What is Information Security (IS) and how is IS used in an organization, company or federal agency?
What is an Information Security Program (ISP) and how is an ISP used in organizations, companies and federal agencies?
In order an Information Security program to be successful within an organization it must relate to the mission. Cyber Security should not prevent an organization from accomplishing its mission or meeting the needs of their customer. Provide some examples of outside influences that can positively shape a well-designed security program.
Discuss some recent natural disasters that have occurred in the news. How do you think each impacted the businesses in the area? What steps can you imagine were taken in order to resume operations? Be sure to cite your sources.
How do policies, regulations and laws impact information security in organizations, companies or federal agencies?
In your opinion, what are the types of Laws that impact information security in organizations, companies or federal agencies?
How do Laws and Ethics impact information security in organizations, company or federal agencies?
What is a System-Specific Security Policy and how does this policy affect a system and application?
Name an event, present day or in history, where risk was not taken into account. What was the impact of the event? How could risk have been mitigated or managed more effectively? You do not have to limit your submission to the information technology field but try to submit an original example.
Using the Web, search for at least three tools to automate risk assessment. Collect information on automated risk assessment tools. What do they cost? What features do they provide? What are some of the advantages and disadvantages of each one?
What is the mission of an Information Security Program in an organization, company or federal agency?
Please name some of the components of an Information Security Program and identify the component that has the most importance in your opinion?
Read each of the following articles. Which cyber threat from the list below do you consider to be the most serious threat to the safety and security of the United States and other Western Nation’s? Is there a bigger threat not listed? Be sure to say why and please do not feel like you have to limit your answers to these four threats.
This discussion question was inspired by a former CSIA303 student. Take a look at the Information Assurance Support Environment (IASE) online training that is provided by DISA. Either complete the Cybersecurity Awareness Challenge or take a look at one or more of the IA for Professionals Shorts (I did the ones on SCADA, FISMA, and Zero-Day Vulnerabilities). What did you learn? Will you share the site with others? The link to the courses can be found at http://iase.disa.mil/eta/online-catalog.html Name one thing you would change to make this course better