01 Dec Your midterm project was to provide a security assessment for [X], an online software company that specializes in selli
Your midterm project was to provide a security assessment for [X], an online software company that specializes in selling ad spaces in their parent company’s magazine. [X] manages an online database that allows their customers to upload and pay for their business ads for magazine placement. Because [X] ‘s database needs to connect to the parent company’s database, the parent company has requested that [X] system be assessed and verified as secure.
Now that you have provided your security assessment, the next step is to provide [X] with your Security Portfolio. Using this week's Reading on the NIST framework that includes the 5-step process for creating a balanced portfolio of security products, your assignment will be to create a Security Portfolio with the following sections:
(Note: [X] can be any company and any line of business)
1. Cover Page (i.e. APA title page)
2. Background (provide a synopsis of your midterm security assessment on Vestige)
3. For each security need identified (or needs to be identified) from your Midterm Assignment, Find the products that will deliver the needed capabilities for the right price and tell why you chose that product.
This assignment should be about security needs only. Do NOT discuss how the client can achieve more business (That is not your job).
Answer the questions with an APA-formatted paper (Title page, body, and references only). Your response should have a minimum of 600 words. Count the words only in the body of your response, not the references. A table of contents and abstracts are not required.
A minimum of two references is required. One reference for the book is acceptable but multiple references are allowed. There should be multiple citations within the body of the paper. Note that an in-text citation includes the author’s name, year of publication, and the page number where the paraphrased material is located.
Your paper must be submitted to SafeAssign. The resulting score should not exceed 35%.
NOTE: Please find related content in Chapter 12 from textbook Securing Systems: Applied Security Architecture and Threat Models.
NOTE: I have attached the Mid Term project for reference.
Running Head: VESTIGE’S SECURITY PORTFOLIO DESIGN 2
Running Head: VESTIGE’S SECURITY PORTFOLIO DESIGN 2
Regarding cyber-attacks, the National Institute of Standards and Technology (NIST) framework is described as "a collection of principles that commercial enterprises should adhere to be effective in recognizing, detecting, and responding to cyber-attacks." The framework is intended to help commercial enterprises recognize, detect, and respond to cyber-attacks. The organization was founded to address the absence of standards in the field of security in general. This process includes the following steps: determining requirements, allocating risk-related expenses, developing a portfolio, selecting the best appropriate product, and rebalancing the portfolio as needed (Opiela, 2017).
Below are the stages that must be completed successfully for Vestige's security portfolio design.
The establishment of a well-balanced cyber security portfolio requires the completion of five phases by a company. The following are the procedures that a corporation must follow:
Step 1: Identify Requirements.
The Vestige Company must first look beyond basic border security to identify the types of attacks that could put them in danger. This is the first step in the process. When it comes to cyber-security, it is critical to identify the assets and requirements of the organization in question. There is no room for error of the Vestige Company when it comes to review, how their clients use and access their database system. Furthermore, businesses must analyze what distinguishes their security requirements from other organizations operating across a broad spectrum of industries and sectors. Vestige Company's database is its most valuable asset, and it must take precedence over all other concerns and be safeguarded from any form of loss or destruction (Pettijohn, 2019).
Step 2: Assign Spending according to the needs.
Next, the Vestige Company is responsible for making prudent financial decisions about the second stage, including avoiding overspending on preventative measures. It is expected that threats will be able to get beyond the company's defense systems, prompting the need for increased investment in detection, response, and recovery capabilities. Consequently, the company must assume that they have been compromised and must examine what steps they may take to make sure that they are told of the breach as soon as feasible and that the damage is kept to a bare minimum if at all possible. In this situation, the organization requires a set of tools that will enable them to trace down and resolve errors in any system that they are currently constructing as rapidly as possible (Opiela, 2017).
Step 3: Design the Portfolio.
The corporation must now evaluate whether or not it has the authority to prevent itself from being harmed in the future. In light of the dangers that have been recognized, it is necessary for the organization to build a more balanced portfolio of security investment alternatives (Pettijohn, 2019).
Step 4: Select the right product.
The first step in this approach is for the organization to identify the product that will provide the essential capabilities for the specific region under consideration. The Vestige Company is a good illustration of this. A company's ability to recognize and evaluate dangers and adapt to those threats by delivering specialized products is essential to its success. This group must be familiar with the characteristics of various technologies that can assist them in increasing their protection and visibility while also recognizing hidden threats and comprehending risk by centralizing information security and auditing information (Opiela, 2017).
Step 5: Rebalance as required.
In accordance with this decision, the firm's asset weightings will be rebalanced across the entirety of its portfolio of investment assets. The operations associated with this will include things like selling or purchasing assets that are currently included in the portfolio on an as-needed basis to preserve the targeted or original level of asset risk or allocation in the portfolio and other activities (Pettijohn, 2019).
Opiela N. (2017). Changing the Course of Portfolio Design. (Main story). Diary of Financial Planning,17(6),66-74. https://search.ebscohost.com/login.aspx?direct=true&AuthType=sso&db=buh&AN=13473460
Pettijohn JB., Ragan GA.,& Ragan KP. (2019). On-Line Investment Analysis and Portfolio Management: Using Learning Outcome Statements to Design Projects. Diary of Education for Business, 78(4), 185. doi:10.1080/08832320309598599
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.