Issue paper for senior management
For this option, you are interviewing for an information security consultant position. The hiring firm is asking you to provide an issue paper (with supporting materials) for new management at an undisclosed client location. The client has experienced significant growth and just hired a new Chief Information Security Officer (CISO) and security staff. Along with the CISO and primary support staff, the CIO and CFO would like to see your interview materials on one of the following computer security topics:
1. Ransomware (assume client is a hospital)
2. Distributed Denial-of-Service (assume client is a bank)
3. Industrial Control Systems (assume client is an energy company)
Though there are many elements of cyber risk management you must cover, the CISO is particularly interested in understanding how to minimize the chance of successful spear-phishing attacks in regards to your topic.
You must cite at least three different information security reports published since 2014. Examples