User Account

All Pages

Review the risk section of the companys sec form ten-k

Assignment Help Computer Network Security
Reference no: EM131214234

Corporate Profile: Cybersecurity Risk Profile

For this paper, you will construct a cybersecurityrisk profile for the company that you wrote about in Part 1 of the Corporate Profile project. Your risk profile, which includes an Executive Summary, Risk Register, and Risk Mitigation Recommendations (Approach & Security Controls by family), will be developed from information provided by the company in its Form 10-K filing (Annual Report to Investors) retrieved from the U.S. Securities and Exchange Commission (SEC) Edgar database. You will also need to do additional research to identify security controls, products, and services which could be included in the company's risk response (actions it will take to manage cybersecurity related risk).

Research

1. Review the Risk section of the company's SEC Form 10-K. Develop a list of 5 or more specific cyberspace or cybersecurity related risks which the company included in its report to investors. Your list should include the source(s) of the risks and the potential impacts as identified by the company.

2. For each risk, identify the risk management or mitigation strategies which the company has implemented or plans to implement.

3. Next, use the control families listed in the NIST Special Publication 800-53 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdfto identify general categories of controls which could be used or added to the company's risk management strategy for each risk in your list.

4. For each control family, develop a description of how the company should implement these controls ("implementation approach") as part of its risk management strategy.

Write

1. Develop a 2 to 3 pageExecutive Summaryfrom your Corporate Profile Part 1 (reuse and/or improve upon the business profile). Your Executive Summary should provide an overview of the company, summarize its business operations, and discuss the sources, potential impacts, and mitigation approach/strategy for cybersecurity related risks identified in the company's annual report.The Executive Summary should appear at the beginning of your submission file.

2. Copy the Risk Register &Security Control Recommendations table (see template at the end of this assignment) to the end of the file that contains your Executive Summary.

3. Using the information you collected during your research, complete the table. Make sure that you include a name and description for each risk. For the security controls, make sure that you include the family name and a description of how each recommended control should be implemented (implementation approach). Include the control family only. Do not include individual security controls from NIST SP 800-53.

YourRisk Profile is to be prepared using basic APA formatting (including title page and reference list) and submitted as an MS Word attachment to the Corporate Profile Part 2 entry in your assignments folder. See the sample paper and paper template provided in Course Resources > APA Resources for formatting examples.Consult the grading rubric for specific content and formatting requirements for this assignment.

Note: for this assignment you will be preparing a very high level risk register. Preparing a fully developed risk register and risk profile is beyond the scope of this course.

Table 1. Risk Register &Risk Mitigation Approach with Recommended Security Controls

Risk Identifier

Description of the Risk &
Current Risk Management Strategy

Risk Mitigation Approach with
Recommended Security Controls (by NIST SP 800-53 family)

Sequence # or Brief title (<50 characters)

Must be from Form 10-K. Split complex risk statements into multiple individual risks.

Must list NIST Control Family (two character ID) as part of recommended mitigation

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Reference no: EM131214234

Questions Cloud

What are some questions that you might want to ask in return : A management application vendor boasts about the scale of its management system, claiming that it can support 10 million managed objects. What are some questions that you might want to ask in return
Find vector equations for the lines : Convert the vector equations from the previous question into their parametric and cartesian forms - Find vector equations for the lines:
Create outline of your new it security policies for rollinon : Create an outline of your new IT security policies for RollinOn. Be sure to relate your policies to the potential risks. Speculate on the most common types of resistance that you might encounter from employees when implementing your new IT policy.
Identify chocoholic tour key market or customer segments : MKTG1053 Service Quality Group Assessment - INDUSTRY PROJECT. Chocoholic Tour's Market/Customer Analysis: What type of customers make up the market in which Chocoholic Tour operates?  Identify Chocoholic Tour's key market/customer segments
Review the risk section of the companys sec form ten-k : Review the Risk section of the company's SEC Form 10-K. Develop a list of 5 or more specific cyberspace or cybersecurity related risks which the company included in its report to investors.
Number of on-line purchases of footwear : Q1. An on-line retailing firm conducts a study into the number of on-line purchases of footwear made during all of last year. The study wants to determine the proportion of Australians over the age of 25 who purchase footwear on-line. The managi..
What programs exist that help prevent bullying : Are school counseling programs that prevent bullying effective in decreasing antisocial behavior? What programs exist that help prevent bullying? How effective are those programs? How can we use current research to come up with a new research que..
Symmetrically distributed around the mean : For questions A and B, express your answer in a number between 0 and 1 with four digits of precision (i.e. 25.01% is 0.2501). For question C, express your answer in two decimal places (e.g. 1.31)
Create new earbud headphones : A manufacturing firm has recently opened up a plant to create new earbud headphones. If the length of the cord is normally distributed with a mean of 80 cm and standard deviation of 1.1 cm, what is the probability that

Reviews

Write a Review

Computer Network Security Questions & Answers

  Knowing the threat

Explain the added challenges of securing wireless devices versus securing LAN-connected devices. Imagine you are starting a new small- to-midsized cybercafe business from the ground up. Explain which areas of your network would be LAN based and wh..

  What is the length of the data field (in hexadecimal)

What is the Destination Address (in hexadecimal)?

  Describe how the code affects the cable design plan

Describe 20 organizations that influence cable plant implementation. Include appropriate Building Codes that will apply to your company's new building. Include a short description of each applicable code. Describe how the code affects the cable desig..

  Explain the site for marketing and site design purposes

Using the library, the Internet, and any other materials, prepare a PowerPoint presentation that outlines the following items

  Explain the relationship between morality and ethics

In readings and class discussions we have talked about the relationship and distinctions between morality and ethics. Morality deals with basic principles of right and wrong or good and bad. Ethics deals with behavior and actions.

  Explain what is meant by authentication

In the context of information processing, computer security and trusted systems, explain what is meant by the following terms and why we want to use them: Authentication and Two factor authentication

  How adequate destruction of materials ensuring privacy

How will your company ensure adequate destruction of the materials thus ensuring an individual's privacy? Will any state-wide, national, or industry standards be met? If so, which ones and how?

  Largest threats against network security

Research and discuss what you believe are the largest threats against network security, and what measures should be taken to protect against such intrusions.

  Theft of logins and passwords

Theft of logins and passwords

  New technologies using sophisticated anti-copying measures

Which is more probably to be effective in protecting intellectual property in digital media like CDs and DVDs: tougher copyright laws or new technologies incorporating more sophisticated anti-copying measures?

  Describe the different types of computer attacks

Describe the different types of computer attacks. Evaluate the ethical concerns that computer crimes raise in society and the impact of information technologies on crime, terrorism, or war.

  Discretionary and mandatory access control

Logic bombs, War dialing, Ping of death attack, steganography, RSA scheme, digital signature, A chain of certificates, A certificate revocation list, A trust anchor, asymmetric algorithm used by PGP, IPSec mode, IP virtual Private Networks

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd