The major project will be the creation of a business security plan. This project may be done as a group project (max of 2 people). The project will include at least 30 pages of content paper and final presentation. The student will take a company and create a sample security plan which will include recommendations on policies and practices, business continuity, incident response plan, an ethical hacking exercise and appropriate training based on industry standards.
It is a business proposal. Think of me as a customer. It has to be written to show that the team are experts, otherwise, I would not hire you. In business, I want you to demonstrate that you could be a good partner. I want to have you include what the customer should o to prepare. You want to help the customer spend his money, time and resources wisely. This project and the final are the main determinants of the course grade.
- Policies – samples or areas that they should include
- Procedures – what are best of breed
- What standards do you suggest following
- Testing – Penetration testing – both internal and external. What tests, what do you expect to find, how would you fix it
- Training – what training would you offer to employees (needs details and action plans)
- Expectations – What would you suggest for the customer to do to prepare for the evaluation