Final ePortfolio Submission

• DISCUSSION BOARD: Protecting Availability

In this discussion board, you are the CISO for a publicly traded company. What protections would you implement to ensure availability of your systems (and why)?

As the Chief Information Security Officer (CISO) of a publicly traded company, I make sure our systems are designed with redundancy to eliminate single points of failure. This measures allow us to maintain operations even in the face of hardware failures or regional disruptions. additionally I maintain a comprehensive disaster recovery plan to ensure we can quickly recover from cyber incidents, natural disasters, or technical failures. Here is what I will about the why? To protect against cyber threats, I deploy DDoS mitigation services, web application firewalls (WAFs), and content delivery networks (CDNs) to prevent large-scale attacks from disrupting services. Additionally, I enforce Zero Trust security, requiring least privilege access, multi-factor authentication (MFA), and network segmentation to prevent unauthorized changes or breaches. Continuous monitoring and incident response are key, so I maintain a 24/7 Security Operations Center (SOC), SIEM logging, and automated threat detection to identify and mitigate risks before they impact availability. I also conduct regular failover tests and tabletop exercises to validate our readiness.

Finally, I ensure compliance with SOX, SEC, and ISO 27001 regulations, conduct third-party risk assessments, and enforce employee security training to mitigate insider threats.  I ensure that our company remains resilient, operational, and secure under all circumstances.

• In Class Exercise : Mr Neal Miller

Mr Neal Miller, ex Naval pilot veteran for the United states appeared in class today to talk about
his experiences in the workforce and his upbringing from college. This is a great opportunity for
students to learn about public service and ask questions about careers in government.
As Mr. Miller started talking, the three most important things I took from his moment
with us were very important. Firstly, he said Cybersecurity was once a safer environment, but
achieving zero risk has always been nearly impossible. Next, Protecting sensitive information,
like banking details, is crucial, never share it with anyone. As you enter the workforce, don’t
assume you’re starting from the bottom; instead, take a hands-on approach to learning and
problem-solving. Finally, have a clear direction—decide whether your priority is financial
success, career growth, or a specific industry, and guide yourself accordingly.
In today’s evolving digital landscape, cybersecurity requires vigilance, adaptability, and a
proactive mindset. Protecting personal information, taking initiative in the workplace, and setting
clear career goals are key to long-term success. By staying informed and making intentional
choices, you can navigate both the cyber world and your professional journey with confidence.

• Write Up – The Human Factor in Cybersecurity 

The Human Factor in Cybersecurity
Bluf: With this subject I would give limited funds, I would allocate 30-40% for employee
training to address human error and raise awareness about common threats, while dedicating
50-60% to essential cybersecurity technologies like firewalls, endpoint protection.
Balancing the decision between investing in training and cybersecurity technology is
crucial for organizations with limited funds. Both are vital for strong cybersecurity, though they
serve distinct functions. Ideally, businesses should distribute their resources to maximize the
overall effectiveness of their cybersecurity efforts. I believe a portion of your budget should be
allocated to regular cybersecurity awareness training for all employees.
In conclusion, effectively balancing investments in training and cybersecurity technology
is essential for any organization, especially when operating with limited resources. Both
elements play a crucial role in safeguarding the organization from cyber threats, with training
focusing on minimizing human error and technology providing automated defenses against more
sophisticated attacks.

Discussion Board: Opportunities for Workplace Deviance

• How has cyber technology created opportunities for workplace deviance?

Humans deal with psychological events that can be traumatic or memorable when growing up, and this can carry over to adulthood. A traumatic past can lead to deviant behavior, which will become a risk for the individual and the organization. If they have experienced deviant behavior, then using technology as a tool is an extension of their capabilities. Additionally, harassment and bullying in the workplace can take on new forms and dynamics due to the rise of cyber technology, which provides employees with tools to communicate and collaborate digitally.