It is not possible for an organization to completely safeguard all of its assets

It is not possible for an organization to completely safeguard all of its assets at all times. There are limitations on resources, a balance between security and usability, and many other considerations.
Respond to the following questions:
How would you evaluate critical infrastructure within an organization to determine if it is susceptible to computer crime?
Who should be involved in the evaluation? Specify the designations or job responsibilities.
What factors should be taken into account when evaluating infrastructure for exposure to computer crime?

read article and discuss…How do you feel about data being collected about you

read article and discuss…How do you feel about data being collected about you when you allow apps to access your location? Do you know how that data is being used–is your individual data being recorded, or are a number of individuals’ data collected and used “aggregately”? Do you know if that data is being sold to other parties with or without your consent? Do the advantages of collecting these data (such as for COVID-19 research) outweigh the disadvantages?

Congratulations! You’ve completed CYS 526 and have hopefully learned skills that

Congratulations! You’ve completed CYS 526 and have hopefully learned skills that will take you through your degree and beyond. For our final reflection, consider the Course Outcomes below.  Select two of the outcomes and write a short paragraph on each. Your paragraphs should detail the evidence that you’ve met the outcome and how this accomplishment furthers your career goals.
CO1: Evaluate common cyberattacks and prioritize threats to IT organizations.
CO2: Construct cyber defenses against prevalent cyber-attacks.
CO3: Implementing vulnerability management and incident response processes.
CO4: Apply cyber defense analysis skills in real-world scenarios.
CO5: Evaluate the importance of secure software practices and security architectures.

Introduction Your organization is experiencing a data breach that has comprised

Introduction
Your organization is experiencing a data breach that has comprised systems internationally and you must pull together resources to effectively and efficiently return your organization to normal. Communication and centralization of efforts will be key. The wrong move can cost your company dearly or even can lead to the company being shut down due to regulatory fines, reputational damage, as well as lawsuits.
This is phase two of a multifaceted attack. In this assignment, you will learn during this exercise to actively respond to the scenario as if it were an actual attack and to interact with other functional areas that would also be impacted by the security incident.
The Scenario: OZCO Data Breach – INJECT
You now have what we call an “INJECT” into this scenario which throws a few wrinkles into it just as in the real world you can’t account for every move your attacker will make. An “INJECT” provides you with a changing environment and forces you to critically think about your next move and how to achieve the goal of returning your organization to normal operations.
You return to your laptop to now find demands that display on your computer screen below!
OZCO Customer & Employee PII For Sale. You are owned by “the void.” You have 48 hours to respond or your data will be sold!! Threat actor requests 35 bitcoins ($1,231,293.00) and sends a list of sample PII to validate this claim.
To further complicate matters, you’ve just gotten off a call with the VP of Marketing who’s heard about the data breach and requests a full debriefing. You have approximately 24 hours to pull together a PowerPoint that states whether or not there’s been a data breach, your reasons for your decision, and the actions you propose to return the organization to normal.  Please see detailed instructions for your PowerPoint below.
Instructions
Your PowerPoint should consist of between 12-18 slides that address the scenario above. Please include your international locations when constructing your systems, plans, process, and procedures and address the following elements:
Preparation: What systems, plans, processes, and procedures should be in place to detect this threat?
Detection: What systems, plans, processes, and procedures will allow you to detect these threats more efficiently?
Containment: What systems, plans, processes, and procedures should be in place to contain the threat?
Eradication: What systems, plans, processes, and procedures should be in place to remove the threat?
Recovery: What systems, plans, processes, and procedures should be in place to return your organization to normal?
Follow-up: What did we do right? What did we do wrong? What can we do better?
In addition to the above, the PowerPoint should include slides that cover the following:
A mock call tree for the incident response team and their backups if they cannot be reached that includes backup response team members and their numbers.
Information on whether your global company policy will adhere to the extorted demands of the attacker requesting money. “Remember they have your data!” Why will you pay? Why not?
The scope and whether this incident classifies as a global data breach, what severity level has it reached (Critical, Medium, Low) your reasons for your decision, and the actions you propose to return the global organization to normal. Be mindful of possible third-party partners and external legal resources.
The gaps in the plan and how can they be addressed. Remember your company has international concerns!
Any missed questions from Phase I to allow you to experience constructing a more efficient global plan and process going forward to be leveraged in the next Preparation phase of the IRP revision.