Hi, How Can We Help You?
  • Address: 1251 Lake Forest Drive New York
  • Email Address: assignmenthelpcentral@gmail.com

Tag Archives: How might that move forward into your professional practice?

Assignment Help Central   →  Blog Large Image   →  How might that move forward into your professional practice?
November 7, 2025
November 7, 2025

Cybersecurity Framework Steps

Author By Academic Wizard Categories Blog

Cybersecurity Framework Steps

What kind of steps would you take to illustrate how an organization could use the Cybersecurity Framework to create a new cybersecurity program or improve an existing program. What are some of the key messages and ideas that you will take away from this course? What surprised you about the class? In your opinion, what has changed? How might that move forward into your professional practice?

Course Textbook(s) Lewis, T. G. (2020). Critical infrastructure protection in homeland security: Defending a networked nation (3rd ed.). Wiley. https://online.vitalsource.com/#/books/9781119614562

Cybersecurity Framework Steps

  • • What kind of steps would you take to illustrate how an organization could use the Cybersecurity Framework to create a new cybersecurity program or improve an existing program,

  • • What are some of the key messages and ideas that you will take away from this course,

  • • What surprised you about the class,

  • • In your opinion what has changed,

  • • How might that move forward into your professional practice,

✅ Comprehensive General Answers

1️⃣ Steps to Use the Cybersecurity Framework (CSF)

To create or enhance a cybersecurity program, an organization can follow a structured approach using the NIST Cybersecurity Framework, which aligns well with best practices highlighted in Lewis (2020):

  1. Identify

    • Understand assets, systems, risks, regulatory requirements, and mission priorities.

    • Conduct a cybersecurity risk assessment.

    • Define business-critical systems and dependencies, especially those tied to critical infrastructure (Lewis, 2020).

  2. Protect

    • Implement policies, user access controls, awareness training, endpoint protection, secure network architecture, encryption, and incident prevention controls.

  3. Detect

    • Deploy monitoring tools, intrusion detection systems, log management, and behavioral analytics to identify potential breaches in real time.

  4. Respond

    • Build an Incident Response Plan (IRP) including containment, communication protocols, digital forensics, and defined roles.

  5. Recover

    • Ensure continuity operations, secure backups, system restoration, and improvements based on lessons learned.

Throughout each step, the organization:

  • Sets current and target maturity levels,

  • Identifies gaps,

  • Prioritizes actions based on risk and resources,

  • Measures performance for continuous improvement.

This layered approach mirrors the defense-in-depth principles emphasized in homeland security protection strategies (Lewis, 2020).

2️⃣ Key Messages & Ideas From the Course

Some major takeaways include:

  • Critical infrastructure interdependencies create systemic national vulnerabilities.

  • Cybersecurity is not just technology — it is people, processes, and risk-based decision-making.

  • Threats evolve faster than policies; therefore, resilience and adaptability are essential.

  • Public-private collaboration is necessary to defend a networked nation (Lewis, 2020).

3️⃣ What Surprised Me

I was most surprised by:

  • How deeply cybersecurity challenges affect national security, not just corporate IT.

  • The volume of threat vectors tied to operational technology (OT), such as utilities, transportation systems, and supply chains.

Seeing how a cyberattack on one sector can quickly cascade into multiple infrastructure failures was eye-opening.

4️⃣ What Has Changed

My understanding has shifted in several ways:

  • I now see cybersecurity as a strategic mission, not only a technical function.

  • Risk management frameworks like NIST CSF provide a repeatable, scalable way to align technology controls with mission objectives.

  • Threat intelligence must be proactive versus reactive — waiting is no longer an option.

5️⃣ How This Moves Into Professional Practice

Professionally, I will:

  • Advocate for risk-based cybersecurity planning rather than reactive spending,

  • Use the NIST CSF as a standard for program development and assessment,

  • Promote training and cyber hygiene as core components of organizational safety,

  • Engage more with incident readiness and business continuity planning.

Ultimately, this course prepares me to contribute to a more secure and resilient operational environment — one where cybersecurity is embedded into the culture and strategic goals of the organization.

October 30, 2025
October 30, 2025

Cybersecurity Framework Reflection

Author By Academic Wizard Categories Blog
Cybersecurity Framework Reflection

  • What steps illustrate how an organization could use the Cybersecurity Framework to create or improve a cybersecurity program?,

  • What key messages and ideas will you take away from this course?,

  • What surprised you about the class?,

  • What has changed in your opinion?,

  • How might that move forward into your professional practice?,

✅ Comprehensive General Answer

The NIST Cybersecurity Framework (CSF) provides organizations with a structured method to build or enhance their cybersecurity posture. To illustrate implementation, I would take the following steps:

1️⃣ Identify Current State
Assess existing cybersecurity capabilities and risks, including assets, data sensitivity, and critical infrastructure dependencies (Lewis, 2020).
2️⃣ Determine Target State
Define where the organization aims to be based on industry standards, threats, and regulatory requirements.
3️⃣ Gap Analysis & Prioritization
Compare current conditions to target goals and prioritize actions by likelihood and impact of threats.
4️⃣ Develop & Implement Action Plans
Apply appropriate controls across the framework’s core functions—Identify, Protect, Detect, Respond, Recover.
5️⃣ Monitor, Evaluate, Improve
Cybersecurity needs continuous review, updating policies, training, and technologies as threats evolve.

🔹 Key Messages & Ideas Taken from the Course

A major takeaway is the recognition that critical infrastructure is deeply interconnected, meaning a vulnerability in one sector can cascade into others. The course emphasized that cybersecurity is not solely a technical function—it requires organizational policy, leadership engagement, and risk-informed decision-making (Lewis, 2020).

Another key message is the importance of defense in depth, integrating multiple layers of security to reduce single points of failure.

🔹 What Surprised Me

I was surprised by how much human behavior and organizational culture impact cybersecurity success. Technical controls alone are not enough — training and awareness are vital.

🔹 What Has Changed in My Perspective

I now better understand cybersecurity as a national security issue, not just an IT concern. Threats to power grids, healthcare networks, and communication systems can disrupt the entire nation.

🔹 Application to Professional Practice

Going forward, I would adopt a risk-driven mindset in my cybersecurity work. I plan to:

  • Incorporate NIST CSF into organizational planning

  • Promote continuous monitoring and improvement

  • Advocate for stronger employee security awareness programs

This course reinforced that protecting critical infrastructure requires collaboration, vigilance, and proactive planning.

✅ Reference — APA 7 Format

Lewis, T. G. (2020). Critical infrastructure protection in homeland security: Defending a networked nation (3rd ed.). Wiley.