Hide Folder InformationInstructions
Gathering of evidence is a key step to determine the impact of a security event on a target.
In addition, evidence gathered can also be useful in the audit process. A cybersecurity professional should be aware of the relevance of the techniques and procedures involved in gathering and reviewing evidence.
For this task, imagine that the CISO of a healthcare organization has asked you to explain the following evidence-gathering techniques to an audience of senior-level executives. It may help to pick a specific healthcare organization with which you are familiar.
Observing processes and employee performance
Interviewing appropriate personnel
Reviewing information system documentation
Reviewing information system standards
Reviewing information systems policies and procedures
Reviewing information system organization structure
Keep your audience in mind. Remember you are not preparing this for an academic audience. Your audience will not care about theoretical or conceptual issues in information security and healthcare in particular. They will only care about specific issues, strategies, and scenarios that are relevant to their organization.
Length: 12-15 slides (with a separate reference slide)
Notes Length: 200-350 words for each slide (in lieu of speaker notes, you may record a video or screen capture of yourself delivering the presentation, upload it to a video-sharing site such as YouTube, and submit the presentation along with a link to where the video can be viewed).
Be sure to include citations for quotations and paraphrases with references in APA format and style where appropriate. Save the file as PPT with the correct course code information.