Project 4: Attack Vector SolutionsPrestera Center for Mental Health Services in West Virginia CMP 610Start HereAttack Vector Solutions[Music]As you complete your morning login routine, you notice an urgentmessage from John, the chief technology officer.“See Me ASAP!!”You grab your tablet and stylus and rush to John’s office.John gives you a friendly greeting as you enter his office, but he looksconcerned.“Good morning,” John says. “I appreciate you dropping everything andcoming by so quickly. I need your help with a high-level matter. Topexecutives are meeting to prepare for the quarterly meeting with theboard of directors. They would like to review the current vulnerabilitiesand threats that the organization has in regards to our technology,people, and cybersecurity policies. The board will also be asking aboutour ability to educate the organization’s population on not only ourpolicies and practices, but also the need for them. I need to prepare apresentation for the board meeting. However, I have several otherurgent matters to oversee.”John continues, “I need you to prepare my presentation by reviewingcommon attack vectors, analyzing our vulnerabilities, and preparingrecommendations on what we should do to protect ourselves. Inaddition, I need a brochure to show the board what we are doing toeducate the organization on these issues. I need this review in twoweeks.”You are grateful for John’s trust in allowing you to put together hispresentation for the board, and now you’re eager to show that his faithin you is justified.You will have to combine your technical and research abilities to comeup with the recommendations, and present them in a professionalmanner.[Music]Organizations must implement countermeasures to protect informationand data that are vulnerable to cyberattacks. As new security threatsare introduced, these countermeasures must be evaluated andimproved.This is the final of four sequential projects. In this project, you willinvestigate common types of cyberattacks and possible solutions,evaluate the costs of implementing identified countermeasures, andcommunicate the recommended solution to a nontechnical audience.You will present to management the most likely attack vectors againstyour organization and suggest solutions ranked by cost andeffectiveness. You will also suggest how the mix of identified state andnonstate actors should affect policy-maker decisions and policydevelopment for critical infrastructure protection.There are 14 steps in this project. Begin by reviewing the projectscenario and then proceed to Step 1.CompetenciesYour work will be evaluated using the competencies listed below. 5.2: Examine architectural methodologies and components usedin the design and development of information systems. 6.2: Create an information security program and strategy, andmaintain alignment of the two. 7.2: Evaluate international cybersecurity policy. 7.3: Evaluate enterprise cybersecurity policy. 8.2: Evaluate specific cybersecurity threats and the combinationof technologies and policies that can address them.Step 1: Define Vulnerabilities, Threats, and RisksVulnerabilities, threats, and risks are important to understand in orderto evaluate and ultimately improve security posture by mitigating risks.Your organization’s security posture will determine its cybersecuritypolicies. Assessing risk is key in this process.Define vulnerability, threat, and risk. Consider their relationship to oneanother and how they relate to the security of networks and data.You will use this information to complete your vulnerability assessment.Review topics as needed from previous projects: creating aprogram, systems, utilities, and applications software, and interactionof software.Step 2: Identify Examples of Vulnerabilities, Threats, andRisksIn the previous step, you familiarized yourself with the concepts ofvulnerability, threat, and risk. You now understand their relationship toone another and how they relate to security. In this step, you are goingto identify at least two examples of a vulnerability, two examples of athreat, and two examples of a risk in each of the following categories: technology people (human factors) policyIdentify a minimum of 18 examples. This will assist you in conductingthe vulnerability assessment and developing the educational brochure.Review topics such as basic elements of communication and computernetworks.In the next step, you will look more closely at current vulnerabilities andthreats.Step 3: Identify Current Vulnerabilities and ThreatsAfter defining and identifying examples of vulnerabilities, threats, andrisks in the first two steps, you should understand the basic concepts ofvulnerabilities and threats as they apply to general cybersecurity.However, vulnerabilities and threats are dynamic: They can evolve withchanges in technologies, changes in adversary capabilities orintentions, or changes in human behaviors and organizational policies.It is important to understand current vulnerabilities and threats andtheir applicability to the larger community as well as to yourorganization (e.g., critical infrastructure protection), so that you canmake informed recommendations on how/whether to mitigate them.Identify current known vulnerabilities and threats that could affect yourorganization. The vulnerabilities and threats that you identify will benecessary for your final presentation.List a minimum of two current known vulnerabilities and threatsinvolving the following: people (human factors) technology policyWhen complete, move to the next step, where you will take part in asimulation.Step 4: Vulnerability Assessment and Operational SecurityeLearning ModuleTo prepare for the upcoming vulnerability assessment, you will practicein a simulated environment with the Vulnerability Assessment andOperational Security eLearning Module. You will learn how to maintaineffective audit, risk analysis, and vulnerability assessment practices ina fictional scenario. You will also review risk and vulnerability analysistools. You may want to review some topics from earlierprojects: network devices and cables and network protocols.Take notes during the simulation as the information will be helpfulduring your own vulnerability assessment in Step 7. Specifically notethe major components of cybersecurity architecture, architecturalmethodologies for the physical structure of a system’s internaloperations and interactions with other systems, and architecturalmethodology standards that are compliant with established standardsor guidelines.When you have completed the simulation, move to the next step, whenyou will consider attack vectors.Step 5: Identify Attack VectorsAttack vectorsare the means by which vulnerabilities are exploited andthreats realized. As a result, understanding attack vectors is critical todeveloping impactful mitigations. Identify applicable attack vectors, theweaknesses exploited, and the means used to gain access based onthe vulnerabilities and threats identified in Step 2. Also note thecommon types of cyberattacks.The attack vectors and weaknesses that you identify will be necessaryfor your vulnerability assessment and final presentation. You may wantto review some topics from earlier projects: a closer look at the WorldWide Web web markup languages , and web and internet services.Identify attack vectors and weaknesses exploited via the following: hardware software operating systems telecommunications human factorsIn the next step, you will take a closer look at the importance ofattribution.Step 6: Examine and Identify Known AttributesAttribution is often difficult, if not impossible, to identify. One reason isthe anonymity afforded by the internet. Another reason is the potentialsophistication of malicious state actors and nonstate actors who areable to disguise themselves and/or exploit an innocent and oftenunknowing computer user to achieve their goals.Attribution is desired because knowing who is behind an exploit canprovide insight into the motivations, intentions, and capabilities ofthreat actors. Understanding attack vectors used by threat actorsprovides key insights that help to build stronger defenses and constructbetter policy management.To complete your vulnerability assessment, you will need to first do thefollowing: From the attack vectors identified in the previous step, determineif attribution is known for the threat actor (e.g., name of nationstate, nonstate and/or hackers and threat actors) most likelyinvolved in exploiting each weakness. Categorize the threat actor(s) based on attribution for previousexploits, likely targets, and rationale(s) for targeting/exploitation(e.g., profit, political statements, extortion, etc.).In the next step, you will compile your findings from the past few stepson a spreadsheet.Step 7: Submit a Vulnerability Assessment SpreadsheetFrom the results of Steps 4, 5, and 6, develop and submit aspreadsheet that includes the following: characterization of current and emerging vulnerabilities andthreats identification of the attack vector(s) employed against each your assessment (high, medium, or low) of the impact thevulnerability could have on your organizationMake sure to address security architectures, including components,specifications, guidelines, standards, technologies, etc. Also considerinternational threats and attack vectors. This assessment will beincluded in your final presentation.Submission for Vulnerability AssessmentPrevious submissions0Drop files here, or click below.Add FilesIn the next step, you will consider ways to address the vulnerabilitiesand threats identified.Step 8: Identify CountermeasuresNow that you have assessed your organization’s vulnerability, you areready to identify possible countermeasures. Identify specificcountermeasures that will address the vulnerabilities/threats to yourorganization that you summarized in the previous step.Review best practices as well as any published mitigations for thespecific weaknesses identified. Include both cyber defenses and, asappropriate and legal in the United States, cyber offenses (cyberoffensives/warfare). Make sure to address key cybersecuritytechnologies, methodologies, standards, and legal compliance.Record the findings to be included in your upcoming white-paperresource for the final presentation.You will need to figure out the cost of your security solutions, and youwill do that in the next step.Step 9: Determine the Cost of Security SolutionsOnce you have identified possible countermeasures for yourorganization, you will need to determine their cost. Discuss the relativefinancial impact of these countermeasures, considering appropriatetechnology and policy changes to address cyberthreats at theenterprise, national, and international levels as a result of procurement,implementation, and maintenance. Also consider the policy andtechnology trade-offs at each level.Rank the countermeasures according to cost and effectiveness.Record your findings to be included in your upcoming white-paperresource for your final presentation.In the next step, you will be asked to consider how successful yourmitigations will be.Step 10: Assess the Potential Success of MitigationsNow that you have identified countermeasures and their costs, developan assessment of the likelihood of success of the mitigations whenimplemented as you prescribe. Criteria to be considered should includethe following: ease of implementation (technically as well as from a policyperspective) ease of adoption by the workforce impact on ability to perform the organization's work (e.g., isproductivity affected are additional steps required that impedeworkflow?) record of success of this mitigation on the same/similar weakness cost (as a factor of the overall budget of the organization, e.g.,will significant trade-offs have to be made in order to invest in thissolution?) leadership supportRecord the findings to be included in your upcoming white-paperresource for the final presentation.Step 11: Submit the Countermeasures White PaperCompile your findings from the last three steps and submit a three-page paper that describes the countermeasures, cost, and potentialchallenges with implementing them in your organization. This paper willprovide much of the basis for your final presentation. Make sure toinclude the following: critical issues in cybersecurity management and technologypolicy principles of cyber warfare theory and application (cyberoffensives/warfare) various concepts of enterprise cybersecurity cybersecurity standards organizations key initiatives in international cybersecurity policy advancesSubmit your paper for feedback.Submission for Countermeasures White PaperPrevious submissions0Drop files here, or click below.Step 12: Summarize the SolutionsIn order to develop recommendations to include in your presentation,you must prepare your solutions. Summarize recommended solutionsto mitigate the vulnerabilities and/or threats as identified in Step 10,with at least two recommendations each in the categories of people,technology, and policy. Rank your recommended solutions by bothcost and effectiveness. You will use this solutions summary to developyour recommendations in your final presentation.Step 13: Develop Your Security RecommendationsYour presentation will also need to consider an overall securitystrategy. Develop the overall way forward for your company thatincludes an explanation of the current security environment in yourorganization, identification of security vulnerabilities and threats,explanation of attack vectors, and recommended solutions. Referspecifically to the information prepared in Steps 4 through 12. Yourrecommendations must meet the following criteria: coincide with IT vision, mission, and goals align with business strategy incorporate all internal and external business functions within theorganization’s security program create an organizational structure, if it does not already exist, tooperate the security program and align it with the entities of theorganization as a whole include a rough implementation plan evaluate the effectiveness of the security programThese recommendations will be the focus of your presentation.Step 14: Submit the PresentationYou now have the information needed to develop the slide presentationthat John requested for senior management. The presentation shouldclearly explain current known weaknesses in your organization’ssecurity (to include people, technology, and policy) that could result insuccessful exploitation of known vulnerabilities and/or threats.Develop a narrated slide presentation of 16 to 20 slides that concludeswith the recommended way forward (e.g., continue to accept risks,accept some risks (identify them), mitigate some risks (identify them),mitigate all risks, etc.).Submit your presentation for review when complete.Check Your Evaluation CriteriaBefore you submit your assignment, review the competencies below,which your instructor will use to evaluate your work. A good practicewould be to use each competency as a self-check to confirm you haveincorporated all of them. To view the complete grading rubric, click MyTools, select Assignments from the drop-down menu, and then clickthe project title. 5.2: Examine architectural methodologies and components usedin the design and development of information systems. 6.2: Create an information security program and strategy, andmaintain alignment of the two. 7.2: Evaluate international cybersecurity policy. 7.3: Evaluate enterprise cybersecurity policy. 8.2: Evaluate specific cybersecurity threats and the combinationof technologies and policies that can address them.Submission for Cybersecurity RecommendationsPresentation
Recent Comments