Author:
Onyinyechukwu Ujah ,Miriam Duru ,Samuel Akinola
Abstract
Grayson Insurance, as the name suggests, is an insurance company, which operates in the U.S and all across Europe. In recent weeks, we conducted an assessment on some of the cybersecurity policies that affect our company, including the Federal Information Security Management Act (FISMA) and the General Data Protection Regulation (GDPR). This was followed by conducting a risk assessment on some of the most important information assets that Grayson Insurance uses, including customer data, employee information, patient medical records, and company information. Some of the vulnerabilities that were uncovered from the assessment include phishing attacks, insider threats, data breaches through cyberattacks, and intellectual property theft. The next step is to come up with a Strategic Cybersecurity Plan that is aligned with Grayson Insurance’s business and IT priorities.
Reference16 articles.
1. Alkhalil, Z., Hewage, C., Nawaf, L., & Khan, I. (2021). Phishing attacks: A recent comprehensive study and a new anatomy. Frontiers in Computer Science, 3, 563060.
2. Alshaikh, M. (2020). Developing cybersecurity culture to influence employee behavior: A practice perspective. Computers & Security, 98, 102003.
3. Cardona, P., & Rey, C. (2022). Management by missions: Connecting people to strategy through purpose (p. 156). Springer Nature.
4. Da Veiga, A., Astakhova, L. V., Botha, A., & Herselman, M. (2020). Defining organisational information security culture—Perspectives from academia and industry. Computers & Security, 92, 101713.
5. Det Norske Veritas. (n.d.). The three-pillar approach to cyber security: Data and information protection. Retrieved from https://www.dnv.com/article/the-three-pillar-approach-to-cyber-security-data-and-information-protection-165683#:~:text=Confidentiality%20in%20this%20context%20means,not%20have%20access%20to%20them.