Reference no: EM133669746

Group presentation

The group presentation will be taken as a Problem-based learning (PBL) Presentation in seminars of 30 minutes duration plus Q&A. The aim of this assignment is for groups to undertake a series of in-depth investigations into contemporary topics . The presentation (from a set list of problems or you can suggest) will cover the content provided in all the learning outcomes. This gives students a specific problem around which to research and incorporate the content provided in lectures and reading. The PBL reinforces critical thinking skills. For the PBL presentation requirement, external students can either form small groups at the beginning of the course. Students are required to submit a PowerPoint presentation (or equivalent) with presenters' notes that, if presented orally, would extend to around 30 minutes, as well as a detailed risk assessment report.

Each slide should contain logical, transparent, and easily understood points that demonstrate the understanding of the topic. For Skype or video presentations, the notes section of the presentation should discuss or argue the relevance of each of the bullet points in the body of the slide. This enables the lecturer/tutor to assess your understanding of the topic. You should also place the details of the references that you have used in each slide in the notes section.

Every group will deliver 1 PBL presentation based on the Cyber Security Risk Assessment document.

In this PBL assessment, students must perform a risk analysis of a scenario organization's cyber risk, identify threats and vulnerabilities of information assets, forecast the consequences of a successful attack, and recommend how each threat should be treated. The risk assessment must be able to cater to accidental or deliberate hardware, software, and network failures or attacks. Please be aware that you will need to make assumptions and estimates for this assessment to make your risk assessment plausible. It is perfectly okay to do this.

Each group is required:
1) to submit a detailed risk assessment report and
2) to make an oral presentation using these PowerPoint slides.

PBL: Cyber Security Risk Assessment

Group presentation
This will start taking place from week 10 - week 12. You need to check the week you will be presenting. Problem-based learning (PBL) Presentation in seminars of 30 minutes duration plus Q&A. The aim of this assignment is for groups to undertake a series of in-depth investigations into contemporary topics in PRT571. The presentation will cover the content provided in all the learning outcomes. This gives students a specific problem around which to research and incorporate the content provided in lectures and reading. The PBL reinforces critical thinking skills. For the PBL presentation requirement, external students need to form small groups at the beginning of the unit. Students are required to submit a PowerPoint Presentation (or equivalent) with presenters' notes that, if presented orally, would extend to around 30 minutes.

In today's world, organisations must be able to protect and defend against threats in cyberspace. Effective cyber security risk management is much more than a technology solution, it must be integrated into an organisation's day-to-day operations. A company must be prepared to respond to the inevitable cyber incident, restore normal operations and ensure that company assets and the company's reputation are protected.

In this assessment, students must perform a risk analysis of a scenario organisation's cyber risk, identify threats and vulnerabilities of information assets, forecast the consequences of a successful attack and recommend how each threat should be treated.

The risk assessment must be able to cater for accidental or deliberate hardware, software and network failures or attacks. Please be aware that you will need to make assumptions and guestimates for this assessment to make your risk assessment plausible. It is perfectly okay to do this.

If you prefer to create your own report (not using a template) or use a template from another source, it is acceptable to do this.

Each group is required: 1) 1,500-word/per student risk assessment allows students to explore the application of cyber security principals to a real world organisation, and 2) to make an oral presentation using Powerpoint slides. The deadline for both the report and presentation must be submitted to the learnLine 24 hours prior to the group's scheduled presentation.

A detailed marking matrix is available to all enrolled students on the unit site. Marking criteria includes evaluation of understanding of risk assessment concepts, written expression, referencing, structure and layout and workability of the risk assessment provided.

Topic: Medical Delivery Drones

You work as a cybersecurity specialist for a research organization that just started an ongoing collaboration with a delivery drone company. This project deals with the transportation of medical supplies to remote indigenous communities. Drones might be the only way to ensure a timely delivery to these isolated places, especially when all road access is blocked due to natural disasters like floods.

The flight is constantly acitvely monitored over a web interface by trained personel at the Ground Control Station. A long range delivery drone is used, the maximum flight duration is 45 minutes. GPS is used for navigation. The communication between the drone and the operator is done through a cloud system that is designed by the drone company. The operator logs in to the cloud system from a computer at the ground station. The cloud system interacts with the drone, provides information about the flight path and updates the graphical interface with a map for the operator.

During the flight path there are several pre defined landing spots in case of any issues during the flight. Additionally, the drone can be stopped at any time and has a return to home feature. If the drone deviates from its path, the cloud system will issue a warning, and if it goes too far off course, the return to home option will be triggered automatically. The drone will only pass through civilian airspace during its flight, and will fly above a few medium-sized towns.

Please make sure to incorporate multiple perspectives into your cyber security risk assessment. Following are a few examples that should be considered but please remember to add any other scenarios you deem important.

In many cases it is crucial that medical freight is delivered in time. The drone has to operate without any disturbace during the whole operation. Especially when the road access to the communities is already blocked by flooding the risk of further environmental events like cyclones or thunderstorms might be higher than usual. Those additional environmental disasters can greatly endanger or delay the drone.

Among the freight might be valuable prescription drugs that can draw attention to attackers like drug traffickers. Organized crime groups often have a wide range of resources at their disposal, and they may attempt to gain access to the freight by hijacking the drone. To seize control of the drone, the attackers may make use of advanced technical tactics such as GPS jamming or spoofing.

In the report you should highlight how you arrived at your likelihood, impact and overall risk rating for each of your risks/threats.

You can use a risk assessment template to help you keep a simple record of:

who might be harmed and how
what you're already doing to control the risks
what further action you need to take to control the risks
who needs to carry out the action
when the action is needed by

Your risk assessment controls and recommendations should be supported by references and citations. You must justify and support why you have chosen a particular control/solution/response/recommendation.