Discussions Instructions
About half a page per discussion topic with at least 1 reference each that is cited in the writing.
Unit 1
Topic 1: Investing in Security?
Organizations like Sony®, Target® and Home Depot® suffered major data breaches in recent years. Executives lost jobs, banks had to re-issue credit cards to customers, companies were fined millions of dollars, but these breaches had little impact on the bottom-line of these organizations. The losses that these organizations suffered right after the breaches have been erased, and the valuation of these organizations is back to the way it was before the breaches. For this discussion, review at least three recent industry publications and write at least 250 words on whether you think security is worth the investment.
Topic 2: Teamwork
As you know, teamwork is an important competency in the workplace. So, in general, we are not taught how to work in teams or where we fit in regard to team roles. Conduct research on the Internet about Belbin’s Team Roles. After understanding Belbin’s Team Roles, describe what roles you fit best in your dream job and why? Write a descriptive subject line for your initial post (not the unit or discussion number or your name; it is important to label content), and remember to use appropriate formal writing skills.
Unit 2
Topic 1: The Economics of Cyber Investment
Let us assume that most organizations have firewall and intrusion detection systems. However, in recent years, the number of attacks and data compromises has increased significantly. Does this mean that the firewalls and intrusion detection systems are not effective against these attacks?
Another viewpoint to this predicament is the possibility that organizations are getting bad advice from sales consultants. Aggressive sales tactics are causing administrators to deploy products not suitable for the business. The urgency to do something quickly is causing information security administrators to jump on the marketing pitch instead of aligning with the business objectives and protecting the organization.
Review at least three industry publications and explain why IT and cybersecurity administrators are missing the target when investing in cyber defenses. In your opinion, what can be done to align cybersecurity investment to business goals? Your initial posting should be at least 250 words.
Topic 2: Why I Want to Be on Your Team
By reviewing Belbin’s Team Roles, you now have an understanding of which role you could play in a team. Now it is time to convince the team lead you would be a good team player. Let us assume you will be on a team that is tasked with creating a feasibility study to move three critical IT systems to the cloud. Prepare a 1–3 minute transcript for a podcast introducing yourself to the team. Reflect upon your capabilities and describe the value you can bring to the project team. Also, what collaboration tools would you recommend to the team lead and why?
Unit 3
Topic 1: Recovering from a Cyber Attack
Regardless of whether you are a Cybersecurity or an IT professional, it is important to understand the security landscape. As you know, there are many published guidelines on how to recover from a cyber-attack. Please review at least three of them for this activity. The recovery phases are simplified into five steps. Explain how you, as the chief information officer, would perform each of these recovery steps for a fictitious hospital in downtown Cleveland with 700 beds, 150 doctors and 2,000 patients daily.
Assume you have managers working for you, and your managers lead different areas of information protection.
- Figure out the extent of the attack and contain the attack immediately.
- Determine how the attack happened.
- Assess the damage and remediate the vulnerabilities.
- Manage communication.
- Re-build consumer confidence.
Limit the responses for each step to 50 words.
Topic 2: Teams
Research a collaboration tool for a team to use. Some examples include Google Apps, Slack, and Basecamp. Also, do an exhaustive search for a Total Cost of Ownership template and a Risk Assessment template. Post the templates you found and explain why you think they would be good to use. Finally, after reviewing the collaboration tools, explain one advantage and one disadvantage of using them for team collaboration.
Unit 4
Topic 1: Alternatives to Net Present Value (NPV)
The Net Present Value (NPV) is just one formula that the industry uses to decide whether to proceed with an IT or cybersecurity investment. There are many other financial tools that organizations use to assess investment for return value. For this Discussion, you will research at least two other methods to assess IT or cybersecurity expenditures. Discuss the merit and deficiencies of these methods. Your initial post should be at least 50 words long.
Topic 2: Cybersecurity Investment as a Percentage of IT Expenditures
Most organizations have a cost model to decide how much of yearly net revenue to spend on cost centers. For information technology, this percentage is between 2% to 3%. For large organizations, this amount can be in the billions. Out of this percentage (2% to 3%), what percentage do you think organizations should invest in cybersecurity? Discuss in your posting three types of businesses – large (billion in sales), medium (minimum 10 million in sales) and small (less than a million in sales).
Unit 5
None in Unit 5
Unit 6
Topic 1: Frameworks
Take some time to do research on frameworks for cybersecurity in organizations. If you were involved in the decision making to adopt a cybersecurity framework for a financial company, what framework would you pick and why? Supply at least 150 words in your initial post.
