Final paper

nigel_block
Midterm.docx
Home>Government homework help>Final paper

Question # 2

PoliticsCureCo has about 50 employees and a few information security personnel, but information security was not their priority until now. The CEO is very concerned about the status of cybersecurity at PoliticsCureCo in view of this latest breach. The CEO has just hired you as the CISO in their headquarter office in Washington, DC. She has sent you an e-mail asking your recommendations regarding adopting or using an information Security Governance Framework to better develop, align, coordinate and enforce proper security functions (controls). The CEO is very busy and you know that she does not like emails longer than 250 words, so keep your response 250 words or less.

As the new CISO of PoliticsCureCo, I will make sure that there is control of information provided by the firm to minimize loss of the company’s crucial information at the headquarters. This will be possible through the guidelines that I will lay down for all our employees to foster the organizations success. First, ensuring that there is accountability of the framework, overseeing, and controlling all the actions in the company will mitigate all the risks facing us. It will avoid any chances of breaching the Cyber security at PoliticsCureCo as had occurred on previous occasions (McMahon, Serrato, Bressler & Bressler, 2015). However, the implementation faces a challenge of creating a balance between the organizational risk assessment and utilization of available resources, which are gradually shifting. To curb this, it will be my duty as CISO to offer crucial decisions on how to allocate the organizations limited resources to facilitate client satisfaction.

Consequently, to align the functionality of the whole firm, it will be vital to create a framework that prioritizes risks and build the support of resources that require guidance from the organization. This varies depending on the structure of the organization hence formulating guidelines that facilitate good adaptation to the changes. Besides, the assessment will enable the organization to measure its compliance on how it handles correctly and protects data from unwanted access, destruction, or even loss. To facilitate achievement of law compliance, I as CISO will assign responsibilities of information governance to specific staff and make employees aware of their individual responsibilities and the consequences of non-compliance.

1

2