You have been contracted by an organization to help their Information Security Awareness
Department develop an information security plan. Additionally, this organization is considering
moving many of its services to the cloud, including Microsoft office, payroll, benefits options,
and several applications used by various departments.
Eventually, this plan will be fully developed by a collaboration of the corporate IT team,
Security Operations Center, Cyber Incident Response Center, the Office of the Corporate
Security Architect, the CISO, and the CIO. For now, you have been tasked with developing
the following three sections:
? A high-level security awareness campaign to assist users in recognizing and identifying
social engineering attacks
? A high-level plan to protect network resources and assets
? Explanation of the benefits and challenges of securing cloud computing services
You need to create a fictitious organization within the sector of your choice. Define the selected
security opportunities your chosen sector is facing today, and provide well-researched
suggestions to correct or mitigate the stated challenge(s). Then, develop the tasks as defined
When discussing the benefits and challenges of securing cloud computing services, select several
cloud-available services and applications that the fictitious organization you created will be
using. Write this section as if the organization has already made the decision on these
Your final deliverable will be have the following characteristics:
? Rich in research
? 7-10 pages in length (not including cover page, abstract, Table of Contents, and
? A minimum of 5 references which include at least 2 scholarly journal articles (using the
? Written in APA format
*******Fictitious company and overview:************
Stanziale Federal Credit Union
Plan will address Stanziale Federal Credit Union�s security infrastructure in the protection of clients CPNI. Bi-Annually or annually security training and assessment to gain knowledge and understanding of common vulnerabilities, threats, and triggers to look for (social engineering, phishing, malicious programs, etc.). Standards and protocols to protect against these attacks and emergency response teams to mitigate the attacks. The benefits of cloud computing in the financial sector.
***A credit union is generally an appropriately-scoped organization for the ISPP. It contains a number of functions that are enabled via cyberspace: account management, funds transfers, research, marketing, ATMs, mobile/web banking. There is also a regular turnover of people, and evolution of technical frauds directed against the CU, requiring regular security awareness updates.
As you pursue this project, keep in mind the role of regulatory forces in defining minimal standards for compliance. You should question if these necessary steps are also sufficient. In addition, risk management is a key tool for determining the amount of resources applied to prevent a fraud, attack, or employee misstep. These should be discussed in your paper.