INTERNATIONAL JOURNAL OF LATEST TECHNOLOGY IN ENGINEERING,

MANAGEMENT & APPLIED SCIENCE (IJLTEMAS)

ISSN 2278-2540 | DOI: 10.51583/IJLTEMAS | Volume XIII, Issue VII, July 2024

www.ijltemas.in Page 197

Cybersecurity Strategic Plan Part 2

Onyinyechukwu Ujah, Miriam Duru, Samuel Akinola

University of Dallas, United States

DOI: https://doi.org/10.51583/IJLTEMAS.2024.130724

Received: 09 August 2024; Accepted: 14 August 2024; Published: 21 August 2024

I. Summary of Key Elements from Part 1

In Part 1, several key elements were addressed to enhance the company's cybersecurity posture and align it with its business

objectives. The introductory letter outlined the company's recent assessment of cybersecurity policies and vulnerabilities,

emphasizing the need for a proactive cybersecurity approach to protect critical information assets. The significance of strong

cybersecurity measures in the face of evolving cyber threats was underscored, highlighting the potential catastrophic

implications of data breaches. The call to action for all stakeholders to embrace and drive best cybersecurity practices, in line

with industry frameworks like the NIST Framework, was also emphasized.

The business mission, vision, and values of Grayson Insurance were articulated to communicate the company's core identity

and goals from a business perspective. The mission statement emphasized the commitment to offering high-quality service to

clients at competitive rates while fostering a friendly and competitive workplace. The vision aimed to position Grayson

Insurance as the most empathetic and attentive insurance company, striving to improve skills, offer quality products, and

expand customer access. The values of trust, knowledge, connection, teamwork, respect, integrity and professionalism, fun &

humor, and commitment underscored the company's commitment to ethical conduct, continuous learning, customer-centric

approach, and teamwork.

The IT philosophy of Grayson Insurance outlined guiding principles and values influencing the company's approach to

information technology and cybersecurity. Embracing digital transformation, cybersecurity classification, risk management,

security controls, proactive cybersecurity, and business and IT alignment were highlighted as key focus areas. The adoption

of outsourcing for various IT services, implementation of data classification schemes, and deployment of technical solutions

like email filtering systems and encryption reflected the company's proactive stance towards cybersecurity.

The organizational structure of Grayson Insurance's security team was presented, emphasizing the strategic positioning of the

Chief Information Security Officer (CISO) and the delegation of responsibilities across various security roles. Justifications

for the organizational chart were provided, highlighting the need for efficient team alignment with the company's

cybersecurity requirements. Collaboration with internal and external partners was emphasized to optimize resources and

expertise in addressing cybersecurity challenges effectively.

Furthermore, the security mission, vision, and core values of Grayson Insurance were outlined to establish principles and

objectives for the organization's security practices. The mission emphasized continuous evolution of cybersecurity

capabilities to detect, prevent, and respond to cyber threats, while the vision aimed to position Grayson Insurance as a leader

in crafting and delivering strong cybersecurity practices. Core values of confidentiality, integrity, availability, and

accountability underscored the company's commitment to safeguarding assets, information, and people.

Lastly, the security issues and challenges faced by Grayson Insurance, including data privacy and compliance, cyber

insurance risks, phishing and social engineering, and supply chain security, were identified. Recommendations for addressing

these challenges included prioritizing awareness and training programs for employees, nurturing a security-first culture, and

considering the human factor in cybersecurity strategies. The importance of strong leadership in fostering a culture of

awareness and responsible technology use was emphasized to mitigate the risks associated with human error in cybersecurity.

II. Performance Measurement Metrics

Phishing Resilience Rate:

What: Phishing Resilience Rate is calculated as the number of successful phishing attempts divided by the total number of

phishing simulation emails sent.

Why: This metric helps assess the effectiveness of phishing awareness training and identifies areas for improvement in the

organization's defense against phishing attacks.

How: By tracking this metric over time, the security team can evaluate the success of training programs and implement

targeted measures to enhance employee awareness and response to phishing attempts.

Audience: The security team, HR department, and executive management are the primary audience for this metric.

Frequency: Data is collected and reported monthly to provide regular insights into the organization's phishing resilience.

Responsibility: The Security Awareness Coordinator oversees the collection, analysis, and reporting of this metric.

INTERNATIONAL JOURNAL OF LATEST TECHNOLOGY IN ENGINEERING,

MANAGEMENT & APPLIED SCIENCE (IJLTEMAS)

ISSN 2278-2540 | DOI: 10.51583/IJLTEMAS | Volume XIII, Issue V, May 2024

www.ijltemas.in Page 198

Example:

In this example:

Each line represents a different component contributing to the Phishing Resilience Rate.

The lines are stacked to show the total Phishing Resilience Rate for each month.

Markers (numbers) are placed at each data point for better visualization and interpretation.

Incident Response Time:

What: Incident Response Time measures the average duration taken to detect, contain, and respond to security incidents.

Why: This metric helps assess the efficiency of the incident response process and aims to minimize the impact of security

breaches by reducing response times.

How: Real-time monitoring of incident response activities allows for timely identification of bottlenecks and optimization of

response procedures.

Audience: The security team, IT support staff, and executive management are interested in this metric to ensure timely

incident resolution.

Frequency: While incident response is monitored in real-time, detailed reports are generated quarterly to track performance

over time.

Responsibility: Security Incident Responders are responsible for collecting, analyzing, and reporting on incident response

times.

Example:

4.3

2.5

3.5

4.5

2.5

2.4

4.4

1.8

2.8

2 2 3 5 5

10%

20%

30%

40%

50%

60%

70%

80%

90%

100%

Janauary February March April May

Phishing Resilience Rate

Series 1 Series 2 Series 3

6.7

3.5

1.5

0 1 2 3 4 5 6 7 8

Discovery to Notification

Discovery to Complete Forensic Investigation

Discovery to Containment

Occurance to Discovery

Incident Response Time

Average Number of Days

INTERNATIONAL JOURNAL OF LATEST TECHNOLOGY IN ENGINEERING,

MANAGEMENT & APPLIED SCIENCE (IJLTEMAS)

ISSN 2278-2540 | DOI: 10.51583/IJLTEMAS | Volume XIII, Issue V, May 2024

www.ijltemas.in Page 199

In this representation, each bar represents the incident response time for a specific time period. The height of the bar indicates

the duration of the response time in hours, while the x-axis denotes different time periods.

Patch Compliance Rate:

What: Patch Compliance Rate measures the percentage of systems and software that have been patched within the defined

timeframe.

Why: Ensuring timely patch deployment is crucial for addressing vulnerabilities and reducing the risk of exploitation by

cyber threats.

How: Weekly monitoring of patch deployment across all systems and software helps maintain compliance with security

policies.

Audience: The IT department, security team, and executive management rely on this metric to assess the organization's

vulnerability management practices.

Frequency: Data on patch compliance is collected and reported weekly to provide up-to-date insights into the organization's

security posture.

Responsibility: The Information Security Manager oversees the collection, analysis, and reporting of patch compliance data.

In this representation, each slice of the pie chart represents a category of patch compliance rate. The size of each slice

corresponds to the percentage of patches that are compliant within each category.

User Access Review Completion:

What: User Access Review Completion measures the percentage of user access reviews completed within the scheduled

timeframe.

Why: Regular user access reviews are essential for maintaining proper access controls and mitigating the risk of unauthorized

access to sensitive data.

How: Monthly tracking of user access review completion ensures adherence to security policies and regulatory requirements.

Audience: The security team, IT support staff, and executive management are interested in this metric to ensure compliance

with access control policies.

Frequency: Data on user access review completion is collected and reported monthly to track progress and identify any

delays or issues.

Responsibility: The Compliance and Risk Analyst is responsible for overseeing the completion, analysis, and reporting of

user access reviews.

58%

23%

10%

Patch Compliance Rate

1st Qtr

2nd Qtr

3rd Qtr

4th Qtr

INTERNATIONAL JOURNAL OF LATEST TECHNOLOGY IN ENGINEERING,

MANAGEMENT & APPLIED SCIENCE (IJLTEMAS)

ISSN 2278-2540 | DOI: 10.51583/IJLTEMAS | Volume XIII, Issue V, May 2024

www.ijltemas.in Page 200

In this representation, each slice of the pie chart represents a category of user access review completion rate. The size of each

slice corresponds to the percentage of completion within each category.

III. Specific Continuity Strategy: Hybrid Approach (Cloud Backup and Cold Site)

What is covered:

Data Backup and Recovery Procedures: The plan outlines detailed procedures for backing up critical systems and data to

both cloud-based storage solutions and physical backup devices. It includes regular backup schedules, verification processes,

and protocols for restoring data in the event of data loss or corruption.

Activation Procedures for the Cold Site: In the event of a disaster that renders the primary site unavailable, the plan

specifies the activation procedures for the cold site. This includes steps for transporting backup data to the cold site,

configuring infrastructure and systems at the cold site, and establishing connectivity to ensure continuity of operations.

Communication Protocols: The plan defines communication protocols for informing stakeholders, including employees,

clients, partners, and regulatory authorities, about the incident and its impact on operations. It includes channels of

communication, contact lists, and escalation procedures to ensure timely and accurate dissemination of information.

Roles and Responsibilities: Key personnel are assigned specific roles and responsibilities during continuity operations. This

includes the CISO, who has overall responsibility for the Business Continuity Plan, the Information Security Manager, who

coordinates continuity efforts and activates the cold site, the IT Team, responsible for executing data backup and recovery

procedures, and the Communications Team, responsible for stakeholder communication (Schreider, 2018).

What is not covered:

Detailed Technical Specifications: While the plan outlines high-level procedures for data backup, recovery, and site

activation, it does not include detailed technical specifications of hardware and software used in the process. This allows

flexibility in adapting to changing technology and infrastructure requirements.

Specific Disaster Scenarios: While the plan addresses general procedures for responding to disasters, it does not include

specific scenarios and response procedures for each type of disaster. Instead, it provides a framework for assessing and

responding to various types of incidents based on their impact on operations (Touhill & Tobin, 2018).

Key Organizational Players and Roles:

CISO: The Chief Information Security Officer (CISO) has overall responsibility for the Business Continuity Plan, including

its development, implementation, and maintenance. The CISO ensures alignment with organizational objectives and oversees

the coordination of continuity efforts across departments.

Information Security Manager: The Information Security Manager plays a central role in coordinating continuity efforts

and activating the cold site in the event of a disaster. They oversee the execution of data backup and recovery procedures and

ensure compliance with regulatory requirements.

INTERNATIONAL JOURNAL OF LATEST TECHNOLOGY IN ENGINEERING,

MANAGEMENT & APPLIED SCIENCE (IJLTEMAS)

ISSN 2278-2540 | DOI: 10.51583/IJLTEMAS | Volume XIII, Issue V, May 2024

www.ijltemas.in Page 201

IT Team: The IT Team is responsible for executing data backup and recovery procedures as outlined in the Business

Continuity Plan. They manage the technical aspects of data backup, storage, and restoration, ensuring the integrity and

availability of critical systems and data.

Communications Team: The Communications Team is responsible for stakeholder communication during an incident. They

manage internal and external communication channels, disseminate information about the incident and its impact on

operations, and coordinate with regulatory authorities and other stakeholders as needed.

Plan Testing:

Tabletop Exercises: Regular tabletop exercises are conducted to simulate various disaster scenarios and test the effectiveness

of the Business Continuity Plan. These exercises involve key personnel from different departments and allow for the

identification of gaps and areas for improvement in the plan (Schreider, 2018).

Full-Scale Drills: Annual full-scale drills are conducted to test the activation of the cold site and recovery procedures in a

realistic scenario. These drills involve mobilizing resources, activating backup systems, and simulating continuity operations

to validate the readiness of the organization to respond to a disaster effectively.

Overall, the Business Continuity Plan aims to ensure the availability of critical systems and data in the event of a disaster by

leveraging a hybrid approach that combines cloud-based backup solutions with a cold site for redundancy and resilience. It

provides a framework for coordinated response and recovery efforts, ensuring minimal disruption to business operations and

maintaining stakeholder confidence in the organization's ability to manage crises effectively (Schreider, 2018).

IV. Incident Response Playbook for Ransomware Incidents

Technologies Critical for Detection, Containment, and Remediation:

Endpoint Detection and Response (EDR): Grayson Insurance relies on advanced EDR solutions to continuously monitor

endpoints for any signs of ransomware activity. This proactive approach enables swift detection and response to potential

threats, safeguarding critical data and systems.

Network Intrusion Detection/Prevention Systems (NIDS/NIPS): Our network security infrastructure includes robust

NIDS/NIPS solutions that actively scan network traffic for indicators of ransomware activity. By promptly detecting and

blocking malicious traffic, we can contain the threat and prevent further propagation within our network.

Backup and Disaster Recovery Solutions: Grayson Insurance maintains comprehensive backup and disaster recovery

mechanisms to ensure data resilience and business continuity in the face of a ransomware attack. Regularly tested backup

procedures allow for the timely restoration of encrypted data, minimizing operational disruptions (Touhill & Tobin, 2018).

Key Organizational Players and Roles:

Chief Information Security Officer (CISO): As the highest-ranking security official, the CISO holds overall responsibility

for orchestrating the response to ransomware incidents at Grayson Insurance. This includes coordinating efforts across

various departments and liaising with external stakeholders as necessary.

Incident Response Team: Comprising experts from IT, security, legal, and communications departments, the Incident

Response Team is tasked with executing the incident response plan. Each member brings unique expertise to the table,

ensuring a comprehensive and coordinated response to ransomware incidents.

Legal Counsel: Legal Counsel plays a crucial role in advising Grayson Insurance on the legal implications of ransomware

incidents, including considerations related to ransom payments, regulatory compliance, and engagement with law

enforcement authorities.

Plan Testing:

Tabletop Exercises: Conduct regular tabletop exercises to simulate various ransomware scenarios and assess the

effectiveness of our incident response plan. These exercises provide an opportunity for key stakeholders to validate their roles

and responsibilities and identify areas for improvement.

Red Team Exercises: Periodic red team exercises are conducted to emulate real-world ransomware attacks and evaluate

Grayson Insurance's readiness and response capabilities. By subjecting our defenses to simulated attacks, we can identify

vulnerabilities and refine our incident response procedures accordingly (Ciampa, 2017).

Ransom Payment Considerations:

No Ransom Payment: Grayson Insurance maintains a strict policy against negotiating or paying ransoms to threat actors.

Paying ransom not only fails to guarantee the recovery of encrypted data but also incentivizes further attacks. Instead, we

focus on proactive measures to prevent, detect, and mitigate ransomware incidents (Touhill & Tobin, 2018).

Law Enforcement Engagement:

Contact Law Enforcement: In the event of a ransomware incident, Grayson Insurance will promptly engage law

enforcement authorities, such as the FBI or local law enforcement agencies. Collaboration with law enforcement not only

facilitates the investigation and mitigation efforts but also contributes to collective efforts to combat cybercrime and protect

businesses from future attacks (Buchanan, 2017)

INTERNATIONAL JOURNAL OF LATEST TECHNOLOGY IN ENGINEERING,

MANAGEMENT & APPLIED SCIENCE (IJLTEMAS)

ISSN 2278-2540 | DOI: 10.51583/IJLTEMAS | Volume XIII, Issue V, May 2024

www.ijltemas.in Page 202

V. Security Staffing Strategy

Recruitment:

Internal Recruitment: Promoting from within the organization is beneficial as it leverages existing knowledge of company

culture, processes, and policies. Employees who are already familiar with the organization are likely to require less time for

training and onboarding. Additionally, internal promotions can boost morale and motivation among existing employees,

demonstrating opportunities for career growth and advancement.

External Recruitment: Partnering with reputable recruiting agencies and utilizing online job platforms broadens the talent

pool and allows the organization to attract candidates with diverse experiences and skill sets. External recruitment is essential

for bringing in fresh perspectives and expertise, especially for specialized roles or when internal talent is not available

(Vacca, 2019).

Key Skills:

Technical Proficiency: Candidates should possess a strong understanding of cybersecurity principles, including but not

limited to network security, endpoint security, threat intelligence, and incident response. Technical proficiency ensures that

security staff can effectively identify, analyze, and respond to security threats and incidents.

Communication Skills: Effective communication is crucial for security professionals to convey technical concepts to both

technical and non-technical stakeholders. Security staff must be able to articulate security risks, findings, and

recommendations clearly and concisely to management, employees, clients, and external partners (Gordon, Loeb, &

Lucyshyn, 2015).

Interviewing and Onboarding Process:

Technical Assessment: Conducting technical interviews and assessments allows the organization to evaluate candidates'

skills and knowledge in cybersecurity. Technical assessments may include practical exercises, scenario-based questions, and

knowledge tests to assess candidates' capabilities accurately.

Cultural Fit Evaluation: Assessing candidates' alignment with company values, culture, and team dynamics during the

interview process ensures that new hires will integrate well into the organization. Cultural fit evaluation helps maintain a

positive work environment and promotes collaboration and teamwork among security staff (Vacca, 2019).

Comprehensive Onboarding: Providing thorough onboarding programs is essential to familiarize new hires with company

policies, procedures, tools, and systems. Comprehensive onboarding ensures that new security staff understand their roles and

responsibilities and have the necessary resources to succeed in their positions.

Talent Attraction:

Competitive Compensation: Offering competitive salaries and benefits packages is crucial for attracting and retaining top

talent in the cybersecurity industry. Competitive compensation demonstrates the organization's commitment to valuing its

employees and recognizes the specialized skills and expertise required for cybersecurity roles.

Professional Development Opportunities: Highlighting opportunities for career advancement, training, and professional

development is essential for attracting ambitious candidates who are committed to continuous learning and skill

enhancement. Professional development opportunities can include access to training programs, conferences, workshops, and

certifications relevant to cybersecurity (Gordon, Loeb, & Lucyshyn, 2015).

Training and Development:

Continuous Learning: Providing ongoing training and development opportunities ensures that security staff stay updated on

the latest threats, technologies, and best practices in cybersecurity. Continuous learning enables security professionals to

adapt to evolving threats and effectively mitigate risks to the organization.

Certification Programs: Sponsoring relevant certification programs enhances employees' skills and credentials, making

them more effective in their roles and increasing their value to the organization. Certification programs such as Certified

Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and CompTIA Security+ provide

recognized standards of expertise in cybersecurity (Whitman & Mattord, 2019).

Retention Strategies:

Career Growth Opportunities: Offering clear paths for career progression and advancement within the organization

motivates security staff to stay engaged and committed to their roles. Career growth opportunities can include promotions,

lateral moves, cross-training, and leadership development programs tailored to cybersecurity professionals.

Recognition and Rewards: Recognizing and rewarding employees for their contributions and achievements fosters a culture

of appreciation and loyalty within the organization. Recognition can take various forms, including performance bonuses,

awards, public acknowledgment, and opportunities for increased responsibility and visibility (Whitman & Mattord, 2019).

Handling Employee Departures:

Exit Interviews: Conducting exit interviews allows the organization to gather feedback from departing employees, identify

areas for improvement, and address any concerns or issues that may have contributed to their departure. Exit interviews

INTERNATIONAL JOURNAL OF LATEST TECHNOLOGY IN ENGINEERING,

MANAGEMENT & APPLIED SCIENCE (IJLTEMAS)

ISSN 2278-2540 | DOI: 10.51583/IJLTEMAS | Volume XIII, Issue V, May 2024

www.ijltemas.in Page 203

provide valuable insights into organizational strengths and weaknesses and help identify opportunities for enhancing

employee retention(Vacca, 2019).

Knowledge Transfer: Implementing knowledge transfer processes ensures a smooth transition and continuity of operations

when employees leave the company. Knowledge transfer may involve documenting processes, procedures, and best practices,

conducting training sessions for replacement staff, and facilitating mentorship or shadowing opportunities to transfer

knowledge from outgoing employees to their successors.

VI. Security Position Job Posting

Job Posting: Security Analyst

Company: Grayson Insurance

Location: Dallas, Texas/ Remote

Position Type: Full-time

About Grayson Insurance:

Grayson Insurance is a leading insurance company operating in the United States and Europe. Committed to providing high-

quality services to our clients, we prioritize integrity, professionalism, and innovation in all aspects of our business

operations. As we continue to expand our global presence, we are seeking a dedicated Security Analyst to join our dynamic

cybersecurity team.

Job Description:

As a Security Analyst at Grayson Insurance, you will play a crucial role in safeguarding our digital assets and protecting our

organization from cyber threats. Working closely with the Information Security Manager and other security team members,

you will be responsible for conducting threat assessments, implementing security measures, and responding to security

incidents.

Key Responsibilities:

 Conduct threat assessments and vulnerability analyses to identify potential risks to Grayson Insurance's information

assets.

 Implement and monitor security measures, including intrusion detection systems, firewalls, and encryption

protocols, to prevent unauthorized access and data breaches.

 Investigate and respond to security incidents promptly, collaborating with IT support staff to address and mitigate

security issues.

 Stay informed about the latest cybersecurity threats and trends and recommend proactive measures to enhance

Grayson Insurance's security posture.

 Assist in the development and implementation of security policies, procedures, and best practices to ensure

compliance with industry regulations and standards.

 Collaborate with internal stakeholders to raise awareness about cybersecurity best practices and promote a culture of

security awareness throughout the organization.

Qualifications:

 Bachelor’s degree in computer science, Information Security, or a related field.

 2+ years of experience in cybersecurity, preferably in a corporate environment.

 Strong understanding of cybersecurity principles, including network security, endpoint security, threat intelligence,

and incident response.

 Experience with security tools and technologies, such as SIEM, IDS/IPS, antivirus software, and penetration testing

tools.

 Excellent analytical and problem-solving skills, with the ability to assess and mitigate security risks effectively.

 Effective communication skills, with the ability to convey technical concepts to both technical and non-technical

stakeholders.

 Relevant certifications, such as Certified Information Systems Security Professional (CISSP) or Certified Ethical

Hacker (CEH), are a plus.

How to Apply:

Interested candidates should submit their resume and cover letter to hr@graysoninsurance.com. Please include "Security

Analyst Application" in the subject line. Only qualified candidates will be contacted for further consideration.

Benefits:

 Competitive salary and benefits package

 Opportunities for career growth and advancement

 Professional development and training opportunities

 Friendly and collaborative work environment

INTERNATIONAL JOURNAL OF LATEST TECHNOLOGY IN ENGINEERING,

MANAGEMENT & APPLIED SCIENCE (IJLTEMAS)

ISSN 2278-2540 | DOI: 10.51583/IJLTEMAS | Volume XIII, Issue V, May 2024

www.ijltemas.in Page 204

Join Grayson Insurance and become part of a dynamic team dedicated to protecting our company's digital assets and ensuring

the security of our clients' information.

VII. Security Awareness and Education Plan

Elements of the Awareness and Education Program:

Interactive Workshops: Conduct regular interactive workshops where employees can learn about cybersecurity best

practices, identify potential threats, and understand their role in maintaining a secure work environment.

Online Training Modules: Develop a series of online training modules covering various cybersecurity topics such as

phishing awareness, password management, data protection, and social engineering. These modules will be accessible to all

employees through the company's learning management system (LMS) (Whitman & Mattord, 2019).

Simulated Phishing Campaigns: Implement simulated phishing campaigns to test employees' ability to recognize and report

phishing attempts. These campaigns will provide valuable feedback and reinforce the importance of staying vigilant against

email-based threats.

Security Awareness Materials: Create and distribute educational materials such as infographics, posters, and newsletters to

raise awareness about cybersecurity issues and promote best practices among employees.

Employee Engagement Activities: Organize engaging activities such as quizzes, contests, and role-playing exercises to

make cybersecurity training more interactive and enjoyable for employees.

Communication and Training Techniques:

Email Campaigns: Send regular email updates and reminders about cybersecurity best practices, upcoming training sessions,

and recent security incidents to keep employees informed and engaged (Whitman & Mattord, 2019).

In-Person Sessions: Host face-to-face training sessions led by cybersecurity experts to provide in-depth knowledge and

address employees' questions and concerns directly.

Webinars: Conduct webinars on specific cybersecurity topics, inviting guest speakers and industry experts to share insights

and best practices with employees.

Interactive Online Platforms: Utilize interactive online platforms, such as discussion forums and chat groups, where

employees can ask questions, share experiences, and collaborate on cybersecurity-related issues.

Key Themes and Topics to be Covered:

Phishing Awareness: Recognizing and avoiding phishing emails, links, and attachments.

Password Security: Creating strong passwords, using multi-factor authentication, and safeguarding login credentials.

Data Protection: Handling sensitive information securely, encrypting files, and following data retention policies.

Device Security: Securing work devices, updating software regularly, and protecting against malware and viruses.

Social Engineering: Identifying social engineering tactics, such as pretexting and baiting, and avoiding manipulation by

malicious actors.

Frequency of Communication and Training:

Monthly Training Sessions: Conduct monthly training sessions covering different cybersecurity topics to ensure continuous

learning and reinforcement of key concepts.

Quarterly Workshops: Organize quarterly interactive workshops to provide more in-depth training and hands-on experience

for employees.

Bi-Weekly Email Updates: Send bi-weekly email updates with tips, reminders, and resources to keep cybersecurity top-of-

mind for employees.

Creators, Distributors, and Audience:

Creators: The cybersecurity team, in collaboration with HR and IT departments, will develop and create training materials

and workshops.

Distributors: Training materials will be distributed through the company's LMS, email newsletters, intranet, and physical

displays in office spaces.

Audience: All employees across departments and levels within the organization will participate in the security awareness

program.

Measuring Impact:

Pre and Post-Training Assessments: Conduct pre-training and post-training assessments to evaluate employees' knowledge

and understanding of cybersecurity concepts and measure improvement over time.

INTERNATIONAL JOURNAL OF LATEST TECHNOLOGY IN ENGINEERING,

MANAGEMENT & APPLIED SCIENCE (IJLTEMAS)

ISSN 2278-2540 | DOI: 10.51583/IJLTEMAS | Volume XIII, Issue V, May 2024

www.ijltemas.in Page 205

Phishing Simulation Results: Monitor the results of simulated phishing campaigns to track employees' ability to recognize

and report phishing attempts accurately.

Feedback Surveys: Collect feedback from employees through surveys and feedback forms to gauge the effectiveness of

training sessions and identify areas for improvement.

Incident Response Metrics: Track metrics related to security incidents, such as the number of reported incidents and

response times, to assess the overall impact of the awareness program on reducing security risks and improving incident

response capabilities (Whitman & Mattord, 2019).

By implementing this comprehensive security awareness blueprint, Grayson Insurance aims to empower employees with the

knowledge and skills needed to effectively mitigate cybersecurity risks and protect the company's digital assets.

VIII. Security Newsletter

Title: Cybersecurity Chronicles

Target Audience: All Employees

Issue Date: March 2024

Feature Article: Protecting Your Digital Identity

In today's interconnected world, our digital identities are more valuable than ever. From online banking to social media

accounts, we rely on digital platforms for various aspects of our lives. However, with the convenience of digital access comes

the risk of identity theft and cyber fraud. In this edition of Cybersecurity Chronicles, we explore practical tips to safeguard

your digital identity:

 Strong Passwords

 Multi-Factor Authentication (MFA)

 Phishing Awareness

 Regular Updates

 Privacy Settings:

Security Tip of the Month: Spotting Fake Websites

Before entering any sensitive information on a website, take a moment to verify its legitimacy. Look for signs of a secure

connection, such as a padlock icon in the address bar and "https://" at the beginning of the URL. Be wary of websites with

misspelled domain names or unfamiliar branding, as these may be indicators of a fake or phishing website.

Employee Spotlight: Cybersecurity Champion

Congratulations to John Smith from the Finance Department for completing advanced cybersecurity training and earning the

title of Cybersecurity Champion for the month.

Upcoming Events: Cybersecurity Awareness Month

Stay tuned for a series of exciting events and activities from interactive workshops to guest speaker sessions planned for

Cybersecurity Awareness Month in April.

Security Department Budget Spreadsheet