Business Profile: Cybersecurity Program For Blue Wire LLC

5business Profile Cybersecurity Program For Blue Wire Llckasim G Bar

5 Business Profile: Cybersecurity Program for Blue Wire LLC Kasim G. Barnett Grand Canyon University: CYB-690 August 5, 2020 Business Profile: Cybersecurity Program for Blue Wire LLC The prevalence of cybersecurity threats necessitates the need for cybersecurity programs in any company with an information system. The National Institute of Standards and Technology (NIST) should help define cybersecurity program requirements hence the basis of framework compliance. Framework compliance is about the best practices and standards applicable to the management of security risks involved (Sicari, Rizzardi, Grieco, and Coen-Porisini, 2015). The significance of risk management in any organization involves data protection, not only against damage but also from falling into the wrong hands.

This report encompasses the cybersecurity framework for Blue Wire LLC. The medium-sized business includes business details, vision mission statement and goals, products and services, and technology and security solutions adopted by the company. The insurance company has two branches in Los Angeles, California, USA, with housing insurance (mortgages) as its top brand. Therefore, Blue Wire handles sensitive financial information that belongs to its customers. The business details of the company include; · Company Name: Blue Wire LLC · Established Date: July 2010 · Physical Address: Los Angeles, California, USA · Phone: · Fax Number: · Website URL: · Email Address: [email protected]

Vision Mission Statement and Goals Mission Statement Les Mac (2016) asserts that a company's mission statement defines its business, objectives, and approach to reaching those objectives. In most cases, Blue Wire LLC's mission statement is meant to support the company vision and serves to communicate purpose and direction to employees, customers, and other stakeholders. Blue Wire LLC insurance provides peace of mind for our customers by delivering innovation and excellence in our product and services. In all we do, Blue Wire is dedicated to going beyond the expectation. Vision Statement Blue wire LLC Vision statement is meant to provide a mental picture of the ideal state that the company wishes to achieve in the future. The blue wire vision statement state that; †our vision is be the dominant insurance company in the USA, and globally, riding on the unique Blue wire model providing innovative insurance solution for distinctive customer experiences." Goals and Objectives Business goals are meant to set a specific target without necessarily providing the blueprint of achieving the pre-determined goals. On the other hand, objective tends to be specific and measurable activity meant to achieve the business goals. Blue wire LLC's goal is to achieve a premium growth of 30 percent and a turnover of $60 Million. At the same time, the company's objective is to set an incubation center that is meant to incubate new technology and business initiatives to fast-track new business models and product concepts.

Industry Information/Experience Blue wire LLC has over 60 years of working in the US financial sector and has built a strong team of leaders with abundant wealth, knowledge, and expertise in the industry. The long-term experience in the US market provides a strong foundation for the establishment of global networks, which is instrumental in designing world-class insurance products and services. Major Stakeholders Blue Wire LLC conducts business operations on the US financial markets by collaborating with insurance brokers, private and public institutions, banks, and independent agents. The primary stakeholder at Blue Wire LLC includes Willis Tower Watson P.L.C and the US Bancorp bank. Company Organizational Flow ( Executive committee ) ( IT function HR function Finance function ) ( Claim officer ) ( Underwriting officer ) ( Sale officer ) ( BOARD OF DIRECTORS ) ( GENERAL MANAGER ) ( SUPPORT SERVICES ) ( CLAIM DEPARTEMENT ) ( UNDERWRITING MANAGER ) ( SALES AND MARKETING )

Products and Services Main Products Since its inception, Blue Wire has provided traditional reinsurance products, developing competent and experienced technical capacity in writing both life and non-life insurance. The company offers non-life products such as mortgage insurance, accident, and motor class. Besides, the company recognizes the changing need of its client and has invested heavily in research and innovation. Besides, the company offers education policy insurance product designed as a saving tool to provide an amount of money for student education. In contrast, the health insurance product is meant to caution the consumer base against the diverse cost implication of medication. Service Offerings Blue Wire LLC offers the following services, social insurance, and guarantee insurance. The social insurance services comply with the US government to provide insurance cover to individuals against emergencies that might result in financial problems. On the other hand, the guarantee insurable is meant to provide a financial investor with debt securities with guaranteed payment for interests and principles. Consumer Base Blue Wire LLC is the second-largest stand-alone mortgage insurance provider with a customer base of 15 million. The company has a network base of 600 offices throughout the US, serving private and public institutions. The entire business operation at Blue wire is hinged on the availability of reliable data while the pricing molding of premium depends on the analysis of data. Besides, the company relies on data analysis to determine provider performance and regulation compliance. Technology and Security Solutions The growth in the number of cyberattacks targeting the insurance and financial sector is growing exponentially. The desire to enhance customer relationships and service delivery has forced many insurance firms to migrate towards digital channels; this shift in investment has resulted in highly integrated technology platforms such as agency portals and subsequently increased the susceptibility to attacks. Blue Wire LLC adheres to the California Consumer Privacy Act of 2018 (CCPA) as the first step toward data protection and security (De la Torre, 2018). The firm has compiled comprehensive data inventory and conduct frequent privacy notice prior to the collection of customer personal information. In addition to adherence to the state cybersecurity laws, the firm has adopted a fist of technological and security solutions to enhances data protection and security. Blue Wire LLC conducts a majority of its business using online platforms. To ensure website security, the firm conducts regular code review and security testing to prevent any potential occurrence for software errors. The company utilizes a centralized web application firewall security system that offers a synchronized system (Manaseer & Al Hwaitat, 2018). Web Application firewall has the inherent ability to detect and prevent a variety of web attacks from the same attacker or the same type of attacks. Blue Wire LLC implements an in-depth defense mechanism by integrating both proactive and reactive technologies. The approach used by the company is the use of endpoint detection and response (EDR) software, which is used to monitor and rapidly respond to threats. The EDR software is a viable solution at Blue Wire LLC due to has wide range of computers and mobile devices that are used by both employees and other stakeholders within the firm. The EDR maintains a low profile on the protected systems only reacts to threat once detected. The EDR, at times, misses critical information due to the dependency on artificial intelligence. The firms use the managed EDR to provide more in-depth investigation, analysis, and validation of threat through threat intelligence, forensic data collection, and human expertise (Cybriant, 2019). The combination of both EDR and managed EDR ensures that the company has both security posture and combined, which significantly reduces the incident of cyberattacks. References Cybriant. (2019). Why is EDR Important? Managed Endpoint Detection & Response | by Cybriant | Medium. Retrieved from De la Torre, L. (2018). A guide to the California consumer privacy act of 2018. Available at SSRN . Les Mac, L. (2016). Mission, vision, and values statements: the physician leader's role. Physician Leadership Journal , 3 (5), 18. Manaseer, S., & Al Hwaitat, A. K. (2018). Centralized Web Application Firewall Security System. Modern Applied Science, 12(10), 164. doi:10.5539/mas.v12n10p164 Sicari, S., Rizzardi, A., Grieco, L. A., & Coen-Porisini, A. (2015). Security, privacy, and trust in the Internet of Things: The road ahead. Computer networks, 76, .

Paper For Above instruction

Within Blue Wire LLC, the utilization of data governance and IT governance plays a pivotal role in ensuring cybersecurity resilience, regulatory compliance, and efficient data management. Although these two frameworks are interconnected, they serve distinct purposes within organizational management. Data governance primarily focuses on the management, security, quality, and policies surrounding data assets, emphasizing ensuring data integrity, privacy, and compliance. IT governance, meanwhile, emphasizes aligning IT strategies and infrastructure with overarching organizational goals, ensuring that technology investments support business objectives effectively (Weill & Ross, 2004).

Blue Wire LLC leverages data governance to establish comprehensive policies governing data collection, storage, privacy, and access. This approach ensures that customer data, especially sensitive financial and personal information, is protected against unauthorized access, breaches, and misuse. Through data classification, access controls, and consistent data quality management, Blue Wire minimizes risks associated with data mishandling or failure to comply with standards like the California Consumer Privacy Act (CCPA) (De la Torre, 2018). Furthermore, data governance ensures the organization maintains a single source of truth, streamlining decision-making processes derived from accurate and consistent data analytics, which are critical for dynamic insurance product pricing and risk assessment.

Conversely, IT governance in Blue Wire LLC aligns the company’s technology initiatives with its strategic goals. It involves defining decision-making structures, accountability, and processes that oversee IT investments, infrastructure, security protocols, and operational procedures. IT governance frameworks such as COBIT or ITIL enable Blue Wire to implement risk management practices, monitor system performance, and ensure compliance with cybersecurity laws and standards. These frameworks help in deploying and managing cybersecurity solutions like Web Application Firewalls (WAF), Endpoint Detection and Response (EDR), and other security tools effectively (Weill & Ross, 2004). Their purpose is to minimize technology-related risks that could compromise data security or operational capabilities.

Despite their differences, data governance and IT governance are synergistic at Blue Wire LLC. Data governance informs the policies and standards that guide data handling, which are enforced through the IT governance structure. By integrating both, Blue Wire ensures that technological processes support data quality, security, and privacy mandates consistently across the organization. This alignment promotes a robust cybersecurity posture, enabling the organization to defend against rising cyber threats effectively.

The responsibility for overseeing information governance within Blue Wire LLC resides with a designated Chief Data Officer (CDO) or Chief Information Officer (CIO), depending on organizational structure. This position bears key accountability for establishing, implementing, and maintaining data governance policies, ensuring compliance with legal and regulatory frameworks, and coordinating with IT security teams. The CDO or CIO is supported by a cross-functional team comprising data stewards, security specialists, legal compliance officers, and IT professionals who collaborate to enforce data policies, manage security protocols, and foster a culture of security awareness (Khatri & Brown, 2010).

This governance role involves not only setting standards but also monitoring adherence, conducting audits, and managing incident response related to data breaches or security incidents. The support structure includes ongoing training programs, cybersecurity frameworks, and internal audits to reinforce compliance and best practices. Effective support ensures that the accountable position can respond promptly to emerging threats, implement technological updates, and adapt policies to evolving cybersecurity landscapes, fostering an organizational culture rooted in data integrity, privacy, and security.

References

• Khatri, V., & Brown, C. V. (2010). Designing Data Governance. Communications of the ACM, 53(1), 148-152.
• Weill, P., & Ross, J. W. (2004). IT Governance: How Top Performers Manage IT Decision Rights for Superior Results. Harvard Business Review Press.
• De la Torre, L. (2018). A guide to the California consumer privacy act of 2018. SSRN.
• Sicari, S., Rizzardi, A., Grieco, L., & Coen-Porisini, A. (2015). Security, privacy, and trust in the Internet of Things: The road ahead. Computer Networks, 76, 146-164.
• Les Mac, L. (2016). Mission, vision, and values statements: the physician leader's role. Physician Leadership Journal, 3(5), 18.
• Manaseer, S., & Al Hwaitat, A. K. (2018). Centralized Web Application Firewall Security System. Modern Applied Science, 12(10), 164. doi:10.5539/mas.v12n10p164
• Cybriant. (2019). Why is EDR Important? Managed Endpoint Detection & Response. Medium.