The main role of Chief security officer is to be responsible for the overall, management, implementation, and enforcement of the IT security program in order to protect the confidentiality, integrity and availability of resources, assets and information systems (Garbars, 2002). They are required to address individuals from every department to adhere to the responsibilities assigned to them. According to NIST SP 800-53, there are three classes of security controls that are necessary to secure IT systems which are Management, Operational and Technical classes. Risk Management is the most important part of Change management plan as it works with the cyber security framework to improve an existing program. In order to mitigate risks, information security team are required to follow the seven steps of cyber security framework (NIST, 2014) which are as follows:
Step 1: Prioritize and Scope
In this st...
... middle of paper ...
...quired to respond in a timely manner to resolve the matter.
To conclude, Chief security officers play crucial role to analyze and implement change management plans to secure IT systems by adhering to the security standards recommended by NIST standards. It is huge responsibility for a chief security officer to initiate the role of amending and approving changes required for any policies necessary to protect information and information systems of an organization. Above mentioned details provides the explanation of the purpose of this research paper which is to determine the essential documentation needed to change management plans for secure IT systems using the cyber security framework and the specific role of Chief Security Officer in amending and approving changes to better protect information of an organizational operations, organizational assets, or individuals.
Need Writing Help?
Get feedback on grammar, clarity, concision and logic instantly.Check your paper »
- Businesses and people are using Internet for entertainment, e-business and e-commerce, social networking, and communication to the people and business, but there have always been threats to the Internet Security. Internet security is major concern in field of technology, because there are various personal, business and government data on the Internet. Today every businesses and organizations have their own security systems to reach their goals of information security. Internet security systems are created to reduce cyber attack risks, reliability, maintain confidentiality, and compliance with privacy laws and national security laws.... [tags: Security, Computer security, Internet]
962 words (2.7 pages)
- In 2003, I was recruited to setup and lead a new cyber security initiative for the Army Materiel Command (AMC), a 53 Billion dollar year logistics command that serves as the army version of amazon for the army’s current inventory of weapons, supplies and vehicles. AMC, at this time, had over a 100k workforce spread across 140 locations worldwide. During this timeframe, the Department of Defense was still trying to define Cyber Security and mature the process they had in place. DOD was a large target and AMC ranked high due to the research we performed for Army and the DoD.... [tags: Security, Computer security, Information security]
719 words (2.1 pages)
- Malware protection is another factor to appreciate, as this vice can lead to significant losses to an organization as it corrupts available data for use. The various networks that are used by business firms should consider adhering to network design principles that uphold the security standards set in place. The organizational staff using the different accounts of the company should be limited, and very few individuals should only access the administrator database. Moreover, the various user activities should be regularly monitored and consider changing of account passwords or deleting none existing accounts (Wolden et al., 2015).... [tags: Security, Computer security, Security guard]
1201 words (3.4 pages)
- IT Security Policy Framework The NIST Cybersecurity Framework is a set of voluntary standards, guidelines, and practices. Small and medium size businesses benefit the most from using the NIST (SP 800-53) security framework. Much like larger size businesses, small and medium businesses normally house sensitive personal data, and proprietary and financial information. This means they are increasingly becoming targets for cyber criminals who recognize that smaller businesses may be easier to penetrate as they may lack the institutional knowledge and resources that larger companies have to protect their information.... [tags: Security, Computer security, Risk management]
1190 words (3.4 pages)
- The phrase ‘cyber risk’ means jeopardizing an organization’s financial status and revenue due to the advancement in technology (IRM, 2014). The concern with the increase growth in technology, it causes a high risk in security and privacy. Cyber risk may not only occur in big or small organizations, but also data breach in high-profile personnel’s or release of government documents. While businesses and society continue to engage in the use of technology, the potential cyber threat is really underestimated.... [tags: Security, Risk, Risk management]
2313 words (6.6 pages)
- A Career in Cyber Security Cyber security is the designing, creating, using, and repairing most technological and mechanical equipment. This includes programing and creating new technology before it is mass produced in order to insure safety and quality. It also cover the use of programs to protect and fix technological and mechanical equipment from malfunctions, viruses, and hackers. Lastly, cyber security includes the repairing and upkeep of most electronically designed systems. This job is important because most of today’s world is entirely made up of system that need to be protected, maintained, and constantly improved.... [tags: Employment, Higher education, Academic degree]
1138 words (3.3 pages)
- In Greek mythology, the Theogony recalls the lineage of Greek deities. Part of the story contains information about a monster named Orthrus. The beast is a two headed dog that was responsible for guarding the island. However, Orthrus was eventually slaughtered by the epic hero, Heracles. Obviously, a two headed, monster dog has potential to bring about catastrophe. But trained in the correct way, Orthrus could have been a valiant watchdog and become an honorable hero in Greek legend. Technology in the present is very much like Orthrus in that progress and advances can lead to a positive or negative impact on the world.... [tags: Internet, technology, cyberspace, abuse, Orthus]
1532 words (4.4 pages)
- Given the total number of threats listed in Appendix F (pg. 39) it would be unrealistic to make recommendations for every threat listed. Doing so would detract from the larger issues that need to be addressed in the near term, by focusing efforts on lower risks with few mitigation strategies. Therefore, this risk assessment will make two sets of recommendations. First, any threat initially assessed as EXTREMELY HIGH will be addressed specifically in this section. The near term goal of these recommendations is to mitigate the effects of these threats.... [tags: Security, Computer security, Security guard]
1465 words (4.2 pages)
- ... Unfortunately, this may also impose massive hardships by increasing the costs and labor for agencies to establish permissible access. However, this expected and justified expense comes with risk reduction. It is also worth noting that FISMA protects certain government information from being subjected to release by the Freedom of Information Act (FOIA) (Feinberg, 2004). GLBA repealed acts such as the Glass-Steagall Act of 1933 and the Bank Holding Company Act of 1965, which barred financial bodies from performing any mixture of roles such as banks delving into insurance underwriting, securities, and other investment functions (Mamun, Hassan, & Maroney, 2005).... [tags: information security, models, protection]
1683 words (4.8 pages)
- 1. Three Network Security concepts that are reality. Explain in depth. I could relate many topics that were discussed in our class. Here are three network security concepts in detail. Cryptography Many concepts of cryptography were used in this movie and I feel it is important for me to discuss about this concept in depth. “Cryptography” is the method of establishing a secure communication in the presence of third parties. So we are protecting and verifying the transmitted information. Cryptography is all about constructing and analyzing protocols that block third parties from accessing the secure information.... [tags: Business continuity planning, Information security]
2390 words (6.8 pages)