CYB 405 Wk 5 Discussion

0 items
CYB 405 Wk 5 Discussion
CYB 405 Wk 5 Discussion
$3.00
Go to the store page
  • Description

CYB 405 Wk 5 Discussion

Post a total of 3 substantive responses over 2 separate days for full participation. This includes your initial post and 2 replies to classmates or your faculty member.

 

Due Thursday

Respond to the following in a minimum of 175 words:

 

Option 1

NIST SP 800-30 and ISO 27005, which you read about this week, both offer versions of a risk assessment model.

Describe the process a CISO would use to help the company decide which risk assessment model to use considering the February 2013 Executive Order 13636, Improving Critical Infrastructure Cybersecurity.

 

Option 2

A plan of action and milestones (POA&M) is a living, historical document that identifies tasks that need to be created to remediate security vulnerabilities. The goal of a POA&M should be to reduce the risk of the vulnerability identified.

Describe some of the common challenges with developing and maintaining a POA&M from the standpoint of a CISO versus a CIO.

 

Due Monday

Post 2 replies to classmates or your faculty member. Be constructive and professional.