2023 Develop a comprehensive Cybersecurity risk management strategy plan for a fictitious enterprise based on what you have learned so | Assignments Online

 • Develop a comprehensive Cybersecurity risk management strategy/plan for a fictitious enterprise based on what you have learned so far, the textbook readings, secondary sources, and from your personal experience (if any).The guidance for the assignment follows: •

Cybersecurity Risk Management Strategy/Plan

 • Assignment: You will develop a comprehensive cybersecurity risk management strategy for a new enterprise, which was established in March 2020 (literally during the outbreak of the COVID pandemic). • You may consider the following attributes as your basis for the development of your strategies. 

• It’s a consultancy firm in the area of business and finance and have had offices in Ankara, Tallinn, and Ulaanbaatar – with the headquarter in Richmond, VA.

 • The firm started its operation in March 2020 (during the COVID outbreak)

 • 2000+ employees • Users in Ankara and Ulannbaatar are authenticated through a domain controller hosted on-premise in their respective data center (which is on the same building), whereas user’s in Tallinn and Richmond are authenticated to Microsoft Azure Active Directory (AD) infrastructure hosted in Microsoft’s Azure cloud. 

• User’s in Ankara, Tallinn, and Ulannbaatar are using on-premise exchange server for email management as opposed to Microsoft O356 – as in the case with Richmond users’ 

• 80% of employees have little awareness on Cyber security and its associated risks Project Presentation Due 11/18/2020 

• Splunk Free is the Security information and event management (SIEM) software which all locations use.

 • Each location has their own Configuration Control Board (CCB) and there is no centralized repository to track hardware/software inventory. 

• Neither vulnerability management, nor incident response plan is formulated.

 • The Help Desk is in Richmond so that all users from Tallinn, Ankara, and Ulaanbaatar has to contact them for their technical issues. At times, when there is an outage on their corporate email platform (outlook), they communicate with Help Desk team in Richmond through public email domains/services, say, Gmail

 • GOAL: Develop a comprehensive risk management strategy so as to implement defense-in-depth in all locations. Provide a fictitious name to your project. Feel free to add different attributes which you deem is necessary to beef-up the overall security posture of the enterprise in question – as part of your risk management strategy

 • RULES:

• Your cybersecurity strategy/plan must be attainable and yet realistic 

• SUBMISSION: Word/PowerPoint/Video or Other means which:

 • Introduction 

• Outlines your strategy/plan 

• Identifies actual and potential issues/cyber risks 

• Discusses the severity level of the cyber risks 

• Mitigation/remediation strategies 

• Conclusion