Improving Cybersecurity Posture: analysis of an Independent Security Report

Throughout your career in cybersecurity management, you will be asked to develop and improve an IT department to support a company’s strategic goals and mission. Assessments of the organization’s cybersecurity posture will need to be conducted to secure the company’s information and systems. The organization’s leadership may decide to hire external consultants to do this assessment. The consultants will review the security policies, standards, procedures, and guidelines that are used to secure the company’s assets. Additionally, they will look at compliance issues, personnel roles and assignments, continuity plans, and overall risk management.

In this task, you will analyze an independent assessment and respond to it in a detailed written report. You will need to read the attached “Company Overview” and “Independent Security Report” that correspond with the following scenario.

Psinuvia Incorporated is a medical supply company specializing in wearable and implantable medical devices. Its chief scientist recently left the organization and returned to St. Petersburg, Russia. During a recent board meeting, the discussion centered on how the company can improve its operations and secure its information and information systems. Board members focused on the possibility of an internal threat from the recently departed chief scientist and the possibility of external threats. As a result of this meeting, the board decided to have an independent assessment of the cybersecurity posture of the company. The assessment was completed by Autojor Security Consultants. This organization uncovered a number of issues with Psinuvia’s security program and sent a security report detailing what was found. (See the “Independent Security Report” in the attachments.)

As Psinuvia Inc.'s chief technology officer (CTO), you act as the leader of the cybersecurity department. You are required to review the report and write Psinuvia’s response to the proposed security improvements. You must determine the appropriate actions to take, resulting in a plan for fixing the revealed issues. Your response must be in a written report outlining the ways Psinuvia will improve security. This report will be given to the board of directors and upper management, including the chief executive officer (CEO).

Describe both the physical vulnerabilities and physical threats that put the security posture of Psinuvia Inc. at risk.

Provide details from the attached “Independent Security Report,” including how each vulnerability or threat is negatively impacting the security posture of the company