Before you begin read
Our class focuses on integrating many different aspects of cybersecurity, information security, and information assurance. Recent developments in the field of cybersecurity have resulted in a number of “maturity models” which can be used by external assessors to evaluate the maturity level of an organization’s cybersecurity management program.
You will need to research the Department of Energy’s Cybersecurity Maturity Model and then compare it to the NIST Cybersecurity Framework and other frameworks listed in the course readings. After you have done so, write a position paper in which you recommend a cybersecurity framework or maturity model as the basis for assessing the cybersecurity program for Padgett-Beale Financial Services. Assessments will be performed on an annual basis beginning one year after the company launches its new operations.
What approach should the organization take in developing the Cybersecurity Management program? (What standards or frameworks should be used?)
What laws and regulations must be addressed by the Cybersecurity Management Program in a financial services firm?
What are the best practices that should be put into place to assess the maturity of PBI-FS’s cybersecurity management program?