Assignment Task:
Create a graphic representation of selected Cybersecurity controls for each category (including at least two of each sub-type) and how they fit into each step i the overall risk management framework for Hoyas Inc. This would be a high-level briefing tool to quickly bring Hoyas Inc. executives up to speed on current efforts. At minimum, depict the type of control, asset it protects, and related step in the risk management framework (i.e. monitoring, etc.)
Company background:
Hoyas Inc. Team Project
Welcome to Hoya's Inc., the course's hypothetical business, Hoyas Inc. Throughout this course you and your project team will track how the module information applies to Hoyas Inc. and will have 3 iterative assignments culminating in a final risk management framework assessment at the end of the semester. Project teams should take lessons learned from each step and incorporate them into their final plan.
Established in 1789 as a small, regional business in the Washington DC area.
This enterprise is now a major manufacturer of technical devices and innovation. It is still primarily based in Washington, DC, but operates transnationally and has relationships with several international suppliers. It also has a few sensitive government contracts.
Given its long history, Hoyas Inc has numerous legacy computer/network systems as technology was incorporated in layers as the business grew through time. Further, its suppliers and overseas offices have some legacy systems.
Circa mid-2020, Hoyas Inc began allowing at least half of its employees to work remotely.
Hoyas Inc uses two major cloud service providers.
Hoyas Inc has its own cybersecurity department, including an active Security Operations Center, but has no current threat intelligence unit.
Hoyas Inc. recently initiated a program to provide many workers in sales and management with mobile phones.
Hoyas Inc. operates a corporate website and has several online payment methods for customers and partners.
Enterprise goals include further global expansion into markets with its technical offerings.
Risk management framework was last updated in 2019.