CMAP 605: | Computer Science

Unit8AssignmentDirections_Project3_PaperforCybersecurityConferenceINSTRUCTION.html Unit 8 Assignment Directions: Project 3: Paper for Cybersecurity Conference Read the scenario and then write a white paper that follows all the steps listed below. For more information on writing white papers, visit the UMGC Library Writing Center. Scenario Your company requires you to present a white paper at a cybersecurity conference. The conference can be local, national, or international (e.g., InfoSec World, IEEEs Symposium on Security and Policy, or National Cyber Summit). The following outlines the steps necessary to create a white paper focusing on ransomware security planning and risk management for a specific company that has been attacked. Steps Research: Review recent ransomware incidents, responses, and outcomes. Choose one company within an industry (e.g., healthcare, finance, education, technology, services, or retail) that has been attacked (e.g., the ICBC Bank attack in 2023). Paper Structure: Abstract (100-150 words): Briefly summarize the paper's purpose and key points. Current State/Risk Analysis: Discuss your chosen company by providing details about the company including its mission statement, status as a private or public entity, its size, and any global considerations. Discuss the growing threat of ransomware with statistics. Analyze the vulnerabilities to ransomware of your chosen company's industry. Explain the specific ransomware attack on your chosen company. Security Requirements: Describe, if possible, the security mechanisms the company had before the attack. Recommend three significant security goals for the company based on industry standards. Address the CIA triad (Confidentiality, Integrity, Availability) for the company. Recommended Controls: Explain specific controls to implement for each security goal you listed. Accountability: Assign security plan responsibilities to specific company departmental or team titles (for example, the incident response team). Discuss employee roles and responsibilities within the security plan. Timetable: Provide a general timeline for implementing the security plan. Maintenance: Discuss how often to review the plan and update equipment/software. Briefly mention any employee training and management support required for the security plan. Legal Considerations: Discuss intellectual property and employee/employer rights related to the security plan. Identify a relevant law (e.g., HIPAA) the company should consider. Ethical Concerns: Discuss the use of AI and its impact on the plan. Address ethical concerns with employee monitoring, whistleblowing, and privacy. Policy Examples: Generate at least three security policies and provide justifications for each. Briefly discuss policy-enforcement methods. Conclusion: Summarize your proposed security plan for the chosen company. Requirements Your paper should be 10—12 pages in length not including the title page or references. Include: A Title page, with your name An Abstract on the second page A References section Ensure you have used professional wording and have written with clarity for the client in mind. Use in-text citations in the paper to support your points. Follow APA 7 format for the entire paper, including references and citations. Submission Review the Unit 8 Project 3 Grading Rubric to understand how you will be assessed on this assignment. Due Tuesday by 11:59 PM ET. © 2025 University of Maryland Global Campus All links to external sites were verified at the time of publication. UMGC is not responsible for the validity or integrity of information located at external sites. RubricforCMAPAssign8Project3PaperforCybersecurityConference.docx Criteria Exceeds Expectations Meets Expectations Approaches Expectations Needs Improvement No Submission Criterion Score Requirements 60 points Includes all (100%) required components, as specified in the assignment. 40 points Includes most (75%) components, as specified in the assignment. 20 points Includes some (75%) components, as specified in the assignment. 10 points Is missing more than 75% of components required in the assignment. 0 points No submission. Score of Requirements, / 60 Content 60 points Demonstrates strong knowledge of the materials; correctly represents knowledge from the readings and resources. 40 points Demonstrates adequate knowledge of the materials; mostly represents knowledge from the readings and resources correctly. 20 points Demonstrates a major lack of knowledge of the materials or misrepresents the readings and resources. 10 points Fails to demonstrate knowledge of the materials. 0 points No submission. Score of Content, / 60 Critical Analysis 40 points Provides a strong critical analysis and interpretation of the information given. 20 points Provides an adequate analysis and interpretation; some significant but not major errors or omissions occur. 10 points Provides only surface analysis and interpretation, and major errors or omissions occur. 5 points Fails to provide critical analysis, and no interpretation of the information given. 0 points No submission. Score of Critical Analysis, / 40 Sources / Examples 20 points Sources meet the requirements set forth in assignment and support the project. 10 points Sources meet requirements but only adequately support the project. 8 points Sources meet requirements but poorly support the project. 5 points Sources do not meet the requirements. 0 points No submission. Score of Sources / Examples, / 20 Evidence of Skills 20 points Demonstrates mastery of risk management skills. 10 points Meets expectations in risk management skills. 8 points Approaches expectations of risk management skills. 5 points Needs improvement in demonstrating understanding of risk management skills. 0 points No submission. Score of Evidence of Skills, / 20 Total Score of Unit 8 Project 3 Rubric, / 200 Overall Score Exceeds Expectations 200 points minimum Meets Expectations 120 points minimum Approaches Expectations 66 points minimum Needs Improvement 35 points minimum No Submission 0 points minimum