Introduction Information security professionals must understand how to apply ethical security principles and processes to their organizations. These standards should define the organization’s specific needs and demands to assure data confidentiality, integrity, and availability. An organization’s employees must be aware of the security challenges it is facing. In this task, you will analyze ethical challenges related to information security and develop a training plan for an organization, which will raise awareness of these challenges, convey strategies, and prevent unwanted developments. Scenario Review the attached “TechFite Case Study” for information on the company being investigated. You should base your responses on this scenario. Requirements Your submission must be your original work. No more than a combined total of 30% of the submission and no more than a 10% match to any one individual source can be directly quoted or closely paraphrased from sources, even if cited correctly. The similarity report that is provided when you submit your task can be used as a guide. You must use the rubric to direct the creation of your submission because it provides detailed criteria that will be used to evaluate your work. Each requirement below may be evaluated by more than one rubric aspect. The rubric aspect titles may contain hyperlinks to relevant portions of the course. Tasks may not be submitted as cloud links, such as links to Google Docs, Google Slides, OneDrive, etc., unless specified in the task requirements. All other submissions must be file types that are uploaded and submitted as attachments (e.g., .docx, .pdf, .ppt). A. Address ethical issues for cybersecurity by doing the following: 1. Discuss the ethical guidelines or standards relating to information security that should apply to the case study. a. Justify your reasoning. 2. Identify the behaviors, or omission of behaviors, of the people who fostered the unethical practices. 3. Discuss what factors at TechFite led to lax ethical behavior. B. Describe ways to mitigate problems and build security awareness by doing the following: 1. Describe two information security policies that may have prevented or reduced the criminal activity, deterred the negligent acts, and decreased the threats to intellectual property. 2. Describe the key components of a Security Awareness Training and Education (SATE) program that could be implemented at TechFite. a. Explain how the SATE program will be communicated to TechFite employees. b. Justify the SATE program’s relevance to mitigating the undesirable behaviors at TechFite. C. Prepare a summary directed to senior management (suggested length of 1–2 paragraphs) that states TechFite’s ethical issues from Part A and the related mitigation strategies from Part B. D. Acknowledge sources, using in-text citations and references, for content that is quoted, paraphrased, or summarized. E. Demonstrate professional communication in the content and presentation of your submission. File Restrictions File name may contain only letters, numbers, spaces, and these symbols: ! – _ . * ‘ ( ) File size limit: 200 MB File types allowed: doc, docx, rtf, xls, xlsx, ppt, pptx, odt, pdf, txt, qt, mov, mpg, avi, mp3, wav, mp4, wma, flv, asf, mpeg, wmv, m4v, svg, tif, tiff, jpeg, jpg, gif, png, zip, rar, tar, 7z
Categories