ISYS1002 Cybersecurity- Assignment 2
Summary
Title
|
Assignment 2
|
Type
|
Case Study. Must be completed as individuals
|
Due Date:
|
Monday, Week 5, 11:59 pm
|
Length:
|
1000 words
|
Weighting:
|
40%
|
Academic Integrity
|
GenAI may NOT be used for this task.
|
Submission
|
Word document Word document submitted to Turnitin.
|
Unit Learning Outcomes
|
This assessment task maps to the following ULOs:
ULO1: describe and apply the key principles of cyber security.
ULO2: identify and classify different types of cyber security threats and discuss various mitigation strategies through appropriate techniques.
ULO3: differentiate spheres of security
|
Rationale:
In today’s digital age, your increasing reliance on digital technology and networking for personal and business matters makes cybersecurity a critical component of national security, economic prosperity, and social well-being. As a cybersecurity professional, understanding the fundamental concepts of cybersecurity, including principles and threat mitigation, is crucial. This knowledge will equip you to develop effective security strategies to protect information and information systems, manage security risks effectively, and ensure your readiness to tackle various cybersecurity challenges.
Task Description:
You are a cybersecurity consultant hired by an organization like your educational institute, a large business, or a government division. Your role involves contributing to their cybersecurity program. The primary focus of this assignment is on identifying and discussing the fundamental principles of cybersecurity, major threats and the level of risks if the organsiation is compromised with those threats realized as attack.
You are required to complete the following tasks:
Task Instructions:
Task 1 – CIA triad and security breach:
a. Use the Business Impact Analysis (BIA) and Weighted Factor Analysis (WFA) methods to identify the most critical/top five assets of your chosen organisation by their importance to risk management.
b. Discuss the CIA Triad and how these security principles relate to the security breach of the five assets identified in step a.
Task 2 - Threat Identification:
a. Assess and discuss the three top threats for each of the five (5) critical assets identified in Task 1 above.
b. Each threat should be supported by evidence - Substantiate your claim with a reference(s) for each threat.
Task 3 - Risk Assessment:
a. Evaluate potential weaknesses Identify and discuss two (2) potential weaknesses (vulnerabilities) of each of the top five assets identified in Task 1 based on three information security components: confidentiality, integrity, and availability.
b. Explain various risk assessment techniques and conduct a qualitative risk assessment for these assets (in Task 1) against the identified threats (in Task 2) and vulnerabilities using likelihood and consequence scales. Use your own and public domain knowledge to help you with the impact assessment. Include references to support your discussion.
c. Discuss the potential impact of these threats of the organisation if they were to materialize, using real-life examples of similar incidents. Make sure to reference your examples.
You are free to make any assumption(s) you wish regarding the existing controls, business profile, etc., which will need to be documented in the appropriate sections of your report.
Your report should be well presented with clear headings, subheadings, section numbers etc.; Information should be presented logically, interestingly, easy to follow and well-supported arguments; cite all reference sources. Note that you are not allowed to cut and paste from online resources. Use your own words and figures. Acknowledge all reference sources.
Task Instructions:
Make assumptions as needed regarding the organization’s existing controls and profile, ensuring you document these assumptions clearly in your report. Your final document should be well-structured, logically presented, and should cite all reference sources used.
Resources:
1. Modules 1-4 contents
2. The Report Template provided. This is located in the Assessment 2 folder in the Blackboard unit site.
Referencing Style:
You are expected to adhere to APA7 or Harvard referencing style). Please visit to the SCU Library referencing guides for details.
Submission Format:
A Turnitin link (draft portal) has been set up to provide you with an opportunity to check the originality of your work until your due date. Please make sure you review the report generated by the system and make changes (if necessary!) to minimise the issues of improper citation or potential plagiarism. If you fail to follow this step, your report may not be graded or may incur late feedback.
You can check your Turnitin similarity report as many times as you like (your paper will not be saved) via the draft submission portal. When you have your final report ready, submit to the Turnitin final submission portal (you may only submit to this portal once as your paper will be saved) for marking. Only Microsoft Word documents submitted via the Turnitin portal on Blackboard will be accepted. The report should be around 1000-1500 words (excluding table of contents, tables, figures, and references)
The first page of the report should have your name, student ID, ISYS6002 Assignment 2, and the date you submit your assignment. You must label your submission with your surname and initials and the assessment task's name, eg.,
Gsorwar_ISYS1002_A2_Case study.docx
Gsorwar_ISYS1002_A2_Case Study.pdf