Evaluation of Booz Allen Hamilton Cybersecurity Essay -- Cyber Solutio

Introduction During the process of analyzing an organizations effectiveness to manage cybersecurity risks, there are ranges of security policies that need to be implemented. A prime example of this concept is the cybersecurity policies developed for consulting firm Booz Allen Hamilton. The direct division formed to address the firm’s requirements within cyberspace is the Cyber Solution Network (CSN). The CSN division within Booz Allen Hamilton has a range of policies used to ensure the firm is protected against risk. Cybersecurity Policy Best Practices The use of cybersecurity policies within CSN is to provide security of the divisions assets. The written policies provide guidance on implementation, through references to applicable standards and statements of best practices (Booz Allen Hamilton, 2012). As stated by Control Data Corporation, there is no asset which can be 100% secure; network security is often times focused on strategic prevention or reactive procedures, rather than examination of the security policy and maintaining the operation of it (1999). Therefore analysis indicates that numerous breaches are often due to reoccurring weaknesses in the policy. â€Å"Even the most reliable, state-of-the-art technologies can be undermined or rendered ineffective by poor decisions, or by weak operational practices† (Control Data Corporation, 1999, p. 3). The analysis conducted by Control Data Corporation (1999), provides a quality, and precise assessment of adhering to cybersecurity policy. This analysis is organized into several different categories: 1) The Natural Weaknesses of Security Policy The recognition of natural weaknesses is critical for Booz Allen Hamilton’s Cyber Security Network unit. The action of neglectin... ...n of its assets. Works Cited Booz Allen Hamilton (2012). Booz Allen cyber solution network. Retrieved from http://www.boozallen.com/consulting/prepare-for-whats-next/cyber/cyber-solutions-network Booz Allen Hamilton (2011, October 1). Lab Governance Policy. Retrieved from http://www.boozallen.com Control Data Corporation. (1999). Why security policies fail. Retrieved from http://www.scribd.com/doc/17220213/Why-Security-Policies-Fail Kabay, M. E., & Robertson, B. (2009). Security policy guidelines. In S. Bosworth, M. E. Kabay, & E. Whyne (Eds.), Computer security handbook (5th ed.). New York, NY: John Wiley & Sons. NIST. U.S. Department of Commerce, (2009). National institute of standards and technology sp 800-53. Retrieved from website: http://csrc.nist.gov/publications/nistpubs/800-53-Rev3/sp800-53-rev3-final_updated-errata_05-01-2010.pdf