Develop a research report or implementation plan concerning legal ethical best practices and mandated requirements that pertain to information security.
I discuss the 12 principles of security (There is no such thing as absolute security, CIA, Defense in Depth, Security=Risk Management, Security controls, and complexity is the enemy of security)
I discuss the framework PDCA (Plan Do Check Act) which was made by William Edwards. This framework is used for continuous improvements through planning, studying, and implementation
In this paper, I go into HITECH (Health Information Technology for Economic and Clinical Health) which was introduced by the Obama administration and encourages health care providers to adopt electronic health records and improved privacy and security protections for healthcare data
I talk about security awareness and how organizations train their employees to be better protected from cybercrime (which improves operational security/better protect your organization)
I discuss the framework OCTAVE - which is used for identifying and evaluating information security risks. I discuss the three phases of OCTAVE and then talk about how organizations and start implementing this framework
|
This presentation discusses NIST SP 800-115. The purpose of which is to assist organizations in planning and conducting technical information security tests and examinations, analyzing findings, and developing mitigation strategies
In this presentation, I talk about a security program that I created. Within the program, I go into topics like User-training, physical security, risk management, Security access controls, password policies, Network defense, Encryption, Incident response, and BCDR
|