You are the first Chief Informmation Sccurity O1licer (CISO) for your organi2aDon, and on yourirst day, you realize there are no impacthul cybersecurity pracices established or impiementeoand decide to submit a white paper to the CEO, calling for action. Develop a project plan to standup a brand.nese cybersecurity progranm in the fom of a l0-13 page White Paper, industry bestpractces and Nisl guidance.Guldelines:AFomat 10-15 pages of content. In lieu of an abstract, write an executive summarycuSnmarY de pagc, and references page, are not included in the totala minlmum, 10 reterences should be used. All.cited articles iounals books andSCarch, should be from credible sources and current within the last five years. Note:pedia or personal blogs are not credible.ables and graphiCs, if used, will count for no more than I page in the total. Anythingmore 1s welcome, but the space used will be deducted from the total page countRemember that tables and graphics require in-text citations.Content Tips:Undestand the scope and value of your project.ribe the problem you are fixing by proposing this new cybersecurity program.would include potential threat, financial loss, stso that the organization faces duekof cybersecurity.nce the NST Cybersecurity Framework (vl.) to build the structure of yourcam. this irameworK details cach vital Tunction ot cybersecurity-1dentity,Protect, Detect, Respond, and Recover and will guide your researchSpecifically, incorporate the steps detailed in section 3.2: Establishing oImproving a cybersecurity program.Keep in mind NIST1s a starung pOint, but other resources are recquired (seeGuidelines below).Be sure to include the following details:o Include methods and best practices that satisfy each fünction in the framework. Thecategories and sub-categories offer more details for ensurin8 your program is robust.You do not have to list out and talk to every single sub-category; view them as datapon to dnve your vision.Write a security policy for your organization. The purpose of a security policy 1s tosafeguard the contidenialntY, 1ntegniy, and avllablily, O1 the ofganizauonS5ystemand information. Be sure to include objectives, scope, specific goals, andconscquences in the cvent ot noncompltance.o Create a team. Define roles and responsibilities of all stakeholders, including those ofthe CISO,Describe the access control methods you would implement for your building andnetworkDevelop a method to track performance and report metrics.