Security Access Follow up 600 words
Running Head: SECURITY POLICY ASSIGNMENT
Week 8 Assignment
Yunesh Shrestha
University of the Cumberlands
Spring 2021 - Security Architecture & Design (ISOL-536-M40)
03/01/2021
SECURITY POLICY ASSIGNMET 2
Processes to develop a balanced cybersecurity portfolio of Vestige International Corporation.
In the current era, (Doorasamy, 2015) staying cyber secure is a task that is becoming very difficult
day by day due to diverse and disparate technology touchpoints in today's enterprise data centers,
workspaces both physical and virtual, and the networks connecting them. CIOs are left confused as
they strive to secure each of these, some opting for standalone security applications which are a
nightmare to integrate. The key is to understand deeply, the technical and business application
architecture and to build a security portfolio to suit each need.
There are five steps vestige Inc. has to follow to create a balanced cybersecurity portfolio. First
step 1: determine the company’s unique assets and cybersecurity needs
In the first step, the vestige international corporation is supposed to look beyond border defense
and identify the kind of attacks that they are most prone to face. Identifying an organization's assets
and requirements is very crucial for cybersecurity. The company requires vetting on how their
clients are utilizing and accessing their database and system and identifying what differentiates
their requirements for security from other companies in various industries. In the case of Vestige
Corporation, the most valuable is the database, which the corporation should prioritize above
anything else and needs to be secured from any kind of destruction. The company should
understand that if their valuable asset goes down, even for a minute, it can lead to serious
destruction to the business (Doorasamy, 2015).
Step 2: assigning spending according to risks
In this step vestige company should face the reality and not overspending on prevention that
means, it’s required to assign its finance wisely without overspending on prevention. Even though
businesses can never be completely secured, Vestige Company should understand that no single
SECURITY POLICY ASSIGNMET 3
product will provide 100% protection, therefore its strategies should entail of a balanced approach
to spending that will not over-prioritize protection alone. The corporation will (Doorasamy, 2015)
compromise threats slips by their defenses, so investing in detection, reply, and recovery will be
very crucial. The company should be realistic and need to be aware of what threats exist, where the
company could be vulnerable, and what aspects of your organization are most vital and this should
protect vestige corporate on its strategy.
Step 3: Design Your Portfolio
On this step, (Scarfone, Souppaya, Cody & Orebaugh, 2008) vestige corporate can use the NIST
framework to better understand the kind of capabilities they need to have. During the crafting of
the portfolio, Vestige Corporation will face two questions. One, what are its needs in each of the
categories, two, how will it select the right products to deliver what they require. Vestige
Corporation should determine where they need to focus most on investing and where they can be
just good enough. First, it can prioritize its prime assets and its investment strategy has to seek
solutions that can offer the greatest amount of these assets This is where it's required to put the
bulk of its spending, with its remaining resources then distributed as best as possible over your
other assets.
Step 4: Choose the right
During assessment in this step, vestige corporate should find products that will ensure delivery of
required capabilities for the best prices has been done (Scarfone, Souppaya, Cody & Orebaugh,
2008).
Step 5: rebalance as needed
SECURITY POLICY ASSIGNMET 4
In this step vestige corporation should keep track of changes of its business, to the threat landscape
and product innovation and rebalance accordingly.
References
Doorasamy, M. (2015). Product Portfolio Management: An Important Business Strategy.
Retrieved 1 March 2021, from
https://www.researchgate.net/publication/290220306_Product_Portfolio_Management_An
_Important_Business_Strategy,
Scarfone, K., Souppaya, M., Cody, A., & Orebaugh, A. (2008). Technical Guide to Information
Security Testing and Assessment. Retrieved 1 March 2021, from
https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-115.pdf.