Reference no: EM132786510
SIT763 Cyber Security Management, Deakin University
Assessment: Critical thinking task
Organisation - Secureworx
Cyber Security Compliance, Incident Management and Response
Learning outcome 1: - Assess security risks, threats and vulnerabilities to the organisation and implement appropriate information security protection mechanisms by analysing requirements, plans and IT security policies.
Learning outcome 2: - Identify personnel security, training and security education needs, and associated legal and ethical awareness and propose strategies for corporations taking into account cost benefit ratios.
Brief description of assessment task
This task requires students to become familiar with and analyse applicable regulatory and compliance requirements related to the cyber security policy statements for a corporate organisation. The analysis will be considered in the context of incident management and response. Students will need to develop the relationship between an identified risk from the policy statement and applicable regulatory requirements to formulate an incident management and response procedure that can be enacted in the case of the risk eventuating.
This is an individual assessment task. The student is required to submit their solution for given task along with the evidence to support findings, and a bibliography. The solution should consist of:
• 500 word summary of applicable regulatory and compliance requirements
• flow chart of steps to perform for incident management and response
• written procedure related to the identified risk and run through following steps of flow chart.
Background information
This assessment has been designed for you to demonstrate and apply understanding of compliance and incident response planning by considering a scenario involving a ransomware attack. The purpose is to provide you with the experience necessary to learn and apply incident response for cyber security management within an organization you may or already are working for.
This is a critical thinking task. You need to demonstrate application and extension of the knowledge learned from the content provided and participation/discussion in the workshops. Your level of knowledge and experience will determine the extent of research required to be performed by you to complete the matrix.
Instructions
Use the SecureWorx SAD (Solution Architecture Document) New Organisational Management System Version 1-00 to complete this assessment task where required.
A channel on TEAMS has been provided for queries related to assessment 4. Questions requesting specific answers or solutions will NOT be responded to. You will need to allow up to 48 hours for a response to a query.
Task 1: Compliance to Australian Notifiable Data Breaches (NDB) scheme
Using ‘Part 4' of the document from the link below, answer the following questions that Transcon would have to comply with to meet the Australian Government Notifiable Data Breaches Scheme (NDB) for a ransomware attack classified as a eligible data breach. (500 words)
1. What is it about the incident that would classify it as an eligible data breach?
2. How is an assessment to be performed following an eligible data breach? Include the timeframe for completing the assessment as part of your answer.
3. To whom and how will the notification of the data breach be communicated?
Task 2: Incident Management and Response Diagram
Using the 4 major steps of the NIST Incident Response lifecycle namely: 1. Preparation, 2. Detection and Analysis, 3. Containment, Eradication, and Recovery and 4. Post-Incident Activity depicted on page 13 of the following document; create a diagram that provides Transcon with an incident response plan for a ransomware attack.
Task 3: Ransomware Attack Procedure
Using the Transcon SAD identify where and explain how a ransomware attack could occur. Using your diagram from task 2, provide Transcon with a written procedure to follow for the identified ransomware attack.
Attachment:- Critical thinking task.rar
Attachment:- Resources.rar