User Account

All Pages

Project e-commerce risk analysis

Assignment Help Computer Network Security
Reference no: EM132568732

CSIA 350 Cybersecurity in Business & Industry - University of Maryland Global Campus

Project e-Commerce Risk Analysis

Description
For this project, you will begin by researching a publicly traded company that engages in e-Commerce. You will then review the company's risk statements as published each year in the company's Annual Report to Investors (also published in the company's annual filing of SEC Form 10-K). After analyzing the company's e-Commerce operations and its risk statements about those activities, you will construct and document your own cybersecurity risk analysis which focuses upon the company's e-Commerce activities (including all supporting business processes).

A list of approved companies appears at the end of this file (see Table 2). If you wish to use acompany not on the approved list you must first obtain the approval of your instructor.

Note: before beginning this assignment, you should review NIST SP 800-30 R1: Guide for Conducting Risk Assessments. Pay special attention to Appendix D: "Threat Sources: Taxonomy of Threats Sources Capable of Initiating Threat Events" and Appendix H: "Impact: Effects of Threat Events on Organizations, Individuals, and the Nation."

Research Your Chosen Company

Part 1. Review the company's website to learn about the products and services which it sells via e-Commerce.

Part 2. Retrieve and review the Hoovers profile for the company. These profiles are written by professional analysts; pay close attention to the types of questions the analysts ask and answer in the company profile.

Part 3. Use the search bar at the top of the "Search & Build a List" tab to find your chosen company.

Part 4. The company profile web pages in the Hoovers database are interactive and have expanding menus / options (see figure below). You may find it helpful to use the "OneStop Report" button to generate a PDF version of the information. Select "Core" under categories (Available Fields: Company Summary, Contacts, Corporate Family, Corporate Overview, SWOT, and News). Click on the field names in the middle column to select them for your report.

Part 5. After you have looked at the company website and the Hoovers report, Identify 3 or more additional sources of information about the company and how it operates in cyberspace. These can be news articles, data breach reports, etc.
Part 6. Using the information obtained from your sources, identify the types of information and business operations which drive this company's need for cybersecurity products and services. (What needs to be protected?)

Analyze the Company's Risk Statements

Part 1. Using the links from Table 1 (at the end of this file), download a copy of your selected company's most recent Annual Report to Investors from its Form 10-K filing with the United States Securities and Exchange Commission. (Note: the company is the author of its Form 10-K. Do not list the SEC as the author.)

Part 2. Read and analyze the Risk Factors section in the company's report to investors (Item 1.A). This section is a professionally written risk analysis that has been written for a specific audience. Pay close attention to what the company includes as risk factors and how the writers chose to present this information.

Part 3. Analyze the risk factors to determine which ones are related to e-Commerce / Internet operations or are otherwise affected by the use of information in digital form and Information Technology systems and infrastructures. Make a list that shows what information, digital assets, and/or business operations (processes) need to be protected from cyberattacks and/or cybercrime (including insiders and external threats) and the type of risk or threat that could affect those assets and processes.

Write

Part 1. An introduction section which identifies the company being discussed and provides a brief introduction to the company including when it was founded and significant events in its history.

Part 2. A business profile for the company. This information should include: headquarters location, key personnel, primary types of business activities and locations, major products or services sold by the company, major competitors, stock information (including ticker symbol or NASDAQ code), recent financial performance, and additional relevant information from the business profiles. (Use information from Hoovers and other authoritative sources)

Part 3. An overviewof the company's e-Commerce operations which summarizes information obtained from its annual report, the Hoovers profile for the company, and other sources which you found in your research.

Part 4. A separate section in which you describe this company's needs or requirements for cybersecurity. What information and/or business operations need to be protected? While your focus should be upon the company's e-Commerce activities, you should also address the back-office or supporting information and business processes required to deliver those e-commerce activities.

Part 5. A separate section which provides a detailed summary of the identified risks and potential impacts upon the company's operations as a whole.What are the likely sources of threats or attacks for each type of information or business operation? (E.g. protect customer information from disclosure or theft during online purchase transactions.). What are the possible impacts should these risks occur? You may present your summary in table format.

Attachment:- E-Commerce Risk Analysis.rar

Reference no: EM132568732

Questions Cloud

Which health care laws are still in practice : Which health care laws are still in practice? Why? What are the functions of a hospital? How have these functions evolved over the past twenty years?
Risk management strategy for an e-commerce company : Risk Management Strategy for an e-Commerce Company - identifying the selected company and providing an executive summary of the e-Commerce Risk Analysis
What is public interest theory and interest group theory : What is public interest theory and interest group theory? What is contractual and market based incentives? What is sensitivity and precision?
Cultivate to enhance the number of millennial leaders : Examine the best practices that your team can cultivate to enhance the number of millennial leaders.
Project e-commerce risk analysis : Project e-Commerce Risk Analysis - identifies the company being discussed and provides a brief introduction to the company including when it was founded
What is positive accounting theory : What is positive accounting theory, game theory and power theory? What is information and measurement perspectives? What is Nash Equilibrium?
Writing an excellent journal article critique or review : What are the tips for writing an excellent Journal Article critique or review?
Challenges and strategies discussed by pifer and baker : Based on the challenges and strategies discussed by Pifer and Baker (2016), what challenges do you anticipate you will face in your doctoral program?
Identify in henrik ibsen a doll house : Would you consider this play 'episodic' or 'climactic' in structure? What elements of that structure can you identify in Henrik Ibsen's A Doll's House?

Reviews

Write a Review

Computer Network Security Questions & Answers

  Describe the company network and interconnection environment

Describe the company network, interconnection, and communication environment. Assess risk based on the GFI, Inc. network diagram scenario. Note: Your risk assessment should cover all the necessary details for your client, GFI Inc., to understand th..

  Single selector signal

The 2 to 1 multiplexer has two inputs (X1 and X2), and a single selector signal (S). All three switches (S1, S2, and S3) are set as toggle switches.

  Describe the project and identify the project goals

Describe the project and identify the project goals. Identify the main stakeholders and describe the role that each will play.

  Design and build a network infrastructure

You recently joined a small company of less than 50 employees to help design and build a network infrastructure. Analyze the network with the determination of how to secure the network.

  What can be done to protect against ransomware

To pay or not to pay? When it comes to corporate data, should corporations pay? Can you trust paying? What can be done to protect against ransomware?

  Security mechanisms needed to protect the dms systems

Analyze the security mechanisms needed to protect the DMS systems from both state employees and users accessing over the Internet

  How does someone apply for a digital certificate

CP5603 – ADVANCED E-SECURITY - How does someone apply for a digital certificate from this company? Do they ask for a driver's licence

  Etherpad shared document editing system

Etherpad shared document editing system and community version of the Alfresco Enterprise Content Management System

  Creating a switchboard design with control buttons

Construct a detail report that will display all courses in alphabetical order, with course name and instructor name in a group header; the Social Security number, name, and telephone number

  What is the value of your shared secret key

You begin the session by sending X your calculated value of TA. X responds by sending you the value TB = 167. What is the value of your shared secret key? Show all your work.

  Create a 7-10 slide presentation on information systems

create a 7-10 slide presentation on information systems security and it infrastructure. you may use various sources

  Enlist the correct number of dns servers that would be need

Enlist the correct number of DNS servers that would be needed?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd