EMC Cyber is a reputed cybersecurity company based in Colombo Sri Lanka that is delivering security products and services across the entire information technology infrastructure. The company has a number of clients both in Sri Lanka and abroad, which includes some of the top-level companies of the world serving in multitude of industries. The company develops cyber security software including firewalls, anti-virus, intrusion detection and protection, and endpoint security. EMC Cyber is tasked with protecting companies networks, clouds, web applications and emails. They also offer advanced threat protection, secure unified access, and endpoint security. Further, they also play the role of consulting clients on security threats and how to solve them. Additionally the company follows different risk management standards depending on the company, with the ISO 31000 being the most prominent.
One of the clients of EMC Cyber, Lockhead Aerospace manufacturing which is a reputed aircraft manufacturer based in the US, has tasked the company to investigate the security implications of developing IOT based automation applications in their manufacturing process. The client has requested EMC to further audit security risks of implementing web based IOT applications in their manufacturing process and to propose solutions. Further, Lock head uses ISO standards and has instructed EMC to use the ISO risk management standards when proposing the solution. The director of the company understands such a system would be the target for cyber-attacks. As you are following a BTEC course, which includes a unit in security, the director has asked you to investigate and report on potential cyber security threats to their web site, applications and infrastructure. After the investigation, you need to plan a solution and how to implement it according standard software engineering principles.
Assuming the role of External Security Analyst, you need to compile a report focusing on following elements to the board of EMC Cyber;
1.1 Identify the CIA Triad concept and evaluate why and how the CIA Triad could be utilize to EMC Cyber in order to improve the organization's security.
1.2 Identify types of security risks EMC Cyber is subject to its present setup and the impact that they would make on the business itself. Evaluate at least three physical and virtual security risks identified and suggest the security measures that can be implemented in order to improve the organizations security.
1.3 Develop and describe security procedures for EMC Cyber to minimize the impact of issues discussed in section (1.1) by assessing and rectifying the risks.
2.1 Identify how EMC Cyber and its clients will be impacted by improper/ incorrect configurations that are applicable to firewalls and VPN solutions. IT security can include a network monitoring system. Discuss how EMC cyber can benefit by implementing a network monitoring system with supporting reasons.
2.2 Explain how the following technologies would benefit EMC Cyber and its Clients by facilitating a trusted network. (Support your answer with suitable examples).
DMZ, Static IP, NAT
2.3 Identify and evaluate the tools that can be utilized by EMC cyber to improve the network and security performance without compromising each other. Evaluate at least three virtual and physical security measures that can be implemented by EMC to uphold the integrity of organization's IT policy.
3.1 Discuss suitable risk assessment integrated enterprise risk management procedures for EMC Cyber solutions and the impact an IT security audit will have on safeguarding organization and its clients. Furthermore, your discussion should include how IT security can be aligned with an organizational IT policy and how misalignment of such a policy can impact on organization’s security.
(This can include one or more of the following: network change management, audit control, business continuance/disaster recovery plans, potential loss of data/business, intellectual property, Data Protection Act; Computer Misuse Act; ISO 31000 standards.) 3.2 Explain the mandatory data protection laws and procedures, which will be applied to data storage solutions provided by EMC Cyber. You should also summarize ISO 31000-risk management methodology
4.1 Design an organizational security policy for EMC Cyber to minimize exploitations and misuses while evaluating the suitability of the tools used in an organizational policy.
4.2 Develop and present a disaster recovery plan for EMC Cyber according to the ISO/IEC 17799:2005 or similar standard, which should include the main components of an organizational disaster recovery plan with justifications. Discuss how critical the roles of the stakeholders in the organization to successfully implement the security policy and the disaster recovery plan you recommended as a part of the security audit.
(Students should produce a 15 minutes PowerPoint presentation, which illustrates the answer for this section including justifications and reason for decisions and options used).
Information security is all about protecting information and information systems from unauthorized use, access and modification or removal. This means it doesn't only protect the data within a device (Server, computer, mobile, tablet) but also the device itself. Information security can further divide into Physical security and Cyber security. (Computer Science hub, c2020)
Physical security risk Physical threat comes in forms such as;
Tailgating is when unauthorized person follows an authorized person into a secure area. This will easily happen when multiple people pass through a door. When an unauthorized person gain access to secure are will be able to carry out almost any illegal activity. (Ahola, 2019)
Social engineering attacks can come in variety of different forms. Social engineering is manipulating someone and using information that they have impersonate someone else. (Ahola, 2019)
Dumpster diving is searching treasures in other's trash. The trash may be in a public dumpster or in a restricted area requiring unauthorized entry. Many things can be found in a trash (paper documents, CDs, storage drives) and use them to make most sophisticated attacks. (Rouse, 2005)
Shoulder surfing occurs when someone watches over your shoulder to nab valuable information such as password, ATM PIN, or credit card number, as you key it into an electronic device.
There are a broad scope of natural disasters that people will have to deal with at some point in time and these disasters such as earthquakes, floods, wildfires, Pandemic etc. Some of these disaster can be manmade. (Reed, 2017)
Cyber security risk is digital attack of computers, servers, mobile devices, electronic systems, networks, and data. Cyber threats can further divide into online threats and offline threats.
Online threat is a live attack carried out against a network, server, and computer such as hacking. Mostly there is a live person or team working behind.
Offline threats is planting a malware in the network, server, and computer to carry out disastrous activity or collect information. An online attack can use off line planted malware to take an attack further.
Read More ....