Reference no: EM132490667 , Length: word count:3500

BN223 Cyber Security Principles - Melbourne Institute of Technology

Assignment - Cyber Security Threats, Vulnerabilities and Risk

Learning Outcome 1: Understand the common types of threat and vulnerabilities to cyber systems and data

Learning Outcome 2: Discuss the design and secure solutions for organisations in socio-technical context

Tasks:

It is to note that this assignment consists of two parts a) Assignment 1a and b) Assignment 1b.
A. Identify a target company to be analyzed for protection and security
B. Write a review article for the topic described below

1. Topic - Network security Vulnerability and its impact on threats and attacks

System security challenges have increased over the years especially with critical systems such as banking, healthcare, and the use of advance utilities becoming more connected. On the other hand, the malicious actors have evolved from early-day hackers whose intentions were mostly curiosity to modern-day hackers who has the intentions of financial gain to espionage and beyond. To effectively secure against these threats and attacks, it is important to understand what we are securing, how we are securing it, and who we are securing against.

Assignment 1a description:

You need to cover the following topics to secure the company network. The following is the scope for Assignment 1A.

1. Literature review about attacks facing companies and how to secure them

2. Identify a target company: You need to select an existing company and describe its current network setup, business mission/objectives, and historical attacks if existed. This company should have multiple branches nationally and/or internationally that are connected over internet.

3. Know The Enemy. You need to conduct a research and identify the possible enemy according to business of the selected company, and what would motivate them to conduct possible attacks.

4. Assess the vulnerability of the company system network when connecting to external parties. Discuss these vulnerabilities existed at the company and how to check for them

Assignment 1b description:

5. Know Your Self. Threat is the presence of something valuable that makes a threat credible. The value and nature of a valuable define the nature of the threat, the risk posed by a threat, and the cost of defense. You need to define/list the assets that you have to protect, the risks associated with those assets, and the costs of protecting or not protecting them, so you can define the threat to your network. This analysis of an organization's assets and risks would lead to create a proper security policy. You need to prepare the following:

a. Assess the vulnerability of the company system network (internally). Discuss the possible vulnerabilities might exist at the company and how to check for them.

b. Discuss the different type of threats facing this company.

c. What could be the potential risks and how to mitigate them?

d. The cost of defence for addressing the important risks.

e. Describe the steps for security policy needed to secure the company's network.

f. What is the role of security standards in improving the network security? You can give example of NIST framework

g. Search for CISCO SAFE model (as shown in the reference below) and describe their method for analyzing threats, risks, and policies across an organization and implementing controls.

Reference: "SAFE Overview Guide: Threats, Capabilities, and the Security Reference Architecture,"
h. Prepare slides (between 5- 8 slides) for presentation during the lab class. Read the instruction attached carefully.

i. Important: You need to include a revision of the literature review done at assignment1-a based on feedback from tutor.

Attachment:- Cyber Security Principles.rar