Reference no: EM133518327 , Length: word count:3000

Cyber Security

Chosen topic : Hospital

Assessment Description

You are required to choose a real-world organization (e.g.hospital, bank, school etc) and critically evaluate its infrastructure for possible Cyber Security threats and vulnerabilities. You will then propose appropriate security technologies and tools to mitigate those threats and vulnerabilities. You will also research the academic literature for various security risk management strategies and select the strategies that are suitable for your organization.

Learning Outcome 1: Discuss the major cyber security threats.

Learning Outcome 2: Compare and contrast the tools, technologies, and techniques used in offensive and defensive security practices.

Learning Outcome 3: Analyse cyber security risk and critically reflect on risk management solutions.

Learning Outcome 4: Apply the fundamental concepts and principles of cyber security to system design.

Learning Outcome 5: Appraise mitigation strategies for given scenarios.

Assessment Details

The details of the assessment are as follows:

• Each group will select an organisation of their choice. The organisation should be
• A medium to large enterprise with branches in multiple locations
• Able to provide each group with access to information about the various aspects of the ICT Infrastructure including user communities, network operations, various servers and other devices (e.g. firewalls, load balancers etc.).
• The current ICT infrastructure of the organisation should be critically evaluated to find potential security vulnerabilities and threats.
• A revised ICT infrastructure for the organisation should be developed with recommendations on the following aspects.
• Security tools that should be used by the organisation to protect from different vulnerabilities and threats present in the current ICT Infrastructure.
• Security technologies that will enable the organisation to use best practices in information security.
• Security management strategies that can be developed by the organisation to carry out planning, risk analysis, risk management, incident handling and maintenance.

Structure of Report
5.1. Title page
This must contain the title of the report (make title as informative as possible), student number, unit number and date of submission.

5.2. Abstract
The abstract provides an overview of the entire report. The purpose of the abstract is to briefly explain vulnerabilities and threats faced by the current ICT infrastructure of the organization. Key security tools and technologies used by the organization in the new ICT infrastructure need to be briefly explained here. Security management strategies utilized by the organization should also be summarized here. The length abstract is between 200-300 words. Do not use headings, figures or in-text citations in this section.

5.3. Table of Contents
Ideally, but not necessarily, constructed using the hyperlink functions in Word. Lists of figures and tables are not required.

5.4. Introduction
This section concerns the context and aims of the report. Mention (in just a few paragraphs) the background of the organization e.g. type of organization, number of employees, number of branch offices. Briefly explain the key security requirements of the organization and possible repercussions if a security breach occurs. Given all of this, state the main aim of the report together with a short account of the tasks required to be carried out.

5.5 Main Body
5.5.1 Current ICT Infrastructure of the organization
In this section you should explain the key components of the current ICT Infrastructure of the organization. You should draw a figure of the current infrastructure clearly showing various components of the infrastructure such as servers, firewalls, routers and other devices. The current infrastructure should be critically evaluated to find various security threats and vulnerabilities. Each security threat and vulnerability should be explained with citations of academic resources.

5.5.2 New ICT Infrastructure of the Organization
In this section, you should first explain the various components of the new infrastructure with the help of a figure. This new ICT infrastructure should remove the security threats and vulnerabilities that are present in the old ICT infrastructure. You should explain about tools, technologies and security management strategies employed in the new ICT infrastructure in separate subsections. The details about these subsections are given below.

5.5.2.1 Security Tools
Research on various security tools discussed in the academic literature and recommend which tools can be used in the new ICT infrastructure to overcome the threats and vulnerabilities you mentioned in section 5.5.1. Explanation of each tool is needed along with appropriate citations of academic resources.

5.5.2.2 Security Technologies
Research on various security technologies discussed in the academic literature and recommend which technologies should be used by the organization to overcome the threats and vulnerabilities you mentioned in section 5.5.1. Explanation of each security technology is needed along with appropriate citations of academic resources.

5.5.2.3 Security Management Strategies
Research on various security management strategies discussed in the academic literature and select the strategies that are suitable for your organization. Explanation of security management strategies is needed along with appropriate citations of academic resources.

5.6 Conclusions
Using an analysis of the preceding sections, the conclusions should summarize your key findings. Conclusions are the results of your own critical thinking, they should be justified through analysis of your findings and written in your own words with no citations.

5.7 References
These should be formatted in APA style. At least 05 recent and relevant academic resources (i.e. peer-reviewed journal articles and conference papers, books) are needed in the report.