Industry comments

Whatnow
ICinfo.docx

Industry comments on Proposed Cyber Standards

3 Essays

Adius Simtray Report - one-page report.

Standards Summary - one-page summary

Written Comments - between two and three pages

Step 1: Selection of Industry and Cyber Issues

Throughout this project, you will assume the perspective from an organization of a particular industry.

In order to prepare your perspective, you will complete the following:

· Select a specific industry from one of the following areas: health care, finance, telecommunications, automotive, or retail upon which you will focus your oral statement. For example, you may choose to research the industry of grocery stores (retail) or hospitals (health care). Do not select a specific company focus on the industry.

· Research and write a short paragraph about the cybersecurity issues you discover for your particular industry.

Step 2: Project Practice - SIMTRAY Adius: Day 1

Before you begin to develop your oral statement, it is important to understand how laws and regulations can affect a particular industry. Begin by exploring the SIMTRAY titled, "Adius: Find Your Way in Three Days."

SIMTRAY is a simulation that presents you with scenarios that will provide insight into the origins of issues affected by major regulatory/legal concerns facing every organization or industry. While this simulation focuses specifically on the financial industry, you will find that this exercise will help you examine the regulatory concerns for your chosen industry. Some of the issues and topics addressed in this exercise include cybersecurity policies, countermeasures, sql injection, digital evidence, cyber attacks & threats, mobile technologies, outsourcing - security threats, cloud computing, and the Gramm-Leach-Bliley Act (GLBA).

The SIMTRAY will provide you with scores to give you a sense on how well you are grasping the concepts. The sections are timed for 30 minutes; however, you can run the SIMTRAY as many times as you need. Record your best score and at least one lesson learned from the exercise to include in your report at the end of the three-day simulation.

Step 3: Project Practice - SIMTRAY Adius: Day 2

In the previous step, you started to examine the SIMTRAY, "Adius: Find Your Way in Three Days."In this step, continue to focus on SIMTRAY, but document the specific type of regulatory issues you encounter in your scenario since these same issues may be relevant to the industry you chose to examine for your oral presentation. Some of the issues and topics addressed in this exercise include cybersecurity policies, countermeasures, sql injection, digital evidence, cyber attacks & threats, mobile technologies, outsourcing - security threats, cloud computing, and the Gramm-Leach-Bliley Act (GLBA).

The SIMTRAY will provide you with scores to give you a sense on how well you are grasping the concepts. The sections are timed for 30 minutes; however, you can run the SIMTRAY as many times as you need. Record your best score and at least one lesson learned from the exercise to include in your report at the end of the three-day simulation

Step 4: Project Practice - SIMTRAY Adius: Day 3

In this step, you should continue to explore the scenarios within the SIMTRAY, "Adius: Find Your Way in Three Days." If you have not already, you will most likely encounter the following topics in this exercise: cybersecurity policies, countermeasures, SQL injection, digital evidence, cyber attacks & threats, mobile technologies, outsourcing - security threats, cloud computing, and the Gramm-Leach-Bliley Act (GLBA). Document events that you experience in the exercise that might affect the following industries:

· health care

· finance

· telecommunications

· automotive

· retail

Think about how these issues will be affected by proposed regulation and begin to explore how you might be able to influence agencies to formulate appropriate standards favorable to a particular industry.

The SIMTRAY will provide you with scores to give you a sense on how well you are grasping the concepts. The sections are timed for 30 minutes; however, you can run the SIMTRAY as many times as you need. Compile your recorded scores, lessons learned, and documented industry issues into a one-page report.

Submit your report for feedback

Step 5: Assess Industry Cyber Posture and Create a Relevant Standard

Now that you have chosen your industry and you are aware of the cyber issues affecting it, it is time to identify a standard to address one of the cyber issues you identified. For example, in response to the credit card fraud in the retail industry, the bank card industry adopted the chip and PIN standard for credit cards. Using feedback you received from your instructor in previous steps, create a cybersecurity standard relevant to your chosen industry. Refer to industry-specific regulations for additional background on existing regulations.

Create a relevant standard and write a one-page summary documenting the standard and evaluating the impact it would have on your selected issues and business operations in your industry. This summary will be included in your written comments in the following step.

Submit your Standards Summary for feedback.

Step 6: Written Comments

Develop your final written comments for presentation at the next standards body meeting. These comments should be between two and three pages, and it should include a paragraph on your thoughts about how your comments will be received and whether or not they will have an impact on the regulation/standard, etc. Update the Standards Summary from the previous step according to the feedback you received. Attach the Standards Summary to your written comments. (The Standards Summary should not be included in the length requirement of the written comments.)

Submit your written comments.

Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them in your work.

· 1.2: Develop coherent paragraphs or points so that each is internally unified and so that each functions as part of the whole document or presentation.

· 1.6: Follow conventions of Standard Written English.

· 2.5: Develop well-reasoned ideas, conclusions or decisions, checking them against relevant criteria and benchmarks.

· 5.3: Support policy decisions with the application of specific cybersecurity technologies and standards