Writing Assignment Week Three
Building off the discussion for this week, we’ll consider a particular type of challenge associated with the Asset Management and Business Environment categories of the Identify Function in the NIST Cybersecurity Framework. The challenge I’d like you to focus on is that of Bring Your Own Device (BYOD) policies where employees are permitted to use their own personal devices to conduct business, sometimes even utilizing the company’s network.
Need answer to this question?
Order an original paper Now!
We’re giving you a 15% discount on your first Order.
Discount Code: SKILNEW15
Use the above discount code during checkout
The Cybersecurity Center of Excellence provides some guidance on how to approach BYOD policies: https://www.nccoe.nist.gov/mobile-device-security/bring-your-own-device. Consider the guidance provided by the Center of Excellence and any other source and then think about the impact BYOD policies would have on evaluating Asset Management and Business Environment within an organization. As a reminder, the Cybersecurity Framework defines those terms as:
Asset Management (ID.AM): The data, personnel, devices, systems, and facilities that enable the organization to achieve business purposes are identified and managed consistent with their relative importance to organizational objectives and the organization’s risk strategy.
Business Environment (ID.BE): The organization’s mission, objectives, stakeholders, and activities are understood and prioritized; this information is used to inform cybersecurity roles, responsibilities, and risk management decisions.
Again, apply these considerations to the business you currently work for or the business type you are most interested in (perhaps a business you hope to work for in the future). The sub-categories of each of the above categories can help to frame your response. In an essay of at least one, but no more than two pages long provide your analysis of how BYOD policies would impact that business in their effort to conduct an evaluation of their cybersecurity program. (This may require researching outside sources, please make sure to cite any outside material.)
Essays should be Times New Roman, 12 pt font, double-spaced, and make sure to cite as needed.