Draft a ransomware policy for a fictional hospital located in the United States that is designed to address and mitigate the threat of ransomware. You should first familiarize yourselves with how ransomware works, how its delivery methods, frequency of attacks, and relevant contextual information crucial for designing the hospital’s policy.
The official organizational policy will set out principles, rules, procedures, standards and guidelines to optimize the security of the hospital’s operation and data against the threat of ransomware or any similar threats to the availability of critical data.
The policy should cover all aspects of ransomware: Governance, Identification, Protection, Detection, Response and Recovery. It should also articulate rules and procedures to ensure that the hospital complies with all laws, regulations, and standards pertaining to a healthcare provider’s use of data.
For this assignment, you will be provided with a generic sample of an organizational security policy. It is not specifically directed at ransomware (we don’t want to make this too easy); just a simple example of how organizational-level policies are formulated and are organized. It is important for you to tailor your policy to the business goals and cybersecurity issues relevant to a hospital and consider the specifics of ransomware.
The policy (up to 2000 words) should be preceded by a separate memo (up to 1000 words) to the Chief Information Officer and the Chief Information Security Officer assessing the nature of ransomware and its relevance to hospital cybersecurity. The memo should assess the nature of ransomware, how it is usually delivered, how frequently attacks take place, and any other contextual information vital for the hospital’s cybersecurity approach.
Please submit two separate documents, one for the memo and one for the organizational policy
Last Completed Projects
| topic title | academic level | Writer | delivered |
|---|