Best writers. Best papers. Let professionals take care of your academic papers

Order a similar paper and get 15% discount on your first order with us
Use the following coupon "FIRST15"
ORDER NOW

IT 241: Final Project Document

IT 241: Final Project Document

Overview

The final project for this course is the creation of a presentation in which you will pitch a security awareness program to the executive team of a company. The presentation should include both the human element and the organizational side of operations. Youwill highlight the differences between intentional and unintentional threats posed by human beings and the organizational factors that impact the level of human error within an enterprise.

The purpose of the final project is for you to apply your knowledge about the human aspects of information security to a real-world scenario. People who work in the field of information technology are asked to provide information to executives so that informed decisions can be made about protecting the company from security threats. Information security training is of utmost importance in every company enterprise. While technologies such as antivirus software and encryption can offer some protection against cybercrime, security breaches are most often the result of human error and carelessness. One of the best ways to prevent employees from making costly errors with information security is to institute company-wide security-awareness training. It will be your job to design a presentation to gain buy-in from the executives in order to obtain approval for creating a security awareness program for the business, as well as raise overall awareness about how human factors can impact the security posture of any organization.

Need assignment help for this question?

If you need assistance with writing your essay, we are ready to help you!

OUR PROCESS

Order

Payment

Writing

Delivery

Why Choose Us: Cost-efficiency, Plagiarism free, Money Back Guarantee, On-time Delivery, Total Сonfidentiality, 24/7 Support, 100% originality

In this project, you will demonstrate the following course outcomes:

  • Analyzeunintentionalhumanerrorsandmaliciousbehaviorfortheirimpactonthesecuritypostureofanorganization
  • Illustrate potential predisposed and counterintuitive behaviors that affect organizational security postures based on appropriate models of human behavior
  • Analyze organizational factors for potential risks from human error that impact the security posture of anorganization
  • Justifytoenterprisestakeholderstheimportanceofasecurityawarenessprogramforfosteringhealthysecuritycultures

Prompt

Provide justification as to the importance of instituting an information security awareness program. You are not being asked to write the actual program, only to “sell” the idea to your audience. You will need to describe human behaviors that pose risks to organizations, why humans demonstrate these behaviors, and how a security awareness program could address some of the organizational factors that lead to human error, which in turn negatively impacts the security posture of an organization.

Using PowerPoint, create a presentation that uses audio and/or slide commenting features. In your presentation, design a security awareness program pitch for the executive team of a company. The pitch should include both the human element and the organizational side of operations. Be sure to highlight the differences between intentional and unintentional threats posed by human beings and the organizational factors that impact the level of human error within an enterprise.

Specifically, the following critical elements must be addressed:

  1. Introduction: Why is it important for a company to foster awareness of andmitigate against human factors in information security?

II.           Unintentional HumanError

  1. Human/Cognitive Factors: What are some examples of human/cognitive factors that influence unintentional human error? How do these factors impact the security posture of theorganization?
    1. Psychosocial/Sociocultural Factors: What are some examples of psychosocial/sociocultural factors that influence unintentional human error? How do these factors impact the security posture of theorganization?
    1. What potential predisposed and counterintuitive behaviors are examples of unintentional humanerror?
    1. How can a company use this information to harden its securityposture?

III.           Malicious HumanBehavior

  1. Human/Cognitive Factors: What are some examples of human/cognitive factors that influence malicious human behavior? How do these factors impact the security posture of theorganization?
    1. Psychosocial/Sociocultural Factors: What are some examples of psychosocial/sociocultural factors that influence malicious human behavior? How do these factors impact the security posture of theorganization?
    1. What potential predisposed and counterintuitive behaviors are examples ofmalicious human behavior?
    1. How can a company use this information to harden its securityposture?

IV.           OrganizationalFactors

  1. How can data flow factors affect the company’s security posture? Provide examples to support yourclaims.
    1. How can work setting factors affect the company’s security posture? Provide examples to support yourclaims.
    1. How can work planning and control factors affect the company’s security posture? Provide examples to support yourclaims.
    1. Howcanemployeereadiness factorsaffectthecompany’ssecurityposture?Provideexamplestosupportyourclaims.

V.           Conclusion

  1. What is a healthy security culture? Why is it important for a company to havea healthy security culture?
    1. How can security awareness training programs promote healthy security culture in companies? How can these programs address the needs of variousstakeholders?
    1. How can security awareness training for enterprise stakeholders mitigate against unintentional human error that negatively impacts security cultures? What kinds of training or remediation strategies could be used in addressing unintentionalbehaviors?
    1. How can security awareness training for enterprise stakeholders mitigate against malicious human behavior? What kinds of training or remediation strategies could be used in addressing maliciousbehaviors?
    1. How can security awareness training for enterprise stakeholders mitigate against organizational factors that negatively impact security cultures? What kinds of training or remediation strategies could be used in addressing organizationalfactors?

Final Project Submission: Security Awareness Program Presentation

In Module Seven, you will submit your final project. It should be a complete, polished artifact containing all of the critical elements of the final product. It should reflect the incorporation of feedback gained throughout the course. This submission will be graded with the Final Product Rubric.

Final Product Rubric

Guidelines for Submission: The final project must be submitted as a presentation in PowerPoint, Prezi, or a similar program. It must use audio and/or slide commenting features. Sources should be cited in APA format.

Critical Elements Exemplary (100%) Proficient (85%) Needs Improvement (55%) Not Evident (0%) Value
Introduction Meets “Proficient” criteria, and explanation is exceptionally clear and contextualized Explains why it is important for a company to foster awareness of and mitigate against human factors in information security Explains why it is important fora company to foster awareness related to human factors but does not address the importance of mitigating against these factors, or the explanation lacks detail or is notaccurate Does not explain why it is important for a company to foster awareness of and mitigate against human factors in information security 5
Unintentional Human Error:     Human/Cognitive Factors Meets “Proficient” criteria and uses examples that are well informed and contextualized Evaluates human/cognitive factors that influence unintentional human errors with regard to how these factors impact the security posture of the organization Evaluates human/cognitive factors that influence unintentional human errors but does not connect the human errors to the impact they have on the security posture of companies Does not evaluate unintentional human/cognitive factors that influence unintentional human errors 5
Unintentional Human Error: Psychosocial/ Sociocultural Factors Meets “Proficient” criteria, and explanation is exceptionally clear and contextualized Evaluates psychosocial/sociocultural factors that influence unintentional human error with regard to how these factors impact the security posture of the organization Evaluates psychosocial/sociocultural factors that influence unintentional human errors but does not connect the human errors to the impact they have on the security posture of companies Does not evaluate psychosocial/sociocultural factors that influence unintentional human error 5
Unintentional Human Error: Predisposedand Counterintuitive Behaviors Meets “Proficient” criteria and provides relevant real-world examples to support claims Determines potential predisposed and counterintuitive behaviors as they relate to unintentional human errors by using appropriate models of human behavior Determines potential predisposed and counterintuitive behaviors as they relate to unintentional human errors but does not use the appropriate model ofhuman behavior, or the behaviors described are not related to unintentionalerror Does not determine potential predisposed and counterintuitive behaviors 5
Unintentional Human Error: Security Posture Meets “Proficient” criteria, and examples provided are well informed and contextualized Explains how companies can use information from human behavior models to harden organizational security postures Explains how companies can use human behavior models but does not relate them to hardening organizational security postures or is not accurate Does not explain how information from behavior models can be used 5
Malicious Human Behavior: Human/Cognitive Factors Meets “Proficient” criteria, and description is exceptionally clear and contextualized Describes human/cognitive factors that influence malicious human behavior with regard to how these factors impact the security posture of the organization Describes human/cognitive factors that influence malicious human behavior but does not connect how these factors impact the security posture of the organization or the information provided is not accurate Does not describe human/cognitive factors that influence malicious human behavior 5
Malicious Human Behavior: Psychosocial/ Sociocultural Meets “Proficient” criteria, and description is exceptionally clear and contextualized Describes psychosocial/sociocultural factors that influence malicious human behavior with regard to how these factors impact the security posture of the organization Describes psychosocial/sociocultural factors that influence malicious human behavior but does not connect how these factors impact the security posture of the organization, or the information provided is not correct Does not describe psychosocial/sociocultural factors that influence malicious human behavior 5
Malicious Human Behavior:Predisposed and Counterintuitive Behaviors Meets “Proficient” criteria and provides real-world examples to support claims Determines potential predisposed and counterintuitive behaviors as they relate to malicious human behavior by using appropriate models of human behavior Determines potential predisposed and counterintuitive behaviors as they relate to malicious human behavior but does not use the appropriate model of human behavior, or the behaviors described are not related to malicious human behavior Does not describe potential predisposed and counterintuitive behaviors 5
Malicious Human Behavior: Security Posture Meets “Proficient” criteria, and examples provided are well informed and contextualized Explains how companies can use information from human behavior models to harden organizational security postures Explains how companies can use human behavior models but does not connect their use to hardening organizational security postures or is not accurate Does not explain how information from behavior models can be used 5
Organizational Factors: Data Flow Meets “Proficient” criteria and provides real-world examples to support claims Describes data flow factors that influence the level of human error in companies and how these factors impact the company’s security posture Describes data flow factors that influence the level of human error in companies or how data flow factors impact thecompany security posture, but not both, or the information provided is inaccurate Does not describe data flow factors that influence the level of human error in companies 6
Organizational Factors: Work Setting Meets “Proficient” criteria, and the description is wellinformed andrealistic Describes physical work setting factors that influence the level of human errors in companies and how these factors can impact the company’s security posture Describes physical work setting factors that influence the level of human errors in companiesor how these factors impact the company’s security posture, but not both, or the information provided isincorrect Does not describe physical work setting factors that influence the level of human errors in companies 6
Organizational Factors: Work Planning and Control Meets “Proficient” criteria, and the description is wellinformed andrealistic Describes work planning and control factors that influence the level of human errors in companies and how these factorscanaffectthecompany’s securityposture Describes work planning and control factors that influence the level of human errors in companies or describes how these factors affect the company’s security posture, but not both Does not describe work planning and control factors that influence the level of human errors in companies 6
Organizational Factors: Employee Readiness Meets “Proficient” criteria, and the description is wellinformed andrealistic Describes employee readiness factors that influence the level of human error in companies and how can these factorsaffect the company’s securityposture Describes employee readiness factors that influence the level of human error in companies or how these factors affect the company’s security posture, but not both, or the information provided is incorrect Does not describe employee readiness factors that influence the level of human error in companies 6
Conclusion: Security Culture Meets “Proficient” criteria, and the explanation is based on relevant research Comprehensively explains a healthy security culture and the importance of having a healthy security culture within a company Explains a healthy security culture or explains the importance of having a healthy security culture within a company, but not both, or the information provided is incorrect Does not explain a healthy security culture 5
Conclusion: Awareness Training Meets “Proficient” criteria, and description is exceptionally clear and contextualized Explains how a security awareness training program promotes a healthy security culture in companies and addresses various stakeholder needs related to information security Explains how a security awareness training program promotes a healthy security culture in companies but does not address various stakeholder needs, or the information provided is not accurate Does not explain how a security awareness training program promotes a healthy security culture in companies 5
Conclusion: Addressing Unintentional Behaviors Meets “Proficient” criteria, and description is exceptionally clear and contextualized Explains how security awareness training for enterprise stakeholders mitigates against unintentional human error, including details about the kinds of training or remediation strategies that could be used in addressing those behaviors Explains how security awareness training for enterprise stakeholders mitigates against unintentional human error but does not include details about the kinds of training or remediation strategies that could be used in addressing those behaviors, or the information provided is not accurate Does not explain how security awareness training for enterprise stakeholders mitigates against unintentional human error 5
Conclusion: Addressing Malicious Behaviors Meets “Proficient” criteria, and description is exceptionally clear and contextualized Explains how security awareness training for enterprise stakeholders mitigates against malicious human behavior and the kinds of training or remediation strategies that could be used to address malicious behaviors Explains how security awareness training for enterprise stakeholders mitigates against malicious human behavior but does not include the kinds of training or remediation strategies that could be used to address malicious behaviors, or the information provided is not accurate Does not explain how security awareness training for enterprise stakeholders mitigates against malicious human behavior and the kinds of training or remediation strategies that could be used to address malicious behaviors 5
Conclusion: Addressing Organizational  Factors Meets “Proficient” criteria, and description is exceptionally clear and contextualized Explains how securityawareness training for enterprise stakeholders mitigates against organizational factors that negatively impact security cultures and includes details related to the kinds of training or remediation strategies that could be used in addressing organizationalfactors Explains how security awareness training for enterprise stakeholders mitigates against organizational factors that negatively impact security cultures but does not include details related to the kinds of training or remediation strategies could be used, or the information provided is not accurate Does not explain how security awareness training for enterprise stakeholders mitigates against organizational factors that negatively impact security cultures 5
Articulation of Response Submission is free of errors related to citations, grammar, spelling, syntax, and organization and is presented in a professional and easy to read format Submission has no major errors related to citations, grammar, spelling, syntax, or organization Submission has major errors related to citations, grammar, spelling, syntax, or organization that negatively impact readability and articulation of main ideas Submission has critical errors related to citations, grammar, spelling, syntax, or organization that prevent understanding of ideas 6
Earned Total 100%
 
"Looking for a Similar Assignment? Order now and Get 10% Discount! Use Code "Newclient"