CYB 670 Global Campus Protecting the Homeland Essay
exercise and the sector assigned to you. Now, each team will need to prepare a brief, itemized list of cybersecurity policy issues as it applies to the team’s assigned sector. After completing the list, with the same industry-specific focus, each team will write four-page Federal and State Policy Comparison report that compares federal policies with individual state standards that might exist.
Step 4: Analyze the Interrelations in Cybersecurity
The swift pace of ELITE, which simulates the pace of cyberattacks, disaster response, and other events affecting cybersecurity in general, requires the rapid creation of a solid cyber defense strategy. Analyze the interrelations between cybersecurity technology decisions and the cyber policies submitted in the previous step. Incorporate aspects of security operations, in which your team will identify the policies and roles of players in the sector, and build the defense strategy to accomplish the mission and provide for sector-wide secure infrastructure.
As a team, create a two- to three-page brief on the expected relationships, especially regarding your sector. The first page should include an overview of your assigned sector. This analysis will be included in a team sector brief, submitted in a later step.
Security Operations
All organizations have some type of security requirements to protect their assets (e.g., information, facilities, personnel). In establishing these security operations, organizations must first identify the resources that need to be protected and then select the appropriate measures to eliminate the exploitation and destruction strategies of these resources. These measures, or controls, define the who, what, when, where, how, and why of access to organizational assets.
Both processes and procedures for auditing and monitoring these resources must be defined and mechanisms for identifying, reacting to, and documenting security events must be established. Whether it be an active, network-based strategy for enforcing policy and access control, as with an intrusion prevention system (IPS), or a passive one, such as an intrusion detection system (IDS), ensuring that access control monitoring and management mechanisms are in place is critical to an effective security operations plan.
And while planning to thwart attempts to attack organizational assets and identifying vulnerabilities may put organizations in a good security posture, they should never assume they are completely protected from attacks. To that end, organizations should prepare for disruptions that could affect their normal business operations and document procedures to be followed if any such scenarios should become a reality.
By creating both a business continuity plan (BCP) and a disaster recovery plan (DRP), organizations will be ready to resume operations if they experience major disasters or system outages. Both BCP and DRP involve the creation, testing, and revision of actions necessary if any of these events should occur. While the BCP identifies exposure to internal and external threats and protects against interruptions to critical business processes by defining the procedures to facilitate the recovery of business operations with minimal loss, the DRP outlines the procedures for emergency response, extended backup operation and postdisaster recovery, enabling the organization to handle applications while steps are completed to bring the systems back to normal operations as quickly as possible.
If organizations do experience an attack, investigative measures and techniques should be enlisted to determine if a crime has been committed or if someone has unlawfully accessed resources. The investigative process (i.e., identification, preservation, collection, examination, analysis, presentation, decision) must be followed in conjunction with the evidence life cycle (e.g., collect, analyze, present, return) and the rules of evidence. And if these security-related incidents do occur, ensuring that services to respond reactively and a prescribed incident management approach are in place will enable organizations to quickly recover.
Step 5: Analyze the Impact of Policy on Research and Development
Once again from the perspective of your assigned sector, write one to two pages on the impact of federal and state policies on research and development of cybersecurity solutions. This analysis will be included in the team sector brief submitted in a later step.