- 01 Apr, 2021
- 0 Comments
- 5 Mins Read
CYBERSECURITY : Course Project
The project for this course is really one large paper (approximately 12-14 pages, using current APA standards) broken into four parts. The project will use the precepts of Integrated Reflective Practice (IRP) as you write a series of papers that apply to information assurance and your workplace. Write to the subjects requested below in terms of the six IRP Areas of Management Practice, as relevant:
Measurement and Process Improvement
Values-Based Leadership
Innovation Through Information
Financial and Economic Resources
Customers, Markets, Sales, and Marketing
Human Resources and Organizational Relationships
Deliverable 1
Deliverable 1 will be a three to four page paper (using current APA standards) with an annotated list of websites, journals, e-mail lists, seminal papers, etc. that relate to information security in your discipline or workplace — which might be based upon your current work or even your future professional aspirations! For example, one might choose either “Network Engineer” or “Health Records Compliance Officer” as the discipline of choice.
Put this information together as if you were providing it to your manager, such as the CIO, CEO, CISO, or board chair of your organization. Don’t just list a bunch of resources; provide an introduction and a capsule summary of what each provides, its usefulness, etc. Some of the resources might be oriented towards management, some may be purely technical. Relate to IRP where possible. You may wish to break things up by subject area for clarity.
In an effort to keep anyone from feeling cast adrift, kick around some ideas with your classmates during the first week of the project (i.e., Week 2) about just what this means — i.e., what is the relationship between the areas of management practice, your workplace, and reference materials? Use the discussion forum for Deliverable 1 to exchange some ideas. This is not intended to result in a template that you all have to follow but, instead, to really just get your creative juices flowing. The instructor will monitor the discussions and may pipe in. This is a great opportunity to help each other and learn another perspective.
There should be no problem coming up with three or more full pages. The cover sheet, references, and any tables or figures do not count towards the page count.
Deliverable 2
Deliverable 2 is a 4-5 page paper (using current APA standards), that provides an opportunity for you to share some war stories. Discuss a project in which you have been involved where information security was not taken into account in the design process. What were the results? Did this cause a problem? If so, what problem and how was it resolved? Was this lack of forethought not a problem when you thought that it might be? Was there a project where InfoSec was added later? How did it work out? Include some relevant resources and/or references to strengthen your case.
This project is fairly open-ended. If this topic isn’t an exact fit, see if you can adapt the idea to your situation. Write your paper as if it were an honest, after-action report to your CIO, CEO, or CISO. Sanitize the information as much as you’d like! There is no need to include any company confidential information.
Follow the same general instructions as for Deliverable 1
Deliverable 3
Deliverable 3 is a 4-5 page paper (using current APA standards) describing how you might design cybersecurity considerations into a real project at your workplace. Start by defining your workplace and the target project. Then describe the information aspects, where you might want to consider adding protection or improving it, how you would justify the return-on-investment and/or cost-benefit of adding security, determining how “much” security is necessary, the impact of your security measures on productivity, system efficiency, and usability, etc. If you don’t have a workplace situation that lends itself easily to this topic, see if you can use a colleague’s workplace as a case study, apply it to a former workplace as if you were returning as a consultant, or create a fictitious project/company. The important thing is to write it, as before, as if you were addressing your CIO, CEO, CISO, etc. (If you’re still having trouble finding a scenario, drop the instructor an e-mail and work something out).
Follow the same instructions as for Deliverable 1
Deliverable 4
Prepare a presentation containing the high points of your Deliverable 3 paper, as if you were giving a 5-10 minute briefing to professional colleagues.
You can be as creative as you’d like with this. At a minimum, prepare a PowerPoint (or equivalent) presentation. Refrain from using fancy effects in your presentation; use bullets and do not write essays and/or lengthy paragraphs in your slides. The file format of the presentation as delivered to the class must be one that is commonly available, such as PowerPoint (.ppt or .pptx) or PDF.
TIPS
Integrated Reflective Practice (IRP) describes a graduate-level learning pedagogy that integrates academic work with each student’s workplace through work-based assignments, activities, and projects. Courses are also integrated through cross-disciplinary activities based on a “systems” framework of the Areas of Management Practice (see below). Reflection is used repeatedly and in various ways to enhance and solidify students learning experiences.
Integrated Reflective Practice is characterized by:
Linking learning to experience and using experiences as a vehicle for learning.
Lifelong learning skills with a safety net.
Risk-taking through real assignments and projects.Overview
The integration of multiple Areas of Management Practice responds to the need for managers to constantly reframe problems from multiple perspectives; often simultaneously. The reframing of organizational problems using multiple Areas of Management Practice is based on the use of dialogue and critical reflection and through which hidden assumptions are brought to the surface and addressed.
The six Areas of Management Practice are defined broadly enough that they can be easily used as a starting point for inquiry into problems within virtually any organizational context (profit, non-profit, public-sector, private-sector, etc.). Given their breadth and universal relevance, they can all be used in management programs as a framework for the application of content from any course.
The strength of this approach comes from its ability to be applied to the extent feasible, throughout the curriculum. The intention is to work from a common platform that supports viewing problems and opportunities from a “systems perspective” and to provide students with a framework that is immediately usable in any of their courses or work experiences.