CYB_200_Project_One

docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

200

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

4

Uploaded by DrTree1894

Report
Security Awareness Training Fizza Cola: Security Awareness Training Amelia Lynn Madsen Southern New Hampshire University CYB-200: Cyber Security Foundations
Security Awareness Training 2 Due to some recent security threat events, Fizza Cola has decided to take a renewed approach to security. New technology, hardware, software, etc., has been implemented, however it is very important that employees of Fizza Cola receive training to do their part in protecting the company from security threats. Human error can have a major impact on security. The strongest security system in the world won’t stop an attack if the threat actor has the login credentials of an employee. It is for this reason that Fizza Cola needs to implement a new training system for employees so that everyone can play their part in protecting the security of the company. Fizza Cola should hold training courses for employees quarterly. This is based on the recommendation every four to six months made by the Advanced Computing Systems Association (USENIX). This training will focus on important security topics such as the company’s Acceptable User Policy, username and password security and recognizing phishing emails. Everyone in the company needs to be involved in these trainings, perhaps especially those in management and those who have the most access to sensitive information. Any unauthorized access to employee or customer personal information could not only be disastrous to the individuals affected but could also open Fizza Cola to legal ramifications. For this reason, we should also provide in-depth and more frequent, every 60 days, training for employees who have access to particularly sensitive information. These trainings should always contain a focus on recognizing phishing emails and protecting one’s login credentials. Phishing emails have been a major weak point for Fizza Cola recently. Anyone can be susceptible to phishing scams if they do not take a proactive approach to security. Employees should be shown examples of phishing emails and asked to identify them. They should know never to click on suspicious links as these can contain malware that can be a
Security Awareness Training 3 threat to the confidentiality and integrity of company data. Work emails are for business purposes only and should never be used for personal use. If an email comes from an outside source particular care should be taken to identify any potential risk. If an unauthorized user obtains login credentials from an employee, they can gain access to things like trade secrets or employee data. Employees should be taught the importance of protecting their login information such as usernames and passwords. They should know to never write down this information and never share it with anyone even if it is a coworker. Employees should know to never take short cuts when accessing their workstations, especially if working from home and use multi-factor authentication when required. These are the major factors that should be covered at every security training course, however new topics should be covered in the future to provide variety and maintain employee interest. If Fizza Cola experiences new threats security training should be updated to include new ways that employees can protect the company and themselves from threats. Having up-to-date hardware and software is an incredibly important part of information security. However, Fizza Cola cannot afford to neglect the human factor of security. If the company takes a proactive approach to security by training employees to always keep security in mind, then they can stop many threats before they even happen. Doing this will help maintain the confidentiality and integrity of company data while maintaining employee access to the resources they need to properly do their jobs.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Security Awareness Training 4 References 3 cyber security legal issues for msps and Vars . Calyptix Security 3 Cyber Security Legal Issues for MSPs and VARs Comments. (n.d.). https://www.calyptix.com/reports/3-cyber-security-legal- issues-for-msps-and-vars/ Cydef. (2021, December 28). The human factor: The hidden problem of cybersecurity . CYDEF. https://cydef.ca/blog/the-human-factor-the-hidden-problem-of-cybersecurity/#:~:text=The%20h Kim, D., & Solomon, M. (2023). Chapters 1, 3 and 6. In Fundamentals of Information Systems Security . essay, Jones & Bartlett Learning. Tuorinsky, E. (2021, September 2). The human factor in cybersecurity . Security Magazine RSS. https://www.securitymagazine.com/articles/96009-the-human-factor-in-cybersecurity Usenix . USENIX. (n.d.). https://www.usenix.org/ Why you should frequently hold cybersecurity awareness training. (n.d.). https://fraudwatch.com/blog/why-you-should-frequently-hold-cybersecurity-awareness-training/ Witman, D. (2021, March 3). Cybersecurity: Dos and don’ts and legal issues you need to understand . Legal Reader. https://www.legalreader.com/cybersecurity-dos-and-donts-and-legal- issues-you-need-to-understand/

Related Documents

DV30 SA Technical Manual ver.1.05 (2).docx
Project_Charter_SOW_HPN.docx
Airport Improvement Program.docx
2.pdf
MIS 215 Milestone One Worksheet.docx
CYB_100_3-3.docx
CYB_200_Project_Three_Milestone.docx
CYB 200 Project Three Milestone.docx
CYB_200 1-3 Activity Security Objective Mapping.docx
Case Analysis Walmart.docx
Chapter 8 Case analysis IKEA (1).docx
CYB_100_2-3.docx