Company: Airbrush Brothershttps://airbrushbrothers.com/
Develop a five-page proposal on how the small business of a t-shirt apparel company should address the problemMitigation of Physical and Network Threatsfrom the Network Security Engineering perspective:
- Introduction – Provide the necessary background and discuss the relevant literature to motivate the research problem
- Recognize and Define the Problem –Identify and define the information security problem in detail and formulate an argument with references to the magnitude of it for the industry and/or organizations (general for the problem, not at a specific organization!)
- Gather Facts –Identify the facts from the organization you’re investigating that you will need to address the information security problem including (but not limited to):
*** Internet/LAN/Wireless/Cellular/Bluetooth network security weaknesses, Intrusion detection, intrusions prevention, and network factors (topology, configuration, hardware vs. software, interceptions, modifications, interruptions, physical) that are the root of the Network Security Engineering problem. - Risk Management Analysis (RMA) Outline – Identify risks related to the proposed selected problem. Identify the top cyber related threats relevant from your perspective. Develop a table with six (6) columns: risk rank, risk description, likelyhood of occurance, Impact to the organization (Can use the qualitative approach using red=high, orange=medium, & green=low – OR can use the CISSP quantitative approach), and proposed action item supporting the mitigation of that threat.
- Project Scope and Goals – Identify the objectives that your proposed information security project will achieve. Remember that scope is what will be included in the project (as there may be many issues with the organization, but we can only focus on few most critical threats), the goals are what you propose the company to achieve during the project and MUST be specifically related to Network Security Engineering
- Recommended Solution and Action Plan – Learn and use the NIST Cybersecurity Framework. Then, use it (ensure to include it & cite it!) to propose the recommended cycle of solution and action plan (ensure it’s a proposed continuous plan! Not one time deal only! Security is a continious process!). Identify the protective mechanisms and possible solutions you plan to propose to address the problem – the Action Items (Network Security Engineering). Justify your protective mechanisms and possible solutions plan with peer-reviewed(feel free to us scholar.google.com – no patents!)and industry sources(like Wall Street Journal, Security magazines,NIST,SANS etc).Ensure to propose set of Action Items (ACTs) that will address the top risks identified in the above RMA (the two must be linked – i.e. use “ACT1”, “ACT2”, etc. to number your Action Items.
- Anticipated Results – Identify the anticipated significance of the results of your proposed project to the selected company and what is the anticipated impact of the results on the company’s operational security, communication security, and data/network security.
- Proposed Costs – Discuss the proposed for costs of your project if such project to be implemented at the selected company. Make sure to list the ACTs and ensure all project components are included! Make a table with six (6) columns: equipment/service item, who preforms it (Internal or contractor – i.e. you?), ACT#, Cost per item, number of items, total. Of course, also ensure to include a grand total.
- Conclusion – Summarize and highlight the proposed scope and goals along with the proposed significant contributions of your project to the company. Ensure to indicate their current NIST Tier level, and their proposed targeted tier level after implementing the proposed project.
- Technical Appendix (Not in the page limit – ***MUST BE INCLUDED!!! This is 25% of the grade of this assignment!!!)) – Proposed draft for Blueprint for Network Security Engineering topology (with network diagram before & after the project, as well as proposed component list);