Grayson Insurance Cybersecurity Strategic Plan Part 1
Article Sidebar
Main Article Content
Grayson Insurance, as the name suggests, is an insurance company, which operates in the U.S and all across Europe. In recent weeks, we conducted an assessment on some of the cybersecurity policies that affect our company, including the Federal Information Security Management Act (FISMA) and the General Data Protection Regulation (GDPR). This was followed by conducting a risk assessment on some of the most important information assets that Grayson Insurance uses, including customer data, employee information, patient medical records, and company information. Some of the vulnerabilities that were uncovered from the assessment include phishing attacks, insider threats, data breaches through cyberattacks, and intellectual property theft. The next step is to come up with a Strategic Cybersecurity Plan that is aligned with Grayson Insurance’s business and IT priorities.
Downloads
Downloads
References
Alkhalil, Z., Hewage, C., Nawaf, L., & Khan, I. (2021). Phishing attacks: A recent comprehensive study and a new anatomy. Frontiers in Computer Science, 3, 563060. DOI: https://doi.org/10.3389/fcomp.2021.563060
Alshaikh, M. (2020). Developing cybersecurity culture to influence employee behavior: A practice perspective. Computers & Security, 98, 102003. DOI: https://doi.org/10.1016/j.cose.2020.102003
Cardona, P., & Rey, C. (2022). Management by missions: Connecting people to strategy through purpose (p. 156). Springer Nature. DOI: https://doi.org/10.1007/978-3-030-83780-8
Da Veiga, A., Astakhova, L. V., Botha, A., & Herselman, M. (2020). Defining organisational information security culture—Perspectives from academia and industry. Computers & Security, 92, 101713. DOI: https://doi.org/10.1016/j.cose.2020.101713
Det Norske Veritas. (n.d.). The three-pillar approach to cyber security: Data and information protection. Retrieved from https://www.dnv.com/article/the-three-pillar-approach-to-cyber-security-data-and-information-protection-165683#:~:text=Confidentiality%20in%20this%20context%20means,not%20have%20access%20to%20them.
Howell, G., Boeckl, K., Grayson, N., Lefkovitz, N., Ajmo, J., Craft, R., McGinnis, M., Sandlin, K., Slivina, O., Snyder, J., & Ward, P. (2023). Mobile device security: Bring Your Own Device (BYOD), Special Publication (NIST SP). Gaithersburg, MD: National Institute of Standards and Technology. DOI: https://doi.org/10.6028/NIST.SP.1800-22
Ironhack. (2024). Data privacy regulations: Compliance challenges and best practices. Retrieved from https://www.ironhack.com/gb/blog/data-privacy-regulations-compliance-challenges-and-best-practices
Kaushik, N. (2024). Risks, trends, challenges for cyber insurance. Retrieved from https://www.insurancethoughtleadership.com/cyber/risks-trends-challenges-cyber-insurance#:~:text=Unlike%20 traditional%20insurance%2C%20cyber%20insurance,uncertainty%20remains%20a%20significant%20challenge.
Marion, T. J., & Fixson, S. K. (2021). The transformation of the innovation process: How digital tools are changing work, collaboration, and organizations in new product development. Journal of Product Innovation Management, 38(1), 192-215. DOI: https://doi.org/10.1111/jpim.12547
Mtsweni, P., Mokwena, S. N., & Moeti, M. N. (2021). The impact of outsourcing information technology services on business operations. South African Journal of Information Management, 23(1), 1-7. DOI: https://doi.org/10.4102/sajim.v23i1.1361
Palatty, N. J. (2023). 80+ healthcare data breach statistics 2024. Retrieved from https://www.getastra.com/blog/security-audit/healthcare-data-breach-statistics/#:~:text=95%25%20of%20all%20identity%20theft,incidents%20affecting%202.5%20million%20people.
Perwej, Y., Abbas, S. Q., Dixit, J. P., Akhtar, N., & Jaiswal, A. K. (2021). A systematic literature review on the cyber security. International Journal of scientific research and management, 9(12), 669-710. DOI: https://doi.org/10.18535/ijsrm/v9i12.ec04
Reijers, H. A. (2021). Business process management: The evolution of a discipline. Computers in Industry, 126, 103404. DOI: https://doi.org/10.1016/j.compind.2021.103404
Tidd, J., & Bessant, J. R. (2020). Managing innovation: integrating technological, market and organizational change. John Wiley & Sons.
Wiley, A., McCormac, A., & Calic, D. (2020). More than the individual: Examining the relationship between culture and Information Security Awareness. Computers & security, 88, 101640. DOI: https://doi.org/10.1016/j.cose.2019.101640
Yoo, C. W., Goo, J., & Rao, H. R. (2020). Is cybersecurity a team sport? A multilevel examination of workgroup information security effectiveness. Mis Quarterly, 44(2). DOI: https://doi.org/10.25300/MISQ/2020/15477
All articles published in our journal are licensed under CC-BY 4.0, which permits authors to retain copyright of their work. This license allows for unrestricted use, sharing, and reproduction of the articles, provided that proper credit is given to the original authors and the source.