Nist SP 800 50 Building an Information Technology Security Awareness and Training Program Term Paper

Open, View, and/or
Download this Document

Total Length: 1013 words ( 3 double-spaced pages)

Total Sources: 2

Page 1 of 3

Sequential Label and Supply

nist sp 800-50, "Building an Information Technology Security Awareness and Training Program"

Sequential Label and Supply

After a recent failure of the computer systems at Sequential Label and Supply, it has become clear that current security provisions are inadequate

The IT security team is under-funded and understaffed

There is a lack of respect for the IT team

Problems are dealt with as they present themselves rather than are anticipated and prevented

Agency IT security policy

At present, there is no formal security policy and problems tend to be addressed on an ad hoc basis. For example, when a disc brought in by an employee infected all of the computers with a virus, the ability to use such software was disabled: no fundamental reforms were made

Awareness

There is a need to create a consistent, coherent security policy for the entire company, in all roles

Objectives include employee education and the development of a comprehensive security program to insure all employees act responsibly in regards to IT

Recent attacks to the company have placed it on high alert, although there remains a demonstrated reluctance to invest in IT security

Review and updating of materials and methods is required ASAP, as is a company-wide meeting on the topic of security; however training and education of all employees must be integrated into the regular schedule and standard operating processes of the company

Training-education

Role 1: Executives and managers

Learning Objectives

Both executives and managers must understand that IT security is not something that can be confined to the IT staff alone, but must be a pervasive, company-wide effort

Focus Areas

Evaluating priority areas using cost-benefit analysis

Methods/Activities

Education about best practices for IT security can be disseminated through meetings, but also through online and software-based training

Education in both formal and informal capacities (through disseminated articles and personal briefings when necessary) must be a continual effort, particularly given the fact that this group of employees seems to give low priority to security and view it as the IT staff's problem

Schedule

In addition to meeting with the group as a whole, regular briefings should be given on a formal basis about changes in IT security policy.

Stuck Writing Your "Nist SP 800 50 Building an Information Technology Security Awareness and Training Program" Term Paper?

View All Our Example Nist SP 800 50 Building an Information Technology Security Awareness and Training Program Term Paper

Have A Custom Example Essay Written

Also, informally through emails and company bulletins, the importance of good IT best practices and precautions should reinforced

Evaluation Criteria

Performance can be regularly monitored in regards to IT use to ensure employees are following protocols as well as are meeting the criteria for their job performance (such as a receptionist 'closing' a call swiftly)

Regular questionnaires to evaluate knowledge of staff on IT security

Role 2: IT security staff

Learning Objectives

To create a holistic security plan for the organization which still allows the organization to function effectively

Focus Areas

Instead of 'fixing' problems after they occur, preventative maintenance must be better integrated into the company's standard operating procedures

Methods/Activities

IT staff must monitor and track 'regular' computer activities to compare them against suspicious patterns of use (such as late-night logging in)

Regular simulations of possible attack strategies….....

Show More ⇣

     Open the full completed essay and source list


OR

     Order a one-of-a-kind custom essay on this topic


sample essay writing service

Cite This Resource:

Latest APA Format (6th edition)

Copy Reference
"Nist SP 800 50 Building An Information Technology Security Awareness And Training Program" (2013, September 24) Retrieved May 6, 2025, from
https://www.aceyourpaper.com/essays/nist-sp-800-50-building-information-technology-97361

Latest MLA Format (8th edition)

Copy Reference
"Nist SP 800 50 Building An Information Technology Security Awareness And Training Program" 24 September 2013. Web.6 May. 2025. <
https://www.aceyourpaper.com/essays/nist-sp-800-50-building-information-technology-97361>

Latest Chicago Format (16th edition)

Copy Reference
"Nist SP 800 50 Building An Information Technology Security Awareness And Training Program", 24 September 2013, Accessed.6 May. 2025,
https://www.aceyourpaper.com/essays/nist-sp-800-50-building-information-technology-97361
   

Open, View, and/or
Download this Document
order custom essay example