Discuss the NIST cybersecurity framework’s five functions

Module 2 – Case

CYBER POLICY AND GOALS

Assignment Overview

Studies have revealed that many businesses and organizations are not prepared for a cyber-attack. Analysts refer to cyber as a general “cat and mouse” game in which cyber defenses are put in place in response to a threat—then new threats arise. Having a strong cybersecurity program is important in mitigating these continuing threats. Such as program includes having a strong information security program that provides a full spectrum of services that addresses all aspects of cyber defense.

Case Assignment

Answer the following:

1.Explain the “CIA Triad Model” of information security.

2.Discuss the NIST cybersecurity framework‘s five functions. Use them in an example.

Assignment Expectations

Assignments should be 4-5 full pages, double-spaced, not counting the cover or reference page. Paper format: (a) Cover page, (b) Header, (c) Body. Submit your assignment by the last day of this module. Provide quotations to support your responses.

Relevance—All content is connected to the question.

Precision—Specific question is addressed. Statements, facts, and statistics are specific and accurate.

Depth of discussion—Present and integrate points that lead to deeper issues.

Breadth—Multiple perspectives and references, multiple issues/factors considered.

Evidence—Points are well-supported with facts, statistics and references.

Logic—Presented discussion makes sense; conclusions are logically supported by premises, statements, or factual information.

Clarity—Writing is concise, understandable, and contains sufficient detail or examples.

Objectivity—Avoids use of first person and subjective bias.

References—Sources are listed at the end of the paper.

Use strong credible sources – peer-reviewed references, government documents, and subject matter expert materials to support your answer. Your paper will not exceed 5 pages (excluding cover sheet and reference page(s).

____________________________________________________________________________________________________

Module 2 – Background

CYBER POLICY AND GOALS

REQUIRED READING

Cybersecurity legislation 2018. (2018). National Conference of State Legislatures. Retrieved from http://www.ncsl.org/research/telecommunications-and-information-technology/cybersecurity-legislation-2018.aspx Read the short Introduction and scroll down to your state to see cybersecurity legislation.

Metivier, B. (2017). Fundamental objectives of information security: The CIA triad. Sage Data Security. Retrieved from https://www.sagedatasecurity.com/blog/fundamental-objectives-of-information-security-the-cia-triad

Moghaddasi, H., Sajjadi, S., & Kamkarhaghighi, M. (2016). Reasons in support of data security and data security management as two independent concepts: A new model. The Open Medical Informatics Journal, 10. Retrieved from https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5090776/

National Cyber Strategy of the United States of America. (September 2018). The White House. Retrieved from https://trumpwhitehouse.archives.gov/wp-content/uploads/2018/09/National-Cyber-Strategy.pdf

REQUIRED WEBSITES

Cyber Threat Intelligence Integration Center. Office of the Director of National Intelligence. https://www.dni.gov/index.php/ctiic-home

Department of Homeland Security (DHS). National Cybersecurity and Communications Integration Center. Retrieved from https://us-cert.cisa.gov/nccic

Department of Homeland Security (DHS). National Infrastructure Protection Plan. Retrieved from http://www.dhs.gov/national-infrastructure-protection-plan

NIST Cybersecurity Framework. https://www.nist.gov/cyberframework/online-learning/five-functions