User Account

All Pages

Threat modelling report in response

Assignment Help Other Subject
Reference no: EM132735192 , Length: word count:1500

MIS607 Cybersecurity - Laureate International Universities

Threat Model Report

Learning Outcome 1: Explore and articulate cyber trends, threats and staying safe in cyberspace, plus protecting personal and company data.
Learning Outcome 2: Analyse issues associated with organisational data networks and security to recommend practical solutions towards their resolution.
Learning Outcome 3: Evaluate and communicate relevant technical and ethical considerations related to the design, deployment and/or the uses of secure technologies within various organisational contexts.

Task Summary
You are required write a 1500 words Threat modelling report in response to a case scenario by identifying the threat types and key factors involved. This assessment is intended to build your fundamental understanding of these key threats so that you will be able to respond/mitigate those factors in Assessment 3. In doing so, this assessment will formatively develop the knowledge required for you to complete Assessment 3 successfully.

Context
Security threat modelling, or threat modelling is a process of assessing and documenting a system's security risks. Threat modelling is a repeatable process that helps you find and mitigate all of the threats to your products/services. It contributes to the risk management process because threats to software and infrastructure are risks to the user and environment deploying the software. As a professional, your role will require you to understand the most at-risk components and create awareness among the staff of such high-risk components and how to manage them. Having a working understanding of these concepts will enable you to uncover threats to the system before the system is committed to code.

Task Instructions
1. Carefully read the attached the case scenario to understand the concepts being discussed in the case.

2. Review your subject notes to establish the relevant area of investigation that applies to the case. Re- read any relevant readings that have been recommended in the case area in modules. Plan how you will structure your ideas for the threat model report.

3. Draw a use DFDs (Data Flow Diagrams):
• Include processes, data stores, data flows
• Include trust boundaries (Add trust boundaries that intersect data flows)
• Iterate over processes, data stores, and see where they need to be broken down
• Enumerate assumptions, dependencies
• Number everything (if manual)
• Determine the threat types that might impact your system
• STRIDE/Element: Identifying threats to the system.
• Understanding the threats (threat, property, definition)

4. The report should consist of the following structure:

A title page with subject code and name, assignment title, student's name, student number, and lecturer's name.

The introduction that will also serve as your statement of purpose for the report. This means that you will tell the reader what you are going to cover in your report. You will need to inform the reader of:
a) Your area of research and its context
b) The key concepts of cybersecurity you will be addressing and why you are drawing the threat model
c) What the reader can expect to find in the body of the report

The body of the report) will need to respond to the specific requirements of the case study. It is advised that you use the case study to assist you in structuring the threat model report, drawing DFD and presenting the diagram by means of subheadings in the body of the report.

The conclusion will summarise any findings or recommendations that the report puts forward regarding the concepts covered in the report.

5. Format of the report
The report should use font Arial or Calibri 11 point, be line spaced at 1.5 for ease of reading, and have page numbers on the bottom of each page. If diagrams or tables are used, due attention should be given to pagination to avoid loss of meaning and continuity by unnecessarily splitting information over two pages. Diagrams must carry the appropriate captioning.

6. Referencing
There are requirements for referencing this report using APA style.

Case Scenario

The Business & Communication Insurance (B&C Insurance) began business as a private health insurer, established by Gary RT.L & family in 1965 through the Health Insurance Commission. This company was set up to compete with private "for-profit" funds. The company's headquarters is located in New York and has offices in various other countries including Spain, Australia and Hong Kong. The CEO of the B&C Insurance recently received a ransom email from an unknown company claiming that they have access to the company strategic plans and personal details of 200,000 clients. A sample of personal details of 200 clients was included in the email as a ‘proof'.

Ransom emails are normally sent through unreliable external networks that are outside the company's security boundary. The CEO consulted the senior management and they acted promptly to investigate and contain the threat with the aid of forensic computer specialists. The first step was to validate the threat. The management team found a discussion on a hacker site in the dark net that had personal information of 200,000 clients of B&C Insurance for sale. This also included the details of the 200 clients, provided in the ransom email as ‘proof'. The investigation also confirmed that the details of the 200 customers are genuine.

The senior management considered the need to identify threats and give practical guidance on how to manage the risks of identity fraud to be of utmost importance. Therefore, a team of consultants was appointed to prepare a series of reports to identify various threats and to develop cybersecurity crisis management plans in order to respond to potential threats/ risks of sophisticated hackers penetrating into the internal systems of the company and accessing client information.

As the cybersecurity specialist in the team, you have been asked to write a report to identify the threat types and key factors involved. In doing so, you are required to identify the most ‘at-risk' components, create awareness among the staff of such high-risk components and how to manage them. In addition, this report is to help key stakeholders, including the executive managers, to make decisions on what course of actions must be undertaken to mitigate potential threats.

Reference no: EM132735192

Questions Cloud

What would be the most similar to organelles : If a cell is a city, what would be the most similar to each organelles?
Find what ratio would calculate : If you wanted to perform an analytical procedure to check the suspected occurrence of this double counting scheme, what ratio would you calculate?
How you intend to address the instrument validity : Under the heading method and design in your research proposal regardless of the method/approach used qualitative, quantitative, or mix methods.
Show how such a system should be structured : Use the elements of the Cost of Quality and the Internal Operations component of the Balanced Scorecard[BSC] to show how such a system should be structured
Threat modelling report in response : Respond to the specific requirements of the case study. It is advised that you use the case study to assist you in structuring the threat model report
What amount of cash is paid on the maturity date of the note : Borrowed $65,000 cash on March 1 from City Bank by signing an interest-bearing note payable. What amount of cash is paid on the maturity date of the note
Show how to compute the minimum cash flow : Show how to compute the minimum cash flow that a computer must generate to be worth the purchase. Your answer will depend on i.
Write a position paper on the new ethical dilemmas : Your written assignment for this module is to write a position paper on the new ethical dilemmas being applied to and identified by the criminal justice system.
How much must save to purchase an annuity paying : Describe the calculation you need to make to determine how much you must save to purchase an annuity paying $50,000 per year for the rest of your life

Reviews

Write a Review

Other Subject Questions & Answers

  Do you find that current problems are mostly rooted

When you apply this basic psychoanalytic concept specifically to yourself, what connections between your own past and present are you aware?

  Write your opinion and do you agree or not about article

All I need is a report on the above article (click the link) -Write a summary of this article. 1-2 paragraphs. -Write your opinion and do you agree or not. It is basically a response. 1-2 Paragraphs.

  How has domestication influenced how we treat animals today

What are the benefits of domestication for both humans and animals? How has domestication influenced how we treat animals today?

  Different paintings of american buildings

Prepare a 5- to 10-slide Microsoft PowerPoint presentation which describes at least three different paintings of American buildings or an industrial process from artists discussed

  How victims can protect themselves from being victimized

In Chapter 3 of the text, Siegel discusses victims and victimization. Victimization theories argue that victims are sometimes responsible for their own.

  Explaining the breach rationale

When Brian retired, he sold his trains to his neighbor, James. Harry sued Brian, claiming breach of contract, or in the alternative, for promissory estoppel. Who wins? Explain your answer.

  What other small to medium size businesses can learn

Visit the library and select a current article (no more than one or two years old) on pricing strategies for a small to medium size business.

  Develop policy argument that is definitive using crime

Develop a policy argument or claim that is definitive, designative, evaluative, and advocative, using one of these terms: (a) crime, (b) pollution, (c) terrorism, (d) quality of life, (e) global warming, (f) fiscal crisis.

  Business growth as a key strategy

Why do healthcare organizations frequently use business growth as a key strategy? What are the benefits and challenges of growing through internal expansion?

  Describe an imaginary process

Describe an imaginary process that violates both the 1st and 2nd laws of thermodynamics.

  Discuss best practices for hiring top talent

Discuss best practices for hiring top talent and the process for developing top talent from within the organization. The response nust be typed.

  Analyze key reasons why third parties have never successful

Analyze key reasons why third parties have never been successful at the presidential level. Determine the role of the campaign process in maintaining the two-party system. Use examples to support your response.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd