Develop Security Awareness Brochure

Now that the pressing recommendations are complete, you also need to address the educational brochure that
John will be presenting to the board for review. Develop and submit a two-page (one-page, front and back)
brochure that will be used to educate your organization on the important concepts you defined and identified
in Steps 1 and 2, as well as communicate the policies and procedures necessary to implement the
recommendations you developed in Step 13. Your brochure should explain each concept, describe examples
that will be familiar to your organization in common terms, and share tips on how individuals can contribute
to improving the security of information and networks in your organization (Boeing)
Step 1. Vulnerabilities, threats, and risks are important to understand in order to evaluate and ultimately
improve security posture by mitigating risks. Your organization’s security posture will determine its
cybersecurity policies. Assessing risk is key in this process. Define vulnerability, threat, and risk. Consider
their relationship to one another and how they relate to the security of networks and data. You will use this
information to complete your vulnerability assessment and to develop the educational brochure for your
workforce. (Review Programming, Systems Software, Application Software and Software Interaction if you
do not already have a working understanding of these topics.)
Step 2. In Step 1, you familiarized yourself with the concepts of vulnerability, threat, and risk. You now
understand their relationship to one another and how they relate to security. In this step, you are going to
identify at least two examples of a vulnerability, two examples of a threat, and two examples of a risk in each
of the following categories:
technology
people (human factors)
policy
Step 13 You should identify a minimum of eighteen examples. This will assist you in conducting the
vulnerability assessment and developing the educational brochure. (Review Basic Elements of
Communication and Computer Networks if you do not already have a working understanding of these
topics.)
our presentation will also need to consider an overall security strategy. Develop the overall way forward for
your company that includes an explanation of the current security environment in your organization,
identification of security vulnerabilities and threats, explanation of attack vectors, and recommended
solutions. Refer specifically to the information prepared in Steps 4 through 12. Your recommendations must
meet the following criteria:
coincide with IT vision, mission, and goals
align with business strategy
incorporate all internal and external business functions within the organization’s security program
create an organizational structure, if it does not already exist, to operate the security program and align it
with the entities of the organization as a whole
include a rough implementation plan
evaluate the effectiveness of the security program
These recommendations will be the focus of your presentation.