Essay<\/p>\n
The following is fictional. Assume that an executive at Big Employer, Inc., which recruits at Lake Michigan College and other public and private universities, recently met with the leadership of Lake Michigan College and said the following:<\/p>\n
Problem Statement<\/p>\n
\u201cWe have a bleeding-at-the-neck problem that I hope you can help us with. We are under daily attack from threat actors who aim to compromise the security of our networks and data. The costs of remediating the effects of these attacks are intolerable. We know that we can’t prevent all of these attacks, but we must find a way to reduce their incidence.\u00a0<\/p>\n
An Ounce of Prevention is Worth a Pound of Cure<\/p>\n
\u201cWe know that most of these attacks originate with behavioral breaches. Indeed, spear phishing attacks are the most common causal agent of advanced persistent threats (APTs). APTs are harmful in terms of operational costs (e.g., expenses associated with conducting forensic analyses; reconfiguring, rebuilding and re-populating databases; hiring lawyers and consultants to help us provide timely, compliant notices to our customers, etc.). But those operational costs represent only about 25% of the total costs of these breaches. That’s because strategic costs (e.g., damage to our reputation and the knock-on adverse effects on revenues and margins; higher financing costs, etc.) represent about 75% of the total costs of these breaches.<\/p>\n
\u201cWe know that we can’t stop all APTs, but we must find a way to reallocate our cybersecurity budget to emphasize the remediation of APTs. To do that, we must find a way to reduce the incidence of behavioral breaches, so that we can spend less money there and more money on APTs. The maddening thing is that most of those behavioral breaches are predictable and\u2014we think\u2014preventable. You know, \u2018an ounce of prevention is worth a pound of cure?\u2019<\/p>\n
Cyber Risk Ready on Day One<\/p>\n
\u201cA big part of the problem is that too many of our new hires are not ‘cyber-risk-ready’ on Day One. So, shame on us for not screening for that in our interviewing and recruiting process. That. Stops. Now. Henceforth, in our interviewing and recruiting practices, we will favor those candidates who can demonstrate some threshold level of cyber hygiene, and we will not interview those who candidates cannot. We assume that you at Lake Michigan College have a program, or at least an initiative, for providing behavioral cybersecurity training to your students, right? I mean, in the UK, that’s standard at all universities, so universities in the US must have a similar initiative, right…? I’ll take your silence as a ‘no.’ This could be an opportunity for you to distinguish yourself from rival universities, yes?<\/p>\n
Invitation to Collaborate with Lake Michigan College College of Business<\/p>\n
\u201cMoving on\u2026we’d like to collaborate with you to design and develop a program by which students who wish to interview for jobs with our company (and with other companies like ours; maybe we should invite them into this collaboration?) can demonstrate\u2014preferably with a regime of stacked certifications\u2014that they are demonstrably cyber-risk-ready on Day One. Are you interested in such a collaboration? We hope so, which is why we\u2019re coming to you first. But if you\u2019re not interested, we\u2019ll proceed down the list of the names of other universities who we think might be interested in this kind of collaboration. How do you propose we proceed?\u201d\u00a0<\/p>\n
\u00a0Lake Michigan College Response and Plan for Collaboration<\/p>\n
\u00a0Assume that the Lake Michigan College leadership turns to the College of Business and its department of computer science and asks them to develop a response to Big Employer, Inc.\u2019s request for a collaboration. Dr. Smith notes that the department of computer science anticipated this situation in the fall of 2019 by asking this question: <\/p>\n
What might behavioral cybersecurity training for higher education in the US look like?<\/p>\n
Dr. Smith observes that he worked with students to create prototype information technology (IT) artifacts as a proof-of-concept for training in behavioral cybersecurity for higher education in the <\/p>\n
Questions <\/p>\n
Please write an essay in which you answer the following:<\/p>\n
Drawing from your work and study experience, please state three cyber hygiene requirements that you anticipate employers will look for in assessing whether a job candidate is “Cyber Risk Ready on Day One.”\u00a0 Please explain why these requirements are relevant not only to employers, but also to Lake Michigan College , whose information systems you use as a student. Your reasoning should draw from the lessons in which we explored fundamentals of cybersecurity (e.g., user authentication; access control, cryptography essentials, protecting physical assets and infrastructure, risk assessment, HR security issues, legal and ethical issues). Minimum 500 words.<\/p>\n
Please summarize how you would design a cybersecurity training program that would satisfy those requirements. I realize that you\u2019re not trained in instructional design. That said, by now, you have lots of experience using technologies (e.g., Canvas and Zoom) as an online learner, and that experience has informed your views. Your answer should reflect those views. Minimum 200 words.<\/p>\n
Please indicate how you could contribute to the design and development of that training program, and how doing so might advance your profile as a job candidate who is cyber-risk-ready on Day One. Minimum 300 words.<\/p>\n","protected":false},"excerpt":{"rendered":"
Essay The following is fictional. Assume that an executive at Big Employer, Inc., which recruits at Lake Michigan College and other public and private universities, recently met with the leadership of Lake Michigan College and said the following: Problem Statement \u201cWe have a bleeding-at-the-neck problem that I hope you can help us with. We are […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[10],"class_list":["post-78239","post","type-post","status-publish","format-standard","hentry","category-research-paper-writing","tag-writing"],"_links":{"self":[{"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/posts\/78239","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/comments?post=78239"}],"version-history":[{"count":0,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/posts\/78239\/revisions"}],"wp:attachment":[{"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/media?parent=78239"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/categories?post=78239"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/tags?post=78239"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}