Page 1 CMP71001 Cybersecurity Final Assessment Case Study You have just been appointed to be the Chief Information Security Officer (CISO) for The University of the Sunshine State (USS). You and your...

1 answer below »
Need to get good score

Page 1 CMP71001 Cybersecurity Final Assessment Case Study You have just been appointed to be the Chief Information Security Officer (CISO) for The University of the Sunshine State (USS). You and your team are based in Australia. 1. Introduction You have just been appointed to be the CISO for USS. You and your team are based in Australia. Whilst USS has been in existence for many years, the new Australian campuses are just being established and it is expected to be fully operational for enrolling students by the end of 2021. Due to the “fluid” nature of the Covid-19 pandemic, USS knows that at any time it may be delivering all units online, and that the cyber risk landscape has changed. The threats of cyber-attacks are ever present, and the need to secure electronic data, online transactions and billing services, student and employee data, communications with students and stakeholders is paramount. USS recognises the need to develop correct cyber security systems for the organisations protection. It is aware that it needs to improve its cybersecurity posture and develop the correct people, processes and technology approaches to successfully compete in the marketplace and mitigate any possible threats. 2. Aim and Scope The results for a preliminary USS audit are given in this document. There will were several questions asked of the organisation, to help scope how this organisation is initially viewing cyber security, and their efforts to organise internally by assigning responsibilities and allocating resources of staff and budget. Comments are made at a high level and are purposely general in nature to help identify certain concepts that may be of help to you as CISO. The information presented is designed for you to make decisions that you will need to justify based on your learning and understanding of the underlying concepts. 3. Organisation Description Question: Describe your organisation in terms of the goods/services that are available, number of ‘seats’ (employees), and number of offices in Australia. Organisation comment: “We will be offering units at both undergraduate and postgraduate level across four faculties (Faculty of Business, Law and Arts, Faculty of Education, Faculty of Health, Faculty of Science and Engineering) in both on-campus (Covid health guidelines permitting) and online formats. The estimation of staff numbers we have for our Australian campuses is 2700 in total. We will have campuses in all capital cities in Australia.” 4. Attack history and motivation Question: Has the organisation previously had any history of cyberattacks? Organisation comment: “Distributed DDoS attack (was caught up in the 2016 Dyn attack), multiple phishing attacks ranging in sophistication, ransomware attack (two weeks ago)” Question: Why is your organisation implementing cybersecurity? Page 2 Organisation comment: “Driving our organisation’s cyber security initiatives is the increasing awareness of the invasive nature of cyber-criminal activity against Universities. A number of high-profile incidents have involved Australian Universities. Cyber threats have imposed an elevated cyber security related risk awareness from the CIO, the organisation executives and board of directors, and legal/regulatory bodies.” Further Consideration: 4.1 Reducing the risk should be the main deliverable of the organisation’s cyber security strategy and outcome of the risk assessment decided by senior management. At a technical level, this should include the necessary actions to be implemented to establish and maintain an agreed level of cyber security. 4.2 Organisation employees, suppliers, equipment manufacturers, and servicing technicians do introduce a significant cyber security risk for USS’ operations. As our CISO, your recent talk that cited the ‘Target’ incident, though they are in retail, was still particularly important as to third-party risk. Making all stakeholders aware of and implement all aspects of cyber security all the time will be a critical aspect of USS’ cyber security operations. 4.3 Knowing who is using USS’ network and for what purpose is important and a real concern relating to cyber security. Discovering early malicious intent, unintentional mistakes, or poor cyber security practices are risks that needs to be addressed. USS’ network monitoring and analysis is one way to have this capability. 4.4 There is a need to have a clear policy and practical procedures for all USS’ employees and visitors who will use the network. In the cyber security policy and proper use expectations should be clearly stated. 5. Driving Cyber Security for each campus Question: Why is your organisation implementing cyber security in each campus? Organisation comment: “As this is a new operation it has been decided that a centralised system is not a practical solution for cyber security and so each campus will function as a separate cyber security unit.” Further Consideration: 5.1 There is a need to implement cyber security for all communications between campuses. The numerous transactions and interactions among staff and students make these communications channels are essential. 5.2 USS will be using cloud services for backing up data for many of its operations. Communications between the campuses and cloud providers – both organisation owned and external – is essential. 6. USS’ Cyber Security Organisation Administration Question: How is your organisation addressing cyber security policies and procedures? Organisation comment: Page 3 “As part of our employment procedure finding the correct personnel is essential. Once suitable employees are found a cyber security committee will be established. It will be responsible for the process of creating USS’ office procedures with regards to cyber security. This should become an ongoing and constantly updated procedure”. Further Consideration: 6.1 The Board of Directors (BoD) have made cyber security a priority for the USS campuses and has tasked management to formulate a strategy starting with a Cyber Security Committee to communicate with the BoD, study cyber security ‘best practices’, provide recommendations, and implement approved actions. 6.2 There is a depth of knowledge in the current off-shore operations and the documentation from this will be made available to USS’ committee as a basis for all strategies. 6.4 The Cyber security committee will have members across all campus offices who will meet regularly using online communications so that they co-ordinate best practice across all campuses. 6.5 A clear message of the organisation policy and expectations from senior management to all USS’ staff and to its suppliers is critical to set an acceptable level of cyber security organisation-wide. The risk is that over time the trap of a lethargic message will lead to a weak cyber security culture. 6.6 Approval of a strategy and a budget are a must and shall be addressed at the highest management level of the organisation. 7. USS’ Cyber Security Threat Prevention and Defence Question: What are your general thoughts, and what are you doing towards cyber security prevention and defence strategies? Organisation comment: “Part of our philosophy is to be proactive; therefore, we expect to have in place a few preventative/security measures. These should be firewalls, internet filtering, standalone servers which contain sensitive information, and security software that locks all PCs requiring 2-factor authentication (2FA) to unlock them.” Further Considerations: 7.1 All campus managers will have basic knowledge of cyber security. We will ensure that they become more knowledgeable and can be of a great assistance by providing proper instruction to them. 7.2 We are aware that the pace of innovation in the malware world is increasing, zero-day exploits are common, and a strategy that relies exclusively on a perimeter defence design to filter out known threats will not be successful. 7.3 We expect to perform Penetration Tests and Vulnerability Assessments routinely across all four campuses. Combining our own assessments with the assessments by experienced external cyber security experts is a ‘best practice’ and will provide a more useful evaluation. 7.5 IT related investment towards hardware and software updates to the office is important to undertake as required. A ‘set and forget’ cyber security program based on hardware and software Page 4 hardening has been proven ineffective in many industries worldwide giving a false sense of security. Cyber security is an evolving threat and requires flexibility and ongoing efforts. 7.6 A program of upgrading computer systems and networks with hardware ‘useful life’ will be established. Additionally, unauthorised installed software is a recognised problem and is a major contributor to virus and malware system wide. 7.7 Unapproved software and hardware will not be permitted on USS’ PCs and networks and it is expected that we will perform scheduled periodic checks as part of the defence hardening and maintenance. As this is a difficult task there will be an identified person responsible for this with a clear process for reporting to the cyber security person in charge. 7.8 We expect to set clear and enforceable ramifications for failure to follow policy or a maliciously act, which will be included as part of the cyber security policy. 8. USS’ Response Question: Describe how a cyber security event may be handled? Organisation comment: “The IR team will be responsible to handle a cyber security incident.” Further Consideration: 8.1 USS should have a comprehensive cyber security contingency response plan in place. With all related response functions such as the emergency response team, initial contact procedures, and internal organisation management ownership. 8.2 There will be created a 3rd party support team of cyber security experts that understand how the USS network is structured and what critical systems are at risk. It is recommended to develop a relationship in advance, and to understand their capabilities and scope of service. It will be possible to also establish service agreements when appropriate. 8.3 A USS security officer should be nominated to perform as the ‘person in charge’ and responsible for initiating and supporting the response and remediation. It is not recommended that the CISO undertakes this responsibility. 8.4 Development of a detailed emergency contingency process as part of the Cyber Security Incident Plan that includes the communication and co-ordination between all four USS campus offices is essential. Simulating an attack as a
Answered Same DayFeb 17, 2021CSC71001Southern Cross University

Answer To: Page 1 CMP71001 Cybersecurity Final Assessment Case Study You have just been appointed to be the...

Swapnil answered on Feb 18 2021
125 Votes
1) Cybersecurity Risk Management
    The word cybercrime can be used to instil fear to the many people. It is a hot topic that can hit the new television show. Many people are worry about making the purchase on the internet that can be concerned about the security of entering the personal data. However, the breach for the security can be used to target the huge number of customers that will be
impacted to the different things at one of the stores that can indicates the huge scope for the terrible crime.
Security Breach: An internal control will include the policies and procedures that can be adopted by the management to ensure the following things.
· Reliability of financial reporting.
· Safeguarding of assets.
They are basically considered to the management of the risk and detecting the fraud company. The criminals are basically apparent to the management of the risk and detection to the fraud into the company. These criminals were able to access the HVAC company’s vendor profile. The simple google search will have used to reveal the wealth of the information about how can a vendors interact to the electronically with the target and the thieves will may have the exploited this information. Once the criminals access the target system then they can be install the malware on the point of systems to steal the information from different customers.
Depending on the course the student may not always comfortable to the conceding the IT services and controls. The following are the sum of types that could prevent the at least detect the breach of the target. These general procedures can be used to apply the system audit. The procedure will target the internal audit to the perform the discover to the system vulnerability to attacks and that can include the testing the network and its applications and it can perform on the various applications for possible instructions and vulnerabilities that will attack the logs of network activity to look for the anomalies such that the failed log in attempts.
    2) CVE database
    CVE was basically launched in 1999 when most of the cybersecurity tools was using their own database to performing operations to secure the vulnerabilities. At that time there was the no significant variation products and no easy way to determining the different database was referring the same problem. The consequences were the apply the potential gaps in between to the security coverage and it has basically interoperability among the different database and it tools. Each tool be used as the vendor to the different metrics to state the number of vulnerabilities or the exposures they have been detected. Which is basically no standardized basis for the evaluating the tools. Using the common identifier, it will make easier to sharing the data across the separate database and various tools and its services.
If the report capability can be used to incorporates the CVE reports then you quickly accurate the fix information in one or more separate CVE compatible tools and services. With CVE your tools and its services are basically can speak the exchanging the data each other. You must know how to cover it because the CVE provides the baseline for evaluating the coverage the tools. This is basically determining the tools are most effective and appropriate for your organization’s needs. The CVE compatible tools the services and its database will give the better coverage for interoperability and its enhances security.
The objective for this step is to draft the list for application vulnerabilities. The security analyst will test the security health of applications and its servers or other systems by scanning the automated tools. It is used for testing and evaluating them manually. Analyst also relays on the vulnerabilities database and its asset management systems and that will b used for the threat intelligence feeds to identifying the security weaknesses.
The main...

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here