Topic 1
Project Title: Creating Company E-mail and WIFI / Internet Use Policies Attached you will find a description of final project assignment. Attached a document for reference.
Topic 2
Please find the attached document on Security Culture however use that for reference and need to create a new report on that topic as well as a PPT for presenting the topic.
Cybersecurity Planning and Management
Creating Company E-mail/WIFI/Internet Use Policies
You have just been hired as the Security Manager of a medium-sized Financial Services company
employing 250 people in New Hampshire, and have been asked to write two new security policies for
this company. The first one is an e-mail policy for employees concentrating on personal use of company
resources. The second policy is that of WIFI and Internet use within the company.
There are many resources available on the web so researching these topics and policies should be easy.
The most difficult part of this exercise will be determining how strict or how lenient you want to make
these policies for this particular company.
Project Plan
You are asked to create two separate policies on use of EMAIL and a WIFI/INTERNET USE within the
company.
Be specific in your terms and conditions of use. Consider these items to be included in your policies (as
applicable).
1. Overview
2. Purpose
3. Scope
4. Policy
5. Policy Compliance
6. Related Standards, Policies and Processes
7. Definitions and Terms
Some useful links and resources for your research:
https://www.sans.org/security-resources/policies/general/pdf/email-policy
https://resources.infosecinstitute.com/acceptable-use-policy-template-public-wifi-networks/#gref
https://www.techrepublic.com/article/download-our-wireless-policy-template/
Topic 5
In my topic project, I will be dealing with security culture. The reason for this topic was
due to technological changes that are shifting from the company’s traditional way of
communication and paper record-keeping to new advanced software. Storage of information in
soft copies in computers, hard disks, flash, and cloud storage is becoming popular with many
companies. The more the technology is reducing office bulky file storage, the more the data and
information are becoming vulnerable to threats.
When we establish strong security culture, It becomes hard for hackers and unauthorized
people to penetrate our system and acquire crucial information. For example, the secretary of an
organization should ensure that his computer has a password, and it should not be used anyhow by
anybody. When sending a letter or a report, one should be very keen so that the wrong recipient
does not receive it. Security policies help the stakeholders to understand the protocol of
information flow and consequences that may occur if one fails to adhere to them. The strategies
enable security for information from breach or theft since every employee is responsible for the
assigned department.
When we develop a sustainable security culture, it becomes critical to a regime that protects
against a range of threats that can lead to physical and financial damage to the company. Security
culture builds some values that bring understanding to the employees that they should protect
working devices from damage. It ensures that proper care is taken to these hardware devices to
enhance a smooth working environment. Security culture ensures that each device is used for its
right use for its safety.
References
Da Veiga, A., & Martins, N. (2017). Defining and identifying dominant information security
cultures and subcultures. computers & security, 70, 72-94.