preferred).Use “Normal” margins (1” or less on all 4 sides). Use 1.5 or double line-spacing. Keep extra spacing between paragraphs limited. Assignments generally read better when you have headings for major section breaks.