ComputerScienceExpert
$18/per page/
Need help constructing a cybersecurity risk profile with executive summary, risk register, snd risk mitigation recommendations. Attached are the instructions and the Corporate profile that this risk profile needs to be based on. Please help.
Corporate Profile Part 2: Cybersecurity Risk ProfileFor this paper, you will construct a cybersecurity risk profile for the company that youwrote about in Part 1 of the Corporate Profile project. Your risk profile, which includes anExecutive Summary, Risk Register, and Risk Mitigation Recommendations (Approach &Security Controls by family), will be developed from information provided by the company in itsForm 10-K filing (Annual Report to Investors) retrieved from the U.S. Securities and ExchangeCommission (SEC) Edgar database.You will also need to do additional research to identifysecurity controls, products, and services which could be included in the company’s risk response(actions it will take to manage cybersecurity related risk).Research1.Review the Risk section of the company’s SEC Form 10-K. Develop a list of 5 or morespecific cyberspace or cybersecurity related risks which the company included in itsreport to investors. Your list should include the source(s) of the risks and the potentialimpacts as identified by the company.2.For each risk, identify the risk management or mitigation strategies which the companyhas implemented or plans to implement.3.Next, use the control families listed in the NIST Special Publication 800-53http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdfto identifygeneral categories of controls which could be used or added to the company’s riskmanagement strategy for each risk in your list.4.For each control family, develop a description of how the company should implementthese controls (“implementation approach”) as part of its risk management strategy.Write1.Develop a 2 to 3 page Executive Summary from your Corporate Profile Part 1 (reuseand/or improve upon the business profile). Your Executive Summary should provide anoverview of the company, summarize its business operations, and discuss the sources,potential impacts, and mitigation approach/strategy for cybersecurity related risksidentified in the company’s annual report. The Executive Summary should appear at thebeginning of your submission file.2.Copy the Risk Register & Security Control Recommendations table (see template at theend of this assignment) to the end of the file that contains your Executive Summary.3.Using the information you collected during your research, complete the table. Make surethat you include a name and description for each risk. For the security controls, makesure that you include the family name and a description of how each recommendedcontrol should be implemented (implementation approach). Include the control familyonly. Do not include individual security controls from NIST SP 800-53.Your Risk Profile is to be prepared using basic APA formatting (including title page andreference list) and submitted as an MS Word attachment to theCorporate Profile Part 2entry inyour assignments folder. See the sample paper and paper template provided in Course ResourcesCopyright © 2015 by University of Maryland University College. All rights reserved.
Attachments: