28 Mar Final Report on National Cybersecurity Policy
Project 5 Start Here
It is important for students to understand a range of policies set forth by past, current and future US presidential administrations. Cybersecurity professionals must understand the impact of an administration’s policy content from multiple perspectives. Analysis of US government cyber policy with current and historical perspectives is pertinent to senior cybersecurity staff in order to assist in the management of cybersecurity risks.
In this project, you will analyze the current and previous administration’s cybersecurity policies within the context of current cybersecurity concerns. You will identify the issues in the policies about which an organization should be concerned, taking into account the effects of the policy on civil liberties with some focus on FISMA and NIST. You will also evaluate FISMA’s ability to both assess compliance and insure accountability. By the end of the course, you will understand the effect that administration cybersecurity policy has on your own organization, public or private sector.
This is the fifth of six sequential projects. There are nine steps in this project. Begin with a review of your project scenario.
Scenario
As the newly hired cybersecurity policy analyst, you are the most qualified in your company to understand the overall framework of cybersecurity initiatives, which often change and evolve over several presidential administrations. Knowing your background, your boss asks you to prepare a comprehensive overview that compares cyber policy tenets from the prior administration to the current. She will present the report to the board of directors.
“It’s important for us to take a step back periodically to see where we’ve been, where we are now, and where we are going,” she says. The report can include recommendations for improving the current policies with a look toward maintaining civil liberties.
The report, your boss says, also should feature updates and the effects of the Federal Information Security Management Acts (FISMA) of 2002 and 2014, and also should consider the role that the National Institute of Standards and Technology (NIST) assumes in terms of cybersecurity policy.
You realize that your report has to be crafted in plain language so that the board members who do not have the technical background in cybersecurity matters will understand. Creating such a broad-based document will require some historical research as well as a look at the current laws. It is due in two weeks, so it’s best to get started right away.
When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission.
1.4: Tailor communications to the audience.
2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem.
7.1: Evaluate national cybersecurity policy.
Step 1: Complete the Developing Cybersecurity Law and Policy eLearning Module
Before you begin the analysis for your report, you should understand how cybersecurity laws and policies are developed. Complete the Developing Cybersecurity Law and Policy eLearning module to better introduce yourself to some key concepts of cyber law, including transnational issues and the absence of law, jurisdiction, and attribution. You will also cover continuously shifting Internet governance through the Internet Corporation for Assigned Numbers and Names (ICANN) and the International Telecommunications Union (ITU). In addition, the module discusses the domain name system (DNS), human rights, and the challenges of monocultures. Take notes on key concepts that will help you in your analysis.
Step 2: Project Practice – SIMTRAY Federal Cybersecurity Agency: Day 1
In the previous step, you were introduced to how cybersecurity laws and policies are developed. You will continue familiarizing yourself with federal regulations and laws by exploring the SIMTRAY titled, “Federal Cybersecurity Agency: Find Your Way in Three Days.”
SIMTRAY is a simulation that presents you with scenarios that will provide insight into how governments ensure the security of their networks and what role they play in addressing issues that arise in private industry. Some of the issues and topics addressed in this exercise include classifying information types, intellectual property issues ( intellectual property – cybersecurity), Cybersecurity Law, Common Criteria Evaluation and Validation Scheme (CCEVS), state cybersecurity law, broadband, and the TIE model.
The SIMTRAY will provide you with scores to give you a sense on how well you are grasping the concepts. The sections are timed for 30 minutes; however, you can run the SIMTRAY as many times as you need. Record your best score and at least one lesson learned from the exercise to include in your report at the end of the three-day simulation.
Step 3: Project Practice – SIMTRAY Federal Cybersecurity Agency: Day 2
In the previous step, you started to examine the SIMTRAY, “Federal Cybersecurity Agency: Find Your Way in Three Days.” In this step, continue to focus on SIMTRAY, but document the specific issues that you believe could be better addressed by federal policy. You may encounter the following topics in this exercise: classifying information types, intellectual property issues ( intellectual property – cybersecurity), Cybersecurity Law, Common Criteria Evaluation and Validation Scheme (CCEVS), state cybersecurity law, broadband, and the TIE Model.
The SIMTRAY will provide you with scores to give you a sense on how well you are grasping the concepts. The sections are timed for 30 minutes; however, you can run the SIMTRAY as many times as you need. Record your best score and at least one lesson learned from the exercise to include in your report at the end of the three-day simulation.
Step 4: Project Practice – SIMTRAY Federal Cybersecurity Agency: Day 3
In this step, you should continue to explore the scenarios within SIMTRAY, “Federal Cybersecurity Agency: Find Your Way in Three Days.” If you have not already, you will most likely encounter the following topics in this exercise: classifying information types, intellectual property issues ( intellectual property – cybersecurity), Cybersecurity Law, Common Criteria Evaluation and Validation Scheme (CCEVS), state cybersecurity law, broadband, and the TIE Model. Document events that you experience in the exercise that might affect the federal policy. Think about how these issues will be affected by current or pending legislation and begin to explore how you might be able to influence Congress to pass appropriate legislation.
The SIMTRAY will provide you with scores to give you a sense on how well you are grasping the concepts. The sections are timed for 30 minutes; however, you can run the SIMTRAY as many times as you need. Compile your recorded scores, lessons learned and documented industry issues into a one-page report.
Submit your report for feedback.
Step 5: Complete the Recent Administration Cybersecurity Policy eLearning Module
So far in this project, you have completed the developing cybersecurity law and policy eLearning module and the Federal Cybersecurity Agency Simtray to familiarize yourself with how cybersecurity laws and policies are developed. However, you should also understand how prior administrations have affected current policy.
In this step, you will complete the Recent Administration Cybersecurity Policy eLearning module to better understand how the prior administration handled cybersecurity policy. You will cover the key points of the Cyberspace Policy Review and the U.S. Government Accountability Office (GAO) report, which is a follow-up to the review. You will also cover the role of the cyber czar, and how the Cyberspace Policy Review findings eventually led to the new cyber command, USCYBERCOM.
Take notes on the key concepts that will help you in your analysis of the current and previous administration’s cybersecurity policies.
Step 6: Review the Current Administration’s Key Cybersecurity Policy
Now that you have familiarized yourself with how cybersecurity law and policy is developed and how the recent administration has handled cybersecurity policy, you are ready to begin your analysis. Conduct research on the current administration’s key cybersecurity policies. This information can be found in official government communications (e.g., whitehouse.gov or dhs.gov websites) as well as in publications about or transcripts of statements/speeches made by administration officials. You will use the Administration Policy Matrix to record your findings. Include one state law or regulation that is relevant to cybersecurity and four respective key principles. You will continue to use this matrix in the following step.
Step 7: Research the Previous Administration’s Cybersecurity Policy
In the previous step, you began your analysis by reviewing the current administration’s key cybersecurity policy tenets. In this step, you will conduct research on the previous administration’s key cybersecurity policies. As in the previous step, you may find information in official government communications (e.g., whitehouse.gov or dhs.gov websites) as well as in publications about or transcripts of statements/speeches made by administration officials. Continue using the Administration Policy Matrix that you began in the last step. You will use your findings in the following step.
Step 8: Compare and Contrast the Current and Previous Administration’s Cybersecurity Policies
Now that you have documented tenets from both the current and previous administration’s cybersecurity policies, you will analyze them using a compare and contrast methodology. Using your completed Administration Policy Matrix, prepare a one-page chart that compares and contrasts the cybersecurity administration policies of the previous and current administration.
Submit both the Administration Policy Matrix and your Administration Compare and Contrast Chart for feedback.
Step 9: Focus on FISMA Discussion
Until now, you have focused on analyzing current and past administrations’ cybersecurity policy. However, your analysis would not be complete without considering a focus on statutes and organizations that determine standards such as FISMA and NIST.
Using the discussion board, pair with another student in the cybersecurity management and policy arena and discuss the introduction of and the effectiveness of FISMA for the federal government. Conduct a high-level review of the FISMA document. Evaluate FISMA’s ability to both assess compliance and ensure accountability. This discussion will be useful for your FISMA report in the following step.
Step 10: Focus on FISMA Report
Use your discussion from the previous step as a basis for the report in this step.
Remember, there are methods that the government uses for quantifying information security and loss. Create a two-page document that summarizes the impact of FISMA upon the quantification within the government, how FISMA implementation can affect the quantification, and the need for FISMA adherence across the federal government.
Write a two-page discussion with the following points:
Describe and discuss the objectives of policy makers.
Describe and discuss the general problems that limit the effectiveness of vehicles that try to govern cybersecurity.
Considering the general problems discussed in the previous point, discuss ideas for improving cybersecurity.
Discuss how well you think FISMA works in the workplace.
This document will serve as the FISMA conclusions section of your final report. Submit your Focus on FISMA report for feedback.
Step 12: Final Report on National Cybersecurity Policy
Throughout this project, you have reviewed and analyzed the presidential administration’s cybersecurity policy, FISMA, and NIST. You will now compile your findings in a final report for your boss to deliver to the board of directors. Refer to the instruction for the final report for additional guidelines.
Submit your completed final report.
Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them in your work.
1.4: Tailor communications to the audience.
2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem.
7.1: Evaluate national cybersecurity policy.
Instruction for the Final Report
Administration Cybersecurity Policy Review
This comprehensive report should include the sections listed below and conclude with a statement that addresses (agree or disagree) with the following comment:
“Not all federal agencies need to follow FISMA or NIST recommendations for maintaining cybersecurity. After all, if the cyberinfrastructure of a government agency is attacked, no real harm is done to anyone except the complainants.”
Review the work you have done throughout the project. If necessary, review the eLearning modules in steps 1 and 5 and your Simtray Report completed in Step 4 along with the feedback from your instructor. And remember to tailor your report to your nontechnical audience.
Be sure to address the following items at some point in your report:
Document the cybersecurity policy issues faced by the United States.
Analyze the interrelations among cybersecurity technology decisions and cybersecurity policies.
Translate how cybersecurity policy choices affect cybersecurity technology research and development.
Compare and contrast key federal and state cybersecurity standards.
Assess the key points and principles in the NIST standards for cloud cybersecurity.
Develop an awareness program of the linkage(s) between US national security and US national priorities for securing cyberspace.
Compare and contrast US cybersecurity standards bodies.
Identify stakeholders to be contacted in the event of an organizational cybersecurity incident.
Compare and contrast cyberdefense and cyberattack, and discuss the relevant policies that underpin each term.
Report Sections
Title Page
Table of Contents
Introduction
Key Current Administration Cybersecurity Policy Tenets
Key Prior Administration Cybersecurity Policy Tenets
Comparison of Current and Prior Tenets
FISMA Conclusions
NIST Conclusions
Conclusion
Pro/Con Current vs. Prior
Pro/Con FISMA Regulation
Pro/Con NIST Guidelines
Reference Page
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.
About Wridemy
We are a professional paper writing website. If you have searched a question and bumped into our website just know you are in the right place to get help in your coursework. We offer HIGH QUALITY & PLAGIARISM FREE Papers.
How It Works
To make an Order you only need to click on “Order Now” and we will direct you to our Order Page. Fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Are there Discounts?
All new clients are eligible for 20% off in their first Order. Our payment method is safe and secure.