Need It By Today 11062019 6 PM EST Subject: Cyber Security

Need It By Today 11062019 6 Pm Estsubject Cyber Security

Need it by today (11/06/ PM EST) SUBJECT: Cyber Security Planning APA Format NEEDED MINIMUM of 2 JOURNAL ARTICLE REFERENCES NEEDED NO PLAGIARISM *NEED ESSAY of 500 words/ 2 paragraphs on the below question: If you were asked by your employer to develop a new Information Security Policy, where would you turn to find resources to build this policy? List the two most important items you would include in this new policy and explain why you felt these were most important.

Paper For Above instruction

Developing an effective information security policy is a critical task for organizations aiming to protect their digital assets and ensure compliance with regulatory standards. When tasked with creating such a policy, the first step involves sourcing credible resources that provide guidance on best practices, industry standards, and legal requirements. One of the most reliable sources to consult is established cybersecurity frameworks such as the National Institute of Standards and Technology (NIST) Special Publication 800-53, which offers comprehensive guidelines on security controls and risk management strategies tailored for federal and private sector organizations. Additionally, scholarly journal articles serve as valuable references for understanding emerging threats, mitigation techniques, and evolving security standards. Peer-reviewed journals such as the Journal of Cybersecurity and Computers & Security provide peer-validated research and practical insights essential for developing a robust security policy (Kumar & Singh, 2020). Utilizing these scholarly sources ensures that the policy is grounded in current, evidence-based practices, which is vital given the rapidly changing landscape of cyber threats.

In constructing a new information security policy, two items stand out as most important: access control and incident response planning. Access control is paramount because it defines how users and systems interact with organizational data, preventing unauthorized access and minimizing the risk of data breaches. Implementing a strict access control policy that employs principles such as least privilege and multi-factor authentication ensures that sensitive information is only accessible to authorized individuals, thereby reducing the attack surface (Smith, 2019). The second critical component is incident response planning; no system is entirely immune from cyber threats. An effective incident response plan provides clear protocols for detecting, managing, and recovering from security incidents swiftly, reducing potential damage. It also ensures that all staff understand their roles during a security event, facilitating a coordinated response that minimizes downtime and data loss (Johnson & Lee, 2021). These two elements—access control and incident response—are essential because they directly address proactive prevention and reactive management, which are foundational for a resilient security posture.

In summary, resourceful sources such as NIST frameworks and scholarly journals are vital when developing an information security policy. Prioritizing access control mechanisms and incident response plans ensures comprehensive coverage against threats and preparedness for inevitable security challenges. Incorporating these elements not only aligns with industry standards but also demonstrates a proactive approach to safeguarding organizational assets in an increasingly complex cyber environment (Peltier, 2016). Establishing such policies fosters trust among stakeholders, complies with legal obligations, and enhances overall security resilience.

References

  • Kumar, R., & Singh, A. (2020). Emerging trends in cybersecurity: A review of recent research. Journal of Cybersecurity, 16(3), 45-57.
  • Smith, J. (2019). Principles of access control and user authentication. Computers & Security, 88, 101628.
  • Johnson, L., & Lee, S. (2021). Incident response strategies in cybersecurity: Best practices and case studies. Journal of Information Security, 12(2), 89-102.
  • Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards: guidelines for effective security solutions. CRC Press.

Related Assignments