The MVP volunteering event that I participated in during my internship was a great example of the principle mutuality.
Everyone is always smiling and you can tell that they love their job and they love working for Mars and that is not always common for people to love their job and the atmosphere.
Many people talked about all of the different roles they have had with Mars.
If the company experiences some type of data breach, the company’s brand could be affected and it could hurt them financially.
From a lunch and learn with Paul Ryan I learned that it is important to be flexible with everyone when working for a global team and they will be flexible with you. He gave the example of staying late at work to have important meetings with people from Europe.
My projects varied every single day and it made the job interesting because I never got bored doing the same exact thing and this actually broadened my knowledge about IT security while doing these tasks.
Every Tuesday the governance team meets and they talk about any issues or updates that may have occurred recently. This keeps everyone up to date with all that is going on and brings items to the table that may need to be discussed.
Here are all the different program pillars that I touched on during my experience.
These are some screen shots of a power point that I created to explain a bubble chart which looks just like the one at the bottom of the screen. The bubble chart is a way to show some risks the company may be experiencing. Each bubble is a certain category and their size and location depends on the risk level and the impact of high level risk on Mars. It took me a while to understand this chart and to be honest, I still do not completely understand it!
Another major project I worked on was sorting through all of the risk forms and assigned each one to a NIST standard. Which is the cyber security framework that Mars follows. This was a more difficult task because of the technical terms used in the risk forms, but I did get a better understanding of the NIST framework. A couple weeks ago Kate and I met with individuals to discuss risk forms they have submitted to see if they are still valid. Service now is the application that is going to be launched soon, and it is where associates are able to upload a risk form. It is more organized than the application used now and there are more tools within the application such as the Risk reports that will be talked about.
For this project, I had to research companies who have experienced data breaches and how much it costed the company as a whole. It was difficult to find some of the information but for the most part, it was all available online. This information was needed to show associates examples of what could happen to Mars if we experience a large data breach.
This is some of the research I did that was presented to the audit committee chairmen. To touch on some of the topics, I learned that insider threats are a major threat to companies today and some cases are intentional and some are accidental. This is why security awareness is important for all Mars associates. Cyber crime was the most common security industry trend that I found and it has hurt many large companies. It is definitely something to be aware of everyday.
Greg created this excel sheet to send out to individuals to test out different domain names that could trick people. It will help him determine how quickly associates look at domain names before clicking on a link.
I sent this excel sheet out to all the other interns to see how they reacted to the different URLs.
Here are screen shots of the detailed RMS Instructions document that I created. RMS is a way to protect data when it is sent out. RMS enables you to give the recipient unlimited access to the document or you can limit their access. From completing this document I learned how to of course use RMS and I learned how to screen shot on a PC and then turn it into an organized document.
This past week I have been running different risk reports in service now and this is an example of one of the reports that I ran. This report is only information from 15 risk forms but it is showing the estimated cost of remediation to the asset layers which are shown at the bottom of the table.
I have always been apart of a team my whole life, but it has been on a sports team. I learned that my teamwork capability has helped me with my internship this summer and it made me realize I enjoy working in a team setting.
I did not have much background in IT and I honestly did not know hardly anything about it. This internship broadened my knowledge about IT security and it made me more interested in it. I eventually would like to get some sort of Computer Science degree to help me with my future career path.
My mom always said how great of a company it was but I thought ya ya mom you love your company until I actually starting working for Mars. They care so much about their associates and they provide them with many great benefits. Many company’s focus on profit profit profit but this company cares about so much more and the five principles really proves it all. In conclusion I am thankful for the opportunity I have had here at Mars and I would love to return after I graduate as a full-time associate.
