NIST Security Models
The design of a security awareness program depends on many factors. One important factor is how the organization will develop and distribute security information. Determining whether the strategies and implementation of an SAP are set centrally or are decided on at a lower level will have a significant impact on the success or failure of the program.
For this Discussion, you will evaluate security models based on a specific organization and its business model. Review Chapter 3 of NIST SP800-50 in this unit's Learning Resources to gain a deeper understanding of the three security models.
The organization you base your security model evaluation on will be determined by the first letter of your last name as listed below:
Wal-Mart A-C
Apple Computer D-F
A small, "mom-and-pop," hardware store G-I
The Kraft Group J-L
The United Nations M-O
The Louvre Museum P-R
Walden University S-U
Fiat Group Automobiles V-Z
Post a 300- to 500-word evaluation of which of the security models defined in NIST SP800-50 you would recommend for your organization. Include in your evaluation a description of your assigned organization and a detailed explanation of your recommended security awareness model. Justify the model you recommended. Include your research on the organization and explain any assumptions you made about the organization to come to this conclusion.