Information Security White
Paper
Instructions:
Instructions
Watch the Information Technology Security for Small
Businessesvideo from the National Institutes of Standards and
Technology (NIST):
Information
Technology Security for Small Business
Then write an information security white paper that can be used to market
your firm’s security consulting services to small businesses in the Washington,
DC, area. Your white paper must:
Be concise—no more than three pages long.
Provide a general explanation of the business need
for information security (protection measures) even in the smallest of
businesses (e.g., protect against loss of profit, damage to company’s
reputation, costs of litigation, etc.).
Explain information security threats and
vulnerabilities in plain English to small business owners who, while experts in
their own business areas, have limited knowledge of computers, networks, and
software.
Explain the following key concepts as part of the
threats and vulnerabilities discussion:
- confidentiality
- integrity
- availability
- non-repudiation
- authentication
- authorization
- risk
Recommend technologies, processes, and policies
that can be used to solve or mitigate one of the following common information
security threats:
- data breach and/or data theft (confidential
client information)
- denial-of-service (DOS) attacks
- insider theft of intellectual property
- deliberate corruption of electronic files
(hacker attack or malicious insider) including virus/worm infections
Discuss the impact or results that can be expected:
- costs and benefits of effective protection
measures
- costs and penalties of ineffective or
nonexistent protection measures
Remember to present your white paper and cite your sources in APA format and
use only authoritative/scholarly sources such as journal articles, books,
government documents, and other industry publications (e.g., trade journals or
magazines for health care or security professionals). The title page and list
of references are not included in the required page count.
