Security Access Follow up 600 words

profileNes555
Week8.pdf

Running Head: SECURITY POLICY ASSIGNMENT

Week 8 Assignment

Yunesh Shrestha

University of the Cumberlands

Spring 2021 - Security Architecture & Design (ISOL-536-M40)

03/01/2021

SECURITY POLICY ASSIGNMET 2

Processes to develop a balanced cybersecurity portfolio of Vestige International Corporation.

In the current era, (Doorasamy, 2015) staying cyber secure is a task that is becoming very difficult

day by day due to diverse and disparate technology touchpoints in today's enterprise data centers,

workspaces both physical and virtual, and the networks connecting them. CIOs are left confused as

they strive to secure each of these, some opting for standalone security applications which are a

nightmare to integrate. The key is to understand deeply, the technical and business application

architecture and to build a security portfolio to suit each need.

There are five steps vestige Inc. has to follow to create a balanced cybersecurity portfolio. First

step 1: determine the company’s unique assets and cybersecurity needs

In the first step, the vestige international corporation is supposed to look beyond border defense

and identify the kind of attacks that they are most prone to face. Identifying an organization's assets

and requirements is very crucial for cybersecurity. The company requires vetting on how their

clients are utilizing and accessing their database and system and identifying what differentiates

their requirements for security from other companies in various industries. In the case of Vestige

Corporation, the most valuable is the database, which the corporation should prioritize above

anything else and needs to be secured from any kind of destruction. The company should

understand that if their valuable asset goes down, even for a minute, it can lead to serious

destruction to the business (Doorasamy, 2015).

Step 2: assigning spending according to risks

In this step vestige company should face the reality and not overspending on prevention that

means, it’s required to assign its finance wisely without overspending on prevention. Even though

businesses can never be completely secured, Vestige Company should understand that no single

SECURITY POLICY ASSIGNMET 3

product will provide 100% protection, therefore its strategies should entail of a balanced approach

to spending that will not over-prioritize protection alone. The corporation will (Doorasamy, 2015)

compromise threats slips by their defenses, so investing in detection, reply, and recovery will be

very crucial. The company should be realistic and need to be aware of what threats exist, where the

company could be vulnerable, and what aspects of your organization are most vital and this should

protect vestige corporate on its strategy.

Step 3: Design Your Portfolio

On this step, (Scarfone, Souppaya, Cody & Orebaugh, 2008) vestige corporate can use the NIST

framework to better understand the kind of capabilities they need to have. During the crafting of

the portfolio, Vestige Corporation will face two questions. One, what are its needs in each of the

categories, two, how will it select the right products to deliver what they require. Vestige

Corporation should determine where they need to focus most on investing and where they can be

just good enough. First, it can prioritize its prime assets and its investment strategy has to seek

solutions that can offer the greatest amount of these assets This is where it's required to put the

bulk of its spending, with its remaining resources then distributed as best as possible over your

other assets.

Step 4: Choose the right

During assessment in this step, vestige corporate should find products that will ensure delivery of

required capabilities for the best prices has been done (Scarfone, Souppaya, Cody & Orebaugh,

2008).

Step 5: rebalance as needed

SECURITY POLICY ASSIGNMET 4

In this step vestige corporation should keep track of changes of its business, to the threat landscape

and product innovation and rebalance accordingly.

References

Doorasamy, M. (2015). Product Portfolio Management: An Important Business Strategy.

Retrieved 1 March 2021, from

https://www.researchgate.net/publication/290220306_Product_Portfolio_Management_An

_Important_Business_Strategy,

Scarfone, K., Souppaya, M., Cody, A., & Orebaugh, A. (2008). Technical Guide to Information

Security Testing and Assessment. Retrieved 1 March 2021, from

https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-115.pdf.