Reference no: EM132539260 , Length: 6 pages
CSIA360 Cybersecurity in Government Organizations - University of Maryland Global Campus
Project: Securing Digital Government Services
For this paper, you will research potential and existing security issues affecting digital government websites. Government websites enable customers to enroll in programs and services, check the status of benefits, and receive information about the federal government's activities. Your audience for this research reportis the Chief Information Officer for a small federal agency who asked for assistance in developing a risk assessment and risk mitigation strategy for the agency's digital government websites.
Note: this research report is separate from the report you previously prepared about OPEN data and may not reuse information from that report. This paper must address other types of government services. See Table 1 for the list of websites to use in your research.
For this report, you should begin by reviewing three or more specific digital government websites (from the list provided in Table 1) to determine:
(a) the types of information provided by the websites
(b) the types of services provided by the websites
(c) security issues which could impact the delivery of digital government services by the websites
Research:
1. Read / Review the Weekly readings
2. Research three or more attacks that could compromise the security of a Digital Government Website that uses Web Applications, a Web Server, and a Database Server.Here are some sources to get you started:
a. Web Applications Architectures and Security (in the Week 3 content module).
b. Cyber Vandalism --
c. Cybersecurity: Actions needed to address challenges facing federal systems
3. Review three or more websites that deliver digital government services (select from those listed in Table 1). What types of information or services are available via these websites? What population do these websites serve (who is in the intended audience for each website)?
4. As part of your Digital Government websites review, determine the types and sensitivity of information collected, displayed, processed, and stored by the Web applications that implement the Digital Government services.
5. Using FIPS 200, the NIST Cybersecurity Framework, and NIST SP 800-53, research the general types of security controls required by IT systems hosting the Digital Government service that you reviewed.
6. Find three or more additional sources that provide information about best practice recommendations for ensuring the security of the Web Applications used to deliver Digital Government information and services. These additional sources can include analyst reports and/ornews stories about recent attacks/threats, data breaches, cybercrime, cyber terrorism, etc.that impacted the security of digital government services.
Write:
Write a five- to seven-page summary of your research. At a minimum, your summary must include the following:
1. An introduction or overview of digital government thatprovides definitions and addresses the laws, regulations, and policies that require federal agencies toprovide information and services via the Web. This introduction should be suitable for an executive audience.
2. An overview of the information and services provided by the digital government Websites that you reviewed. Answer the following questions:
a. What types of information or services are available via your selected Websites?
b. What populations do the websites serve (who is the intended audience)?
c. What sensitivity level are applicable to each Website (use FIPS 199 criteria).
d. What security issues did you observe during your review?
3. A separate section that addresses the architectures and security issues inherent in the use of Web applications when used to deliver the services provided by your selected digital government Website. Include 5 or more examples of security issues and address how these issues contribute to increased risk.
4. A separate section that includes recommendations forbest practices for ensuring Web application security during the design, implementation, and operation of digital government websites. Include five or more best practice recommendations in your recommendations. (Hint: at least one of your recommendations should address use of the NIST Cybersecurity Framework. Another recommendation should address use of NIST SP 800-53 controls for ensuring security and privacy.)
5. A closing section in which you summarize your research and your recommendations.
Attachment:- Securing Digital Government Services.rar