- Create a cybersecurity policy describing the principle, the objective, and policy statement for the law firm’s company network.
- Describe the roles and responsibilities by groups (e.g., position director of network security, the network security manager, network security engineers, IT area), defining roles and responsibilities.
- Suggest the cybersecurity policy statement, an explanation of the policy statement, and the reasons why the policy statement may be controversial.
- Determine the security testing methodology you would use to facilitate the assessment of technical controls.
Use Microsoft Project, or an open source alternative such as OpenProj, to create a security project plan for the law firm. The project plan should include:
- Tasks, subtasks, resources, and predecessors.
- An outline of the planning, analysis, design, and implementation phases.
- The use of cybersecurity in the information systems development life cycle.