Reference no: EM132344073
Assignment: Cybersecurity - Risk assessment
Task Description
You are interviewed by an organisation for a position of cybersecurity consultant to work in a cybersecurity program in the organisation such as your educational institute SCU, a legal firm, a division of large business/government organisation, or other moderate sized organisation.
As part of the interview, you are required to complete the following tasks:
• Task 1: risk assessment - discuss why risk assessment is the most critical step in developing and managing cyber security in the organisation and identify the limitations of the current risk assessment methods.
• Task 2: Threat landscape - develop five questions and justify why you think they allow you to identify the most critical information assets of the organisation. Create a WFA template to rank the assets (you will fill this WFA when you do Ass2). We just need the template.
• Task 3: Threat landscape - identify the top five threats to the organisation information assets. Support you finding by quoting reputable sources of information.
• Task 4: Threat landscape for website - the open doorway to your organisation. Let us assume that an organisation's website is one of the most critical information assets of the organisation. Discuss how the top five threats identified in Task 3 could or could not impact the asset. Rank the threats based on their levels of impact on the asset. Support your discussion by quoting reputable sources of information. You are free to make any assumption(s) you wish regarding the organisation structure, mission, vision, business profile, etc. which will need to be documented in the appropriate sections of your report.
Assignment-1 Guideline
Task 1: The importance of risk assessment
To complete this task, use the following questions to guide your discussion:
• What is risk assessment?
• What do you know by performing cybersecurity risk assessment?
• What do you think is difficult for you to do/obtain in the risk assessment process?
• How risk assessment results are used to develop and manage cybersecurity and how they can affect the business decision making process?
Task 2: Critical asset identification
To complete this task, use the following questions to guide your thought:
• What is an information asset?
• What make an information asset critical?
• What can be included in WFA to classify the organisation information assets?
Task 3: Threat identification
To complete this task, use the following guidelines:
• Clearly understand the difference between important security concepts including threats, hazards, attacks and incidents.
• Search for security threat, incident and trend reports and use the results from reputable sources such as government organisations and security companies.
• Identify relevant threats by studying statistics and figures found in the reports.
• Summarize each threat, threat agent, method of delivery and working mechanism
Task 4: Threat assessment
To complete this task, use the following guidelines:
• Identify potential weaknesses (vulnerabilities) of the asset based on three information security components: confidentiality, integrity and availability.
• Study the working mechanism of each threat to assess the potential impact of the threat on the asset by exploiting the vulnerabilities. Use your own and public domain knowledge to help you with the impact assessment.
Format and Presentation
You are recommended to present the assignment in a standard report format with the title page that details your name, student-id, unit, course and date/time information. You will also provide a TOC page for the navigation. There is no report template to be used in this assignment, so you can design your own template or refer to online resources.
However, the report should be well presented with clear headings, titles and subtitles.
Attachment:- Cybersecurity_Assignment.rar