Executive Summary

Project Proposal Form

4. Executive Summary

The proposed study argues about the need for Insider Threat Awareness and Measures in corporate environments. It will involve scholarly articles and literature review to describe how insider threats came about in the first place, and provide a background on how they originated and began to be taken more seriously over time. It will then summarize knowledge about cases describing the forms and shapes that insider threats can be represented in a corporate environment, as well as how these can really destroy corporations if the proper measures are not put in place. The study will be divided in two parts, which will include the considerable threat that insiders can pose to an organization, and the procedures and tactics that organizations can use in order to deter insider threats, and ultimately protect their data from being misappropriated by insider threat acts.

5. Statement of Need

Discuss the needs or opportunities to be addressed by this project. Why is it necessary to know the information you propose to research?

Based on recent data breaches caused by insider threats, organizations must implement workplace policies to prevent any sort of data tampering and misappropriation, which can ultimately lead to economic devastation. In order to raise awareness and take action, a fine line must be drawn to define what internal threats are and understand their risk to organizations.

6. Project Goals

Identify the goals of the project. Discuss what is to be achieved and the expected/desired outcomes of this project. Who would benefit from this study and how?

The goals of this project are to:

· Describe and segregate insider threat representations from any other type of threats that may target an organization.

· Raise cybersecurity awareness and increase concern about these types of threats, as well as the type of risk they pose for the organization.

· Contribute to the development of an insider threat mitigation program, addressed by procedures, tactics, policies, and technical controls.

· Help organizations to reduce the risk posed by insider threats to an acceptable level, while protecting their most important assets.

The information in this document will benefit organizations as a blueprint towards measurements they can implement in the workplace to prevent insider threat activity so that they can best protect their assets from a possible data breach caused by insider threats.

7. Constraints

Talk about constraints that could affect the development, implementation, and/or end outcomes of this project. Consider such factors as time, experience, knowledge, skill sets, budgetary resources, competitive environment, and existing investments.

Constraints that could affect the outcome of this project include the difficulties that may come along with the development of a technical-instructive document that can be utilized by any organization, regardless of the type of network infrastructure and setting, and the challenges of writing the document in a technical and readable way so that everyone who is interested in using it as a guide can do without a struggle. Other than these two aspects, everything else needed is at hand to elaborate a successful document.

8. Requirements

Given your operational context, describe what needs to be in place during the project and afterwards in order for the project to be successful. In your discussion, consider the constraints you identified above and, if necessary, define requirements to compensate for constraints.

During the project, the following things will need to be in place:

· A computer with a mouse and a keyboard

· Internet connection

· Research articles and trustworthy sites to obtain information from.

· 10-15 hours per week to dedicate towards the written part of the document.

To compensate for constraints, the document will be focused on a common model of corporate network infrastructures. This will limit any confusions that may appear and still allow the document to be used by corporations with more complicated infrastructures. In order to write the document in a way that can be understood by non-tech-savvy personnel, there will be phrases and words translated from a technical to a more user friendly wording. This will include a keywords section to allow readers to interpret and follow along as he or she reads through the text.

9. Time Line

A. In order for this project to meet CRJ 475 requirements, satisfy the needs and opportunities outlined above, and achieve your stated project goals, what is the desired timeline for the project?

Timeline:

· Week 1 Topic investigation: Finding a researchable idea that meets the assignment requirements.

· Week 2 Formal topic proposal submission.

· Week 3 Topic revision based on instructor’s feedback, and topic research immersion.

· Week 4 Review academic and other credible literature about my topic extensively while continuing to do more research.

· Week 5 Build an outline of the paper while reviewing and reflecting upon my research notes.

· Week 6 Draft development based on the outline, and paper revision in order to meet the assignment requirements and purpose of CRJ 475

· Week 7 Proofread and edit the paper, focusing on proper use of APA style and logical organization of evidence.

· Week 8 Final paper submission. Turn the paper into a PowerPoint Presentation for submission by the end of the week

B. What do you think is the longevity or useful life of the solution?

The proposed Senior Project will be useful in a long-term, regardless of changes in technology or any other factors. The content on this document will apply to upcoming corporate network environments. Though, not necessary, it is recommended that this document be updated as new forms of insider threats make appearance.

10. Impact: Costs and Risks

Discuss the expected impact of the project and its expected outcomes. Provide detail on expected and potential costs and risks. If you believe there are none, explain why.

During the implementation of the insider threat prevention model described in this document, many organizations will become aware of vulnerable spots in their systems, and will begin to discover employees who engage in illegal activities or cost the organization more than they should. As a result, organizations will have to invest money in order to mitigate any sort of insider threat vulnerability. This may include investing in a strong antivirus software and other networking equipment. Also, the process of patching the system against unwanted insider threats will consume a lot of time, which means that new personnel will need to be hired to do all the technical work. Even though there are potential costs and risks, this project will contribute towards the development of robust information security against insider threats, hence protecting corporate data from ending in the wrong hands and resulting in higher costs.

11. Impact: Benefits and Opportunities

Discuss the expected impact of the project and its expected outcomes. Provide detail and opportunities. Wherever possible, quantify the impact of the solution.

This document is expected to serve organizations as a blueprint towards the prevention of insider threat activity so that they can best protect their assets from a possible data breach caused by insider threats. It will provide organizations with an evaluation of workplace information security, and assist security personnel with sound technical procedures and configurations that will protect the companies’ assets. The solution to insider threat will be rewarding in the long run, despite of how expensive the insider threat prevention procedure may be. It will prevent a data breach, which can damage organizations’ reputation and even leave them in bankruptcy.

17. References

Identify—following APA guidelines—at least three scholarly/academic resources that are relevant to your proposed topic. If you are not able to identify these resources, you might not have an appropriate topic for the timeframe available.

Henry J (2018) These 5 Types of Insider Threats Could Lead to Costly Data Breaches. Retrieved from https://securityintelligence.com/these-5-types-of-insider-threats-could-lead-to-costly-data-breaches/

Lindsey N (2018) Insider Threats: Not Just That Unhappy Employee. Retrieved November 4, 2018, from https://www.cpomagazine.com/2018/09/12/insider-threats-not-just-that-unhappy-employee/

Tripwire (2017). Insider Threats as the Main Security Threat in 2017. Retrieved from https://www.tripwire.com/state-of-security/security-data-protection/insider-threats-main-security-threat-2017/

Page 2 of 5