SlideShare a Scribd company logo

CCCS 452 Security Program Architecture And Engineering.docx

Download as DOCX, PDF
W
write31

course material

Education
1 of 8
CCCS 452 Security Program Architecture And Engineering Answer: Introduction: ABC Pvt Ltd has been operating locally and providing services to its customers. The organization is entrepreneurial with 5 HR, 10 admins and 20 engineers. The paper briefly discusses the development of an Email and Malware Awareness and Training Program for the organization to minimize the risks and provide security to public data. Risk Assessment: Emails are one of the central modes of communication in the organization. Thus, criminals are finding new ways to breach the security of the company by using malicious emails. The threat of using email might lead to delivery of malware by spams. Emails are often gateway to phishing leading to theft of credentials (Miranda, 2018). Emails with malware can lead to unidentified control facilitating unethical access to confidential information about employees and admins and disrupt the access to resources by Engineering department (Cuchta et al., 2019). Email spoofing enables criminals or malicious programs to falsify sender information. These problems can be mitigated by using a secure and robust mail server and client with proper authentication and periodic testing of security. The risks from emails can be vastly reduced by implementation of an email and malware awareness and training program. Outline Awareness And Training Program: Email and Malware Awareness and Training Program (EMATP) held in of ABC Pvt Ltd will help the employees gain a deeper understanding about the impact of breaches in security and malware attacks through email communication (Sharma & Bashir, 2020). The online awareness training comprises of step-by-step procedures by starting with a basic test about emails and uses and importance to determine their preliminary knowledge. The staffs are trained by using online lessons and courses that help in understanding the ways to mitigate email threats. The importance of reporting and follow ups for malicious mails are taught (Hwang et al., 2021). Games and random tests are organized to evaluate the results of learning from online classes. The staffs are made familiar with the best practices, rules and
protocols for secure email communication reducing job stress and increasing resilience (McCormac et al., 2018). Certifications are handed out at the end to certify the staff about their levels of understanding on the importance of protection from harmful emails and malwares for the benefit of the organization. Training Module: Activities Target Audience HR ADMIN Engineering Initial Basic test Yes email security email management and administration
email security implementation Online Presentation 95 % participation security breaches, phishing problems identity theft, email spoofing, unidentified control. Risks hampering workflow. Online video meetings 85% participation mitigate email attacks control access and network security
email security and malware protection. Online training 90 % participation Secure HR from specific threats. user authentication, information protection, ransomware implementation of procedures for email and malware security. Games 100 % participation Simple phishing simulation Spam awareness and network protection games Platform to create their own email security procedures
Random tests 95% participation email security user authentication. email security implementation, Certification 100% participation certificate for HR. certificate for Admin. certificate for Engineering.
Challenges: The program had to reach all the HR, Admin and Engineering staff of ABC Pvt Ltd but there were few challenges that it had to overcome. The program implemented uses the latest and most valuable information about cybersecurity awareness and training the employees to deal with the current threats and attack techniques as most cybersecurity contents gets outdated fast (Aldawood & Skinner, 2019). Every employee needed to participate thus all activities are carried out online within quick intervals not making the program burdensome for the employees and easier program administration. The inclusion of games made the procedure fun to learn and harder to forget (Scholefield & Shepherd, 2019). The program was designed to generate interest of the staff toward learning about email protection as most of the corporate communication are done through emails. The program is tailored to teach the employees and generate a culture for the need of security in emails. Policy And Guidelines: The policies and guidelines for EMATP in ABC Pvt Ltd helps in successful execution of the steps of programs and provide constant guidance to awareness toward email and malware protection. The policy states that all the members of the organization have to attend the program at their time of convenience. The training will be provided both online and offline, just like the games and tests conducted. The records from the test will be distributed individually along with the certificate of level of understanding of email security (Santos, 2018). The policy of the program requires the program to be technologically updated and use the learning from the latest security breach and malicious attacks (Hu, Peng & Wang, 2018). The policy focuses on the best practices towards email security (Ponsard & Grandclaudon, 2019). The certificates are provided by third party organization and it gives company a different view towards the results and analysis. Thus, the policies and guidelines make the program rigid and important to be implemented in the organization (Hwang et al., 2021). Evaluation: EMATP in ABC Pvt Ltd provides training for the staff to develop a deeper understanding about the necessity of protection from malicious emails. With the latest technological advancement in cyber-attacks through emails, it is necessary for the organization to educate employees by conduct this program (Aldawood and Skinner 2018). The program consists of basic test at the beginning followed by online classes on email security and malware prevention. Random games and tests are organized to determine the results which are certified according to the level of understanding of the staff about the topics taught. The EMATP provides awareness about the necessary information on latest breaches and ways to mitigate the risks of the emails. Conclusion:
EMATP is used ABC Pvt ltd to develop a deeper sense of understanding about malware and security of the emails. The paper describes the risks of emails and malwares and the program comes as a solution to those risks. The program is conducted in form of online classes and evaluated using games and random tests. Certifications are provided in the end to determine the degree of understanding about the topic. The training module of the project is shown in the paper following by the challenges of implementing EMATP in the firm. Lastly, the paper includes the policies and guidelines of EMATP and the complete evaluation of the program. References: Aldawood, H., & Skinner, G. (2018, December). Educating and raising awareness on cyber security social engineering: A literature review. In 2018 IEEE International Conference on Teaching, Assessment, and Learning for Engineering (TALE) (pp. 62-68). IEEE. https://doi.org/10.1109/TALE.2018.8615162 Aldawood, H., & Skinner, G. (2019, May). Challenges of implementing training and awareness programs targeting cyber security social engineering. In 2019 Cybersecurity and Cyberforensics Conference (CCC) (pp. 111-117). IEEE. https://doi.org/10.1109/CCC.2019.00004 Cuchta, T., Blackwood, B., Devine, T. R., Niichel, R. J., Daniels, K. M., Lutjens, C. H., ... & Stephenson, R. J. (2019, September). Human Risk Factors in Cybersecurity. In Proceedings of the 20th Annual SIG Conference on Information Technology Education (pp. 87- 92). https://doi.org/10.1145/3349266.3351407 Hu, H., Peng, P., & Wang, G. (2018, September). Towards understanding the adoption of anti- spoofing protocols in email systems. In 2018 IEEE Cybersecurity Development (SecDev) (pp. 94-101). IEEE. https://doi.org/10.1109/SecDev.2018.00020 Hwang, I., Wakefield, R., Kim, S., & Kim, T. (2021). Security awareness: The first step in information security compliance behavior. Journal of Computer Information Systems, 61(4), 345-356. https://doi.org/10.1080/08874417.2019.1650676 McCormac, A., Calic, D., Parsons, K., Butavicius, M., Pattinson, M., & Lillie, M. (2018). The effect of resilience and job stress on information security awareness. Information & Computer Security. https://doi.org/10.1108/ICS-03-2018-0032 Miranda, M. J. (2018). Enhancing cybersecurity awareness training: A comprehensive phishing exercise approach. International Management Review, 14(2), 5-10. Retrieved from: https://www.imrjournal.org/uploads/1/4/2/8/14286482/imr-v14n2art1.pdf , Accessed on: 13-01-2022.
Ponsard, C., & Grandclaudon, J. (2019, February). Guidelines and tool support for building a cybersecurity awareness program for smes. In International Conference on Information Systems Security and Privacy (pp. 335-357). Springer, Cham. https://doi.org/10.1007/978- 3-030-49443-8_16 Scholefield, S., & Shepherd, L. A. (2019, July). Gamification techniques for raising cyber security awareness. In International Conference on Human-Computer Interaction (pp. 191- 203). Springer, Cham. https://doi.org/10.1007/978-3-030-22351-9_13 Sharma, T., & Bashir, M. (2020, July). An analysis of phishing emails and how the human vulnerabilities are exploited. In International Conference on Applied Human Factors and Ergonomics (pp. 49-55). Springer, Cham. https://doi.org/10.1007/978-3-030-52581-1_7 Santos, O. (2018). Developing cybersecurity programs and policies. Pearson IT Certification. Retrieved from: https://books.google.co.in/books?hl=en&lr=&id=zgNkDwAAQBAJ&oi=fnd&pg=PT22&dq=D eveloping++Cybersecurity++Programs+and++Policies&ots=A6YoyFXFIo&sig=Z3s- qOAcQwfg7NPm6kIKrso5N38&redir_esc=y#v=onepage&q=Developing%20%20Cybersecur ity%20%20Programs%20and%20%20Policies&f=false , Accessed on: 13-01-2022.

Recommended

Best Cyber Security Courses In Bangladesh.docx
Best Cyber Security Courses In Bangladesh.docxBest Cyber Security Courses In Bangladesh.docx
Best Cyber Security Courses In Bangladesh.docxArindamGhosal6
 
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...robbiesamuel
 
An Effective Cybersecurity Awareness Training Model: First Defense of an Orga...
An Effective Cybersecurity Awareness Training Model: First Defense of an Orga...An Effective Cybersecurity Awareness Training Model: First Defense of an Orga...
An Effective Cybersecurity Awareness Training Model: First Defense of an Orga...IRJET Journal
 
Meraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldMeraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldnooralmousa
 
8Cyber security courses in Bangladesh.docx
8Cyber security courses in Bangladesh.docx8Cyber security courses in Bangladesh.docx
8Cyber security courses in Bangladesh.docxArindamGhosal6
 
Security Awareness Training from KnowBe4
Security Awareness Training from KnowBe4Security Awareness Training from KnowBe4
Security Awareness Training from KnowBe4Carol Montgomery Adams
 
University-of-Miami_MEDINA
University-of-Miami_MEDINAUniversity-of-Miami_MEDINA
University-of-Miami_MEDINAKelvin Medina, CISSP, PA-QSA, QSA, GCIH, CISA, ITIL
 
Information Security Analyst Resume. When seeking
Information Security Analyst Resume. When seekingInformation Security Analyst Resume. When seeking
Information Security Analyst Resume. When seekingDanielle Bowers
 

Recommended

Best Cyber Security Courses In Bangladesh.docx
Best Cyber Security Courses In Bangladesh.docxBest Cyber Security Courses In Bangladesh.docx
Best Cyber Security Courses In Bangladesh.docxArindamGhosal6
 
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...robbiesamuel
 
An Effective Cybersecurity Awareness Training Model: First Defense of an Orga...
An Effective Cybersecurity Awareness Training Model: First Defense of an Orga...An Effective Cybersecurity Awareness Training Model: First Defense of an Orga...
An Effective Cybersecurity Awareness Training Model: First Defense of an Orga...IRJET Journal
 
Meraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldMeraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldnooralmousa
 
8Cyber security courses in Bangladesh.docx
8Cyber security courses in Bangladesh.docx8Cyber security courses in Bangladesh.docx
8Cyber security courses in Bangladesh.docxArindamGhosal6
 
Security Awareness Training from KnowBe4
Security Awareness Training from KnowBe4Security Awareness Training from KnowBe4
Security Awareness Training from KnowBe4Carol Montgomery Adams
 
University-of-Miami_MEDINA
University-of-Miami_MEDINAUniversity-of-Miami_MEDINA
University-of-Miami_MEDINAKelvin Medina, CISSP, PA-QSA, QSA, GCIH, CISA, ITIL
 
Information Security Analyst Resume. When seeking
Information Security Analyst Resume. When seekingInformation Security Analyst Resume. When seeking
Information Security Analyst Resume. When seekingDanielle Bowers
 
Implementing Best Practices.pptx
Implementing Best Practices.pptxImplementing Best Practices.pptx
Implementing Best Practices.pptxdamilolasunmola
 
Running Head STATEMENT OF WORKSTATEMENT OF WORK .docx
Running Head STATEMENT OF WORKSTATEMENT OF WORK .docxRunning Head STATEMENT OF WORKSTATEMENT OF WORK .docx
Running Head STATEMENT OF WORKSTATEMENT OF WORK .docxtoltonkendal
 
Cybersecurity education catalog sae september 2021
Cybersecurity education catalog sae september 2021Cybersecurity education catalog sae september 2021
Cybersecurity education catalog sae september 2021TrustwaveHoldings
 
SENG8060_Lesson00_CourseInfo.pptx
SENG8060_Lesson00_CourseInfo.pptxSENG8060_Lesson00_CourseInfo.pptx
SENG8060_Lesson00_CourseInfo.pptxVatsalPatel147291
 
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESAN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESijcsit
 
D zone-cat-datasheet
D zone-cat-datasheetD zone-cat-datasheet
D zone-cat-datasheetLindsay Carreau
 
CERT STRATEGY TO DEAL WITH PHISHING ATTACKS
CERT STRATEGY TO DEAL WITH PHISHING ATTACKSCERT STRATEGY TO DEAL WITH PHISHING ATTACKS
CERT STRATEGY TO DEAL WITH PHISHING ATTACKScsandit
 
Seminar On.pdf
Seminar On.pdfSeminar On.pdf
Seminar On.pdfTejasLakade
 
Introduction-to-Cyber-Security-Training.pptx
Introduction-to-Cyber-Security-Training.pptxIntroduction-to-Cyber-Security-Training.pptx
Introduction-to-Cyber-Security-Training.pptx056kevinChauhan
 
Cyber Security Trends - Where the Industry Is Heading in an Uncertainty
Cyber Security Trends - Where the Industry Is Heading in an UncertaintyCyber Security Trends - Where the Industry Is Heading in an Uncertainty
Cyber Security Trends - Where the Industry Is Heading in an UncertaintyOrganization
 
PHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEY
PHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEYPHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEY
PHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEYIJNSA Journal
 
End User Security Awareness Presentation
End User Security Awareness PresentationEnd User Security Awareness Presentation
End User Security Awareness PresentationCristian Mihai
 
Research Article On Web Application Security
Research Article On Web Application SecurityResearch Article On Web Application Security
Research Article On Web Application SecuritySaadSaif6
 
Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...
Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...
Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...CSCJournals
 
Human Risk Management
Human Risk ManagementHuman Risk Management
Human Risk ManagementJohn Grennan
 
The need for effective information security awareness practices.
The need for effective information security awareness practices.The need for effective information security awareness practices.
The need for effective information security awareness practices.CAS
 
Replies Required for below Posting 1 user security awarene.docx
Replies Required for below Posting 1 user security awarene.docxReplies Required for below Posting 1 user security awarene.docx
Replies Required for below Posting 1 user security awarene.docxsodhi3
 
Implementing cybersecurity best practices and new technology ppt (1).pptx
Implementing cybersecurity best practices and new technology ppt (1).pptxImplementing cybersecurity best practices and new technology ppt (1).pptx
Implementing cybersecurity best practices and new technology ppt (1).pptxdamilolasunmola
 
Secure Arcade: A Gamified Defense Against Cyber Attacks
Secure Arcade: A Gamified Defense Against Cyber AttacksSecure Arcade: A Gamified Defense Against Cyber Attacks
Secure Arcade: A Gamified Defense Against Cyber AttacksIJCSITJournal2
 
Swapnil Goud Tadkal
Swapnil Goud TadkalSwapnil Goud Tadkal
Swapnil Goud TadkalSwapnil Goud Tadkal
 
The candidates will develop a substantive understanding of six components.docx
The candidates will develop a substantive understanding of six components.docxThe candidates will develop a substantive understanding of six components.docx
The candidates will develop a substantive understanding of six components.docxwrite31
 
Women in The Testament of the Bible shows.docx
Women in The Testament of the Bible shows.docxWomen in The Testament of the Bible shows.docx
Women in The Testament of the Bible shows.docxwrite31
 

More Related Content

Similar to CCCS 452 Security Program Architecture And Engineering.docx

Implementing Best Practices.pptx
Implementing Best Practices.pptxImplementing Best Practices.pptx
Implementing Best Practices.pptxdamilolasunmola
 
Running Head STATEMENT OF WORKSTATEMENT OF WORK .docx
Running Head STATEMENT OF WORKSTATEMENT OF WORK .docxRunning Head STATEMENT OF WORKSTATEMENT OF WORK .docx
Running Head STATEMENT OF WORKSTATEMENT OF WORK .docxtoltonkendal
 
Cybersecurity education catalog sae september 2021
Cybersecurity education catalog sae september 2021Cybersecurity education catalog sae september 2021
Cybersecurity education catalog sae september 2021TrustwaveHoldings
 
SENG8060_Lesson00_CourseInfo.pptx
SENG8060_Lesson00_CourseInfo.pptxSENG8060_Lesson00_CourseInfo.pptx
SENG8060_Lesson00_CourseInfo.pptxVatsalPatel147291
 
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESAN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESijcsit
 
CERT STRATEGY TO DEAL WITH PHISHING ATTACKS
CERT STRATEGY TO DEAL WITH PHISHING ATTACKSCERT STRATEGY TO DEAL WITH PHISHING ATTACKS
CERT STRATEGY TO DEAL WITH PHISHING ATTACKScsandit
 
Introduction-to-Cyber-Security-Training.pptx
Introduction-to-Cyber-Security-Training.pptxIntroduction-to-Cyber-Security-Training.pptx
Introduction-to-Cyber-Security-Training.pptx056kevinChauhan
 
Cyber Security Trends - Where the Industry Is Heading in an Uncertainty
Cyber Security Trends - Where the Industry Is Heading in an UncertaintyCyber Security Trends - Where the Industry Is Heading in an Uncertainty
Cyber Security Trends - Where the Industry Is Heading in an UncertaintyOrganization
 
PHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEY
PHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEYPHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEY
PHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEYIJNSA Journal
 
End User Security Awareness Presentation
End User Security Awareness PresentationEnd User Security Awareness Presentation
End User Security Awareness PresentationCristian Mihai
 
Research Article On Web Application Security
Research Article On Web Application SecurityResearch Article On Web Application Security
Research Article On Web Application SecuritySaadSaif6
 
Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...
Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...
Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...CSCJournals
 
Human Risk Management
Human Risk ManagementHuman Risk Management
Human Risk ManagementJohn Grennan
 
The need for effective information security awareness practices.
The need for effective information security awareness practices.The need for effective information security awareness practices.
The need for effective information security awareness practices.CAS
 
Replies Required for below Posting 1 user security awarene.docx
Replies Required for below Posting 1 user security awarene.docxReplies Required for below Posting 1 user security awarene.docx
Replies Required for below Posting 1 user security awarene.docxsodhi3
 
Implementing cybersecurity best practices and new technology ppt (1).pptx
Implementing cybersecurity best practices and new technology ppt (1).pptxImplementing cybersecurity best practices and new technology ppt (1).pptx
Implementing cybersecurity best practices and new technology ppt (1).pptxdamilolasunmola
 
Secure Arcade: A Gamified Defense Against Cyber Attacks
Secure Arcade: A Gamified Defense Against Cyber AttacksSecure Arcade: A Gamified Defense Against Cyber Attacks
Secure Arcade: A Gamified Defense Against Cyber AttacksIJCSITJournal2
 

Similar to CCCS 452 Security Program Architecture And Engineering.docx (20)

Implementing Best Practices.pptx
Implementing Best Practices.pptxImplementing Best Practices.pptx
Implementing Best Practices.pptx
 
Running Head STATEMENT OF WORKSTATEMENT OF WORK .docx
Running Head STATEMENT OF WORKSTATEMENT OF WORK .docxRunning Head STATEMENT OF WORKSTATEMENT OF WORK .docx
Running Head STATEMENT OF WORKSTATEMENT OF WORK .docx
 
Cybersecurity education catalog sae september 2021
Cybersecurity education catalog sae september 2021Cybersecurity education catalog sae september 2021
Cybersecurity education catalog sae september 2021
 
SENG8060_Lesson00_CourseInfo.pptx
SENG8060_Lesson00_CourseInfo.pptxSENG8060_Lesson00_CourseInfo.pptx
SENG8060_Lesson00_CourseInfo.pptx
 
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESAN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
 
D zone-cat-datasheet
D zone-cat-datasheetD zone-cat-datasheet
D zone-cat-datasheet
 
CERT STRATEGY TO DEAL WITH PHISHING ATTACKS
CERT STRATEGY TO DEAL WITH PHISHING ATTACKSCERT STRATEGY TO DEAL WITH PHISHING ATTACKS
CERT STRATEGY TO DEAL WITH PHISHING ATTACKS
 
Seminar On.pdf
Seminar On.pdfSeminar On.pdf
Seminar On.pdf
 
Introduction-to-Cyber-Security-Training.pptx
Introduction-to-Cyber-Security-Training.pptxIntroduction-to-Cyber-Security-Training.pptx
Introduction-to-Cyber-Security-Training.pptx
 
Cyber Security Trends - Where the Industry Is Heading in an Uncertainty
Cyber Security Trends - Where the Industry Is Heading in an UncertaintyCyber Security Trends - Where the Industry Is Heading in an Uncertainty
Cyber Security Trends - Where the Industry Is Heading in an Uncertainty
 
PHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEY
PHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEYPHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEY
PHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEY
 
End User Security Awareness Presentation
End User Security Awareness PresentationEnd User Security Awareness Presentation
End User Security Awareness Presentation
 
Research Article On Web Application Security
Research Article On Web Application SecurityResearch Article On Web Application Security
Research Article On Web Application Security
 
Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...
Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...
Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...
 
Human Risk Management
Human Risk ManagementHuman Risk Management
Human Risk Management
 
The need for effective information security awareness practices.
The need for effective information security awareness practices.The need for effective information security awareness practices.
The need for effective information security awareness practices.
 
Replies Required for below Posting 1 user security awarene.docx
Replies Required for below Posting 1 user security awarene.docxReplies Required for below Posting 1 user security awarene.docx
Replies Required for below Posting 1 user security awarene.docx
 
Implementing cybersecurity best practices and new technology ppt (1).pptx
Implementing cybersecurity best practices and new technology ppt (1).pptxImplementing cybersecurity best practices and new technology ppt (1).pptx
Implementing cybersecurity best practices and new technology ppt (1).pptx
 
Secure Arcade: A Gamified Defense Against Cyber Attacks
Secure Arcade: A Gamified Defense Against Cyber AttacksSecure Arcade: A Gamified Defense Against Cyber Attacks
Secure Arcade: A Gamified Defense Against Cyber Attacks
 
Swapnil Goud Tadkal
Swapnil Goud TadkalSwapnil Goud Tadkal
Swapnil Goud Tadkal
 

More from write31

The candidates will develop a substantive understanding of six components.docx
The candidates will develop a substantive understanding of six components.docxThe candidates will develop a substantive understanding of six components.docx
The candidates will develop a substantive understanding of six components.docxwrite31
 
Women in The Testament of the Bible shows.docx
Women in The Testament of the Bible shows.docxWomen in The Testament of the Bible shows.docx
Women in The Testament of the Bible shows.docxwrite31
 
Write a article more than 2 pages in.docx
Write a article more than 2 pages in.docxWrite a article more than 2 pages in.docx
Write a article more than 2 pages in.docxwrite31
 
Write a memo to the CIO that describes how to.docx
Write a memo to the CIO that describes how to.docxWrite a memo to the CIO that describes how to.docx
Write a memo to the CIO that describes how to.docxwrite31
 
The topic is In the Western Catholic The.docx
The topic is In the Western Catholic The.docxThe topic is In the Western Catholic The.docx
The topic is In the Western Catholic The.docxwrite31
 
Video if makes the speech compelling.docx
Video if makes the speech compelling.docxVideo if makes the speech compelling.docx
Video if makes the speech compelling.docxwrite31
 
watch the video on The Role of HR Has.docx
watch the video on The Role of HR Has.docxwatch the video on The Role of HR Has.docx
watch the video on The Role of HR Has.docxwrite31
 
There is a relationship between an emotionality and their.docx
There is a relationship between an emotionality and their.docxThere is a relationship between an emotionality and their.docx
There is a relationship between an emotionality and their.docxwrite31
 
What is required to petition is a formal letter the.docx
What is required to petition is a formal letter the.docxWhat is required to petition is a formal letter the.docx
What is required to petition is a formal letter the.docxwrite31
 
what is mental illness as an officially recognized.docx
what is mental illness as an officially recognized.docxwhat is mental illness as an officially recognized.docx
what is mental illness as an officially recognized.docxwrite31
 
With you have learned about the cell DNA.docx
With you have learned about the cell DNA.docxWith you have learned about the cell DNA.docx
With you have learned about the cell DNA.docxwrite31
 
TO EACH POST 100 WORDS MIN This.docx
TO EACH POST 100 WORDS MIN This.docxTO EACH POST 100 WORDS MIN This.docx
TO EACH POST 100 WORDS MIN This.docxwrite31
 
TO EACH POST MIN 100 WORDS In.docx
TO EACH POST MIN 100 WORDS In.docxTO EACH POST MIN 100 WORDS In.docx
TO EACH POST MIN 100 WORDS In.docxwrite31
 
Take a look back at your DPP and the Belmont.docx
Take a look back at your DPP and the Belmont.docxTake a look back at your DPP and the Belmont.docx
Take a look back at your DPP and the Belmont.docxwrite31
 
Stakeholder support is necessary for successful project Consider your.docx
Stakeholder support is necessary for successful project Consider your.docxStakeholder support is necessary for successful project Consider your.docx
Stakeholder support is necessary for successful project Consider your.docxwrite31
 
The OSI data link layer is responsible for physical.docx
The OSI data link layer is responsible for physical.docxThe OSI data link layer is responsible for physical.docx
The OSI data link layer is responsible for physical.docxwrite31
 
This assignment is intended to help you use leadership skills.docx
This assignment is intended to help you use leadership skills.docxThis assignment is intended to help you use leadership skills.docx
This assignment is intended to help you use leadership skills.docxwrite31
 
What are the different portals of entry for a pathogen.docx
What are the different portals of entry for a pathogen.docxWhat are the different portals of entry for a pathogen.docx
What are the different portals of entry for a pathogen.docxwrite31
 
You are the Social Media Manager for Savannah Technical.docx
You are the Social Media Manager for Savannah Technical.docxYou are the Social Media Manager for Savannah Technical.docx
You are the Social Media Manager for Savannah Technical.docxwrite31
 
When you are engaging it is important to understand.docx
When you are engaging it is important to understand.docxWhen you are engaging it is important to understand.docx
When you are engaging it is important to understand.docxwrite31
 

More from write31 (20)

The candidates will develop a substantive understanding of six components.docx
The candidates will develop a substantive understanding of six components.docxThe candidates will develop a substantive understanding of six components.docx
The candidates will develop a substantive understanding of six components.docx
 
Women in The Testament of the Bible shows.docx
Women in The Testament of the Bible shows.docxWomen in The Testament of the Bible shows.docx
Women in The Testament of the Bible shows.docx
 
Write a article more than 2 pages in.docx
Write a article more than 2 pages in.docxWrite a article more than 2 pages in.docx
Write a article more than 2 pages in.docx
 
Write a memo to the CIO that describes how to.docx
Write a memo to the CIO that describes how to.docxWrite a memo to the CIO that describes how to.docx
Write a memo to the CIO that describes how to.docx
 
The topic is In the Western Catholic The.docx
The topic is In the Western Catholic The.docxThe topic is In the Western Catholic The.docx
The topic is In the Western Catholic The.docx
 
Video if makes the speech compelling.docx
Video if makes the speech compelling.docxVideo if makes the speech compelling.docx
Video if makes the speech compelling.docx
 
watch the video on The Role of HR Has.docx
watch the video on The Role of HR Has.docxwatch the video on The Role of HR Has.docx
watch the video on The Role of HR Has.docx
 
There is a relationship between an emotionality and their.docx
There is a relationship between an emotionality and their.docxThere is a relationship between an emotionality and their.docx
There is a relationship between an emotionality and their.docx
 
What is required to petition is a formal letter the.docx
What is required to petition is a formal letter the.docxWhat is required to petition is a formal letter the.docx
What is required to petition is a formal letter the.docx
 
what is mental illness as an officially recognized.docx
what is mental illness as an officially recognized.docxwhat is mental illness as an officially recognized.docx
what is mental illness as an officially recognized.docx
 
With you have learned about the cell DNA.docx
With you have learned about the cell DNA.docxWith you have learned about the cell DNA.docx
With you have learned about the cell DNA.docx
 
TO EACH POST 100 WORDS MIN This.docx
TO EACH POST 100 WORDS MIN This.docxTO EACH POST 100 WORDS MIN This.docx
TO EACH POST 100 WORDS MIN This.docx
 
TO EACH POST MIN 100 WORDS In.docx
TO EACH POST MIN 100 WORDS In.docxTO EACH POST MIN 100 WORDS In.docx
TO EACH POST MIN 100 WORDS In.docx
 
Take a look back at your DPP and the Belmont.docx
Take a look back at your DPP and the Belmont.docxTake a look back at your DPP and the Belmont.docx
Take a look back at your DPP and the Belmont.docx
 
Stakeholder support is necessary for successful project Consider your.docx
Stakeholder support is necessary for successful project Consider your.docxStakeholder support is necessary for successful project Consider your.docx
Stakeholder support is necessary for successful project Consider your.docx
 
The OSI data link layer is responsible for physical.docx
The OSI data link layer is responsible for physical.docxThe OSI data link layer is responsible for physical.docx
The OSI data link layer is responsible for physical.docx
 
This assignment is intended to help you use leadership skills.docx
This assignment is intended to help you use leadership skills.docxThis assignment is intended to help you use leadership skills.docx
This assignment is intended to help you use leadership skills.docx
 
What are the different portals of entry for a pathogen.docx
What are the different portals of entry for a pathogen.docxWhat are the different portals of entry for a pathogen.docx
What are the different portals of entry for a pathogen.docx
 
You are the Social Media Manager for Savannah Technical.docx
You are the Social Media Manager for Savannah Technical.docxYou are the Social Media Manager for Savannah Technical.docx
You are the Social Media Manager for Savannah Technical.docx
 
When you are engaging it is important to understand.docx
When you are engaging it is important to understand.docxWhen you are engaging it is important to understand.docx
When you are engaging it is important to understand.docx
 

Recently uploaded

Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 

Recently uploaded (20)

Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 

CCCS 452 Security Program Architecture And Engineering.docx

  • 1. CCCS 452 Security Program Architecture And Engineering Answer: Introduction: ABC Pvt Ltd has been operating locally and providing services to its customers. The organization is entrepreneurial with 5 HR, 10 admins and 20 engineers. The paper briefly discusses the development of an Email and Malware Awareness and Training Program for the organization to minimize the risks and provide security to public data. Risk Assessment: Emails are one of the central modes of communication in the organization. Thus, criminals are finding new ways to breach the security of the company by using malicious emails. The threat of using email might lead to delivery of malware by spams. Emails are often gateway to phishing leading to theft of credentials (Miranda, 2018). Emails with malware can lead to unidentified control facilitating unethical access to confidential information about employees and admins and disrupt the access to resources by Engineering department (Cuchta et al., 2019). Email spoofing enables criminals or malicious programs to falsify sender information. These problems can be mitigated by using a secure and robust mail server and client with proper authentication and periodic testing of security. The risks from emails can be vastly reduced by implementation of an email and malware awareness and training program. Outline Awareness And Training Program: Email and Malware Awareness and Training Program (EMATP) held in of ABC Pvt Ltd will help the employees gain a deeper understanding about the impact of breaches in security and malware attacks through email communication (Sharma & Bashir, 2020). The online awareness training comprises of step-by-step procedures by starting with a basic test about emails and uses and importance to determine their preliminary knowledge. The staffs are trained by using online lessons and courses that help in understanding the ways to mitigate email threats. The importance of reporting and follow ups for malicious mails are taught (Hwang et al., 2021). Games and random tests are organized to evaluate the results of learning from online classes. The staffs are made familiar with the best practices, rules and
  • 2. protocols for secure email communication reducing job stress and increasing resilience (McCormac et al., 2018). Certifications are handed out at the end to certify the staff about their levels of understanding on the importance of protection from harmful emails and malwares for the benefit of the organization. Training Module: Activities Target Audience HR ADMIN Engineering Initial Basic test Yes email security email management and administration
  • 3. email security implementation Online Presentation 95 % participation security breaches, phishing problems identity theft, email spoofing, unidentified control. Risks hampering workflow. Online video meetings 85% participation mitigate email attacks control access and network security
  • 4. email security and malware protection. Online training 90 % participation Secure HR from specific threats. user authentication, information protection, ransomware implementation of procedures for email and malware security. Games 100 % participation Simple phishing simulation Spam awareness and network protection games Platform to create their own email security procedures
  • 5. Random tests 95% participation email security user authentication. email security implementation, Certification 100% participation certificate for HR. certificate for Admin. certificate for Engineering.
  • 6. Challenges: The program had to reach all the HR, Admin and Engineering staff of ABC Pvt Ltd but there were few challenges that it had to overcome. The program implemented uses the latest and most valuable information about cybersecurity awareness and training the employees to deal with the current threats and attack techniques as most cybersecurity contents gets outdated fast (Aldawood & Skinner, 2019). Every employee needed to participate thus all activities are carried out online within quick intervals not making the program burdensome for the employees and easier program administration. The inclusion of games made the procedure fun to learn and harder to forget (Scholefield & Shepherd, 2019). The program was designed to generate interest of the staff toward learning about email protection as most of the corporate communication are done through emails. The program is tailored to teach the employees and generate a culture for the need of security in emails. Policy And Guidelines: The policies and guidelines for EMATP in ABC Pvt Ltd helps in successful execution of the steps of programs and provide constant guidance to awareness toward email and malware protection. The policy states that all the members of the organization have to attend the program at their time of convenience. The training will be provided both online and offline, just like the games and tests conducted. The records from the test will be distributed individually along with the certificate of level of understanding of email security (Santos, 2018). The policy of the program requires the program to be technologically updated and use the learning from the latest security breach and malicious attacks (Hu, Peng & Wang, 2018). The policy focuses on the best practices towards email security (Ponsard & Grandclaudon, 2019). The certificates are provided by third party organization and it gives company a different view towards the results and analysis. Thus, the policies and guidelines make the program rigid and important to be implemented in the organization (Hwang et al., 2021). Evaluation: EMATP in ABC Pvt Ltd provides training for the staff to develop a deeper understanding about the necessity of protection from malicious emails. With the latest technological advancement in cyber-attacks through emails, it is necessary for the organization to educate employees by conduct this program (Aldawood and Skinner 2018). The program consists of basic test at the beginning followed by online classes on email security and malware prevention. Random games and tests are organized to determine the results which are certified according to the level of understanding of the staff about the topics taught. The EMATP provides awareness about the necessary information on latest breaches and ways to mitigate the risks of the emails. Conclusion:
  • 7. EMATP is used ABC Pvt ltd to develop a deeper sense of understanding about malware and security of the emails. The paper describes the risks of emails and malwares and the program comes as a solution to those risks. The program is conducted in form of online classes and evaluated using games and random tests. Certifications are provided in the end to determine the degree of understanding about the topic. The training module of the project is shown in the paper following by the challenges of implementing EMATP in the firm. Lastly, the paper includes the policies and guidelines of EMATP and the complete evaluation of the program. References: Aldawood, H., & Skinner, G. (2018, December). Educating and raising awareness on cyber security social engineering: A literature review. In 2018 IEEE International Conference on Teaching, Assessment, and Learning for Engineering (TALE) (pp. 62-68). IEEE. https://doi.org/10.1109/TALE.2018.8615162 Aldawood, H., & Skinner, G. (2019, May). Challenges of implementing training and awareness programs targeting cyber security social engineering. In 2019 Cybersecurity and Cyberforensics Conference (CCC) (pp. 111-117). IEEE. https://doi.org/10.1109/CCC.2019.00004 Cuchta, T., Blackwood, B., Devine, T. R., Niichel, R. J., Daniels, K. M., Lutjens, C. H., ... & Stephenson, R. J. (2019, September). Human Risk Factors in Cybersecurity. In Proceedings of the 20th Annual SIG Conference on Information Technology Education (pp. 87- 92). https://doi.org/10.1145/3349266.3351407 Hu, H., Peng, P., & Wang, G. (2018, September). Towards understanding the adoption of anti- spoofing protocols in email systems. In 2018 IEEE Cybersecurity Development (SecDev) (pp. 94-101). IEEE. https://doi.org/10.1109/SecDev.2018.00020 Hwang, I., Wakefield, R., Kim, S., & Kim, T. (2021). Security awareness: The first step in information security compliance behavior. Journal of Computer Information Systems, 61(4), 345-356. https://doi.org/10.1080/08874417.2019.1650676 McCormac, A., Calic, D., Parsons, K., Butavicius, M., Pattinson, M., & Lillie, M. (2018). The effect of resilience and job stress on information security awareness. Information & Computer Security. https://doi.org/10.1108/ICS-03-2018-0032 Miranda, M. J. (2018). Enhancing cybersecurity awareness training: A comprehensive phishing exercise approach. International Management Review, 14(2), 5-10. Retrieved from: https://www.imrjournal.org/uploads/1/4/2/8/14286482/imr-v14n2art1.pdf , Accessed on: 13-01-2022.
  • 8. Ponsard, C., & Grandclaudon, J. (2019, February). Guidelines and tool support for building a cybersecurity awareness program for smes. In International Conference on Information Systems Security and Privacy (pp. 335-357). Springer, Cham. https://doi.org/10.1007/978- 3-030-49443-8_16 Scholefield, S., & Shepherd, L. A. (2019, July). Gamification techniques for raising cyber security awareness. In International Conference on Human-Computer Interaction (pp. 191- 203). Springer, Cham. https://doi.org/10.1007/978-3-030-22351-9_13 Sharma, T., & Bashir, M. (2020, July). An analysis of phishing emails and how the human vulnerabilities are exploited. In International Conference on Applied Human Factors and Ergonomics (pp. 49-55). Springer, Cham. https://doi.org/10.1007/978-3-030-52581-1_7 Santos, O. (2018). Developing cybersecurity programs and policies. Pearson IT Certification. Retrieved from: https://books.google.co.in/books?hl=en&lr=&id=zgNkDwAAQBAJ&oi=fnd&pg=PT22&dq=D eveloping++Cybersecurity++Programs+and++Policies&ots=A6YoyFXFIo&sig=Z3s- qOAcQwfg7NPm6kIKrso5N38&redir_esc=y#v=onepage&q=Developing%20%20Cybersecur ity%20%20Programs%20and%20%20Policies&f=false , Accessed on: 13-01-2022.