report on security plus

HELLMANN FINANCE, INC.

Hellmann Finance, Inc. (HFI) is a financial company that manages thousands of accounts across the United States. A public company traded on the NYSE, HFI specializes in financial management, loan application approval, wholesale loan processing, and investment of money management for their customers.

The diagram below displays the executive management team of HFI:

Figure 1 HFI Executive Organizational Chart

BACKGROUND AND YOUR ROLE

You are the Chief Security Officer, hired by COO Matt Roche, to protect the physical and operational security of HFI’s corporate information systems. Shortly after starting in your new position, you recognize numerous challenges that you will be facing in this pursuit.

Your primary challenge, as is usually the case, is less technical and more of a political nature. The CEO has been swept up in the “everything can be solved by outsourcing” movement. He believes that the IT problem is a known quantity and feels the IT function can be almost entirely outsourced at fractions of the cost associated with creating and maintaining an established internal IT department. In fact, the CEO’s strategy has been to prevent IT from becoming a core competency since so many services can be obtained from 3rd parties. Based on this vision, the CEO has already begun downsizing the IT department and recently presented a proposal to his senior management team outlining his plan to greatly reduce the internal IT staff in favor of outsourcing. He plans on presenting this approach to the Board of Directors as soon as he has made a few more refinements in his presentation.

COO Roche’s act of hiring you was, in fact, an act of desperation: the increasing operational dependence on technology services combined with a diminishing IT footprint gravely concerned Roche, and he begged to at least bring in an Information Security expert with the experience necessary to evaluate the current security of HFI’s infrastructure and systems. The COO’s worst nightmare is a situation where the Confidentiality, Integrity, and Availability of HFI’s information systems were compromised – bringing the company to its knees – then having to rely on vendors to pull him out of the mess.

COO Roche has reasons for worrying. HFI has experienced several cyber-attacks from outsiders over the past a few years:

• In 2016, the Oracle database server was attacked and its customer database lost its confidentiality, integrity, and availability for several days. Although the company restored the Oracle database server back online, its lost confidentiality damaged the company reputation. HFI ended up paying its customers a large sum of settlement for their loss of data confidentiality.

• In 2017, another security attack was carried out by a malicious virus that infected the entire

Vice President Trey Elway

Executive Assistant

Kim Johnson

Executive Assistant

Julie Anderson

Executive Assistant

Michelle Wang

CCO Andy Murphy

COO Matt Roche

CFO Ron Johnson

Director of Marketing John King

Director of HR Ted Young

CEO Karl Hellmann

network for several days. While infected, the Oracle and e-mail servers had to be shut down to quarantine these servers. COO Roche isn’t sure whether the virus entered HFI’s systems through a malicious email, from malware downloaded from the Internet, or via a user’s USB flash drive. Regardless of the source of the infection, the company lost $1,700,000 in revenue and intangible customer confidence.

• In a separate incident in 2017, one of the financial advisors left his company laptop unprotected at the airport while travelling and it was stolen. It contained customer financial data and the hard drive was not encrypted. Financial reparations were paid to impacted customers.

• In 2018, a laptop running network sniffer software was found plugged into a network jack under a desk in one of the unoccupied offices.

It is apparent from the number of successful cyber-attacks that HFI is an organization severely lacking in information security maturity. COO Roche has commissioned you to perform a quantitative and qualitative risk assessment of HFI’s infrastructure to determine where improvements could be made to reduce the risk of future attacks.

CORPORATE OFFICE NETWORK TOPOLOGY

The diagram on the following page displays HFI’s Corporate Office Topology.

The HFI network infrastructure consists of a corporate WAN spanning 20 remote facilities that are interconnected to the HFI headquarters’ central data processing environment. Data is transmitted from a remote site through a VPN gateway appliance that forms a VPN tunnel with the VPN gateway in headquarters. Through this VPN connection, remote office users access the internal Oracle database to update the customer data tables. Through your inspection of the VPN configuration you discover that the data transaction traversing the remote access connection to the corporate internal databases is not encrypted.

Users are authorized to work from home and both dial-up and VPN remote access are available. Dial-up is provided via Private Branch Exchange (PBX) and a Remote Access Server and VPN remote access is provided via the VPN gateway. Authentication is password-based via MS-CHAP V2. Users are also able to take advantage of HFI’s Bring Your Own Device (BYOD) policy and a Wireless antenna allows wireless networking within headquarters. WEP is used to provide wireless security to BYOD users.

The network perimeter between the Internet and HFI’s internal network infrastructure is separated by two Border (Core) Routers. These Border Routers then connect to two Distribution Routers and the VPN Gateway. The Distribution Routers connect to a RAS Server, a Wireless Router that provides a bridge between the Wireless Antenna and the internal network, and two Multi-layer switches. The Multilayer switches connect to six (6) Access Layer VLAN switches that segregate the Accounting, Loan Dept, Customer Services, Mgmt, Credit Dept, and Finance VLANs. The Multi-layer switches also connect to a third Multi-layer switch that provides a connection to HFI’s servers in the Trusted Computing Base subnet.

The trusted computing based (TCB) internal network is situated in a physically separated subnet. A bulk of the data processing for HFI is handled by an Oracle database on a high end super computer located in the TCB and the TCB also contains an intranet web server used by the internal support team, a Software Update Services (SUS) server used for patch management, an internal DNS server, an e-mail server, and other support personnel workstations. Although each corporate department is segregated physically on a different subnet, they share access to the corporate data in the TCB network.

NOTE: The symbol represents a multilayer switch

CONSIDERATIONS WHEN CONDUCTING THE RISK ASSESSMENT:

This Risk Assessment and your suggested security improvements are of critical importance. The CEO is set on outsourcing HFI’s IT competency and you’ve been told of a plan from COO Roche to outsource network management and security functions away from your department and over to a service integrator. COO Roche warns you that the political environment will only become more contentious over time; you must make a compelling case as to what value your department can bring over an integrator to provide security improvements in certain key areas without a significant increase to the IT budget. It is extremely important that you take into account the value of the assets being protected when selecting security controls to mitigate the risks (i.e. don’t spend $1000 to protect an asset worth $500). In addition to what you learned from COO Roche about the previous exploits of HFI’s vulnerabilities and what you gathered when reviewing HFI’s network infrastructure, COO Roche has provided some additional information that he wants you to take into account:

1. Ever since an article ran in Business Week about HFI, the network engineers report that they’ve noted

a significant spike in network traffic crossing into the internal networks. They report that they cannot be certain what or who is generating this traffic, but the volume and frequency of traffic is certainly abnormal. The management is very concerned over securing the corporate confidential data and customer information. Suggestions on improvements to perimeter security and/or methods of identifying the source of intrusions should be presented in your risk assessment.

2. The interrelationship between data and operations concerns COO Roche. Increasingly, some of the twenty remote sites have been reporting significant problems with network latency, slow performance, and application time-outs against the Oracle database. The company’s business model is driving higher and higher demand for data, but your capability to respond to these problems are drastically limited. Suggestions on reducing network latency or increasing application response time and availability should be presented in your risk assessment.

3. Mobility is important for the organization to interact with the customers and other co-workers in near real-time. However, COO Roche is concerned with mobility security and would like you to research best practices for mobile computing. Security within the BYOD environment should be presented in your risk assessment.

4. Employees enjoy the flexibility of getting access to the corporate network using a WiFi network. However, COO Roche is concerned over the security ramifications over the wireless network that is widely open to the company and nearby residents. Security within the wireless environment should be presented in your risk assessment.

5. The company plans to offer its products and services online and requested its IT department to design a Cloud Computing based e-commerce platform. However, COO Roche is particularly concerned over the cloud computing security in case the customer database is breached.

ASSIGNMENTS

• Provide an Executive Summary. • From the devices and systems identified in the HFI Corporate Network Topology, conduct a

thorough asset inventory, assign monetary values to each asset (quantitative), and assign a priority value for each asset (qualitative) that could be used to determine which assets are most critical for restoral in the event of a catastrophic event or attack.

• Evaluate the perimeter security, make a list of access points internal and external(remote), identify vulnerabilities and make suggestions for improvements to perimeter and network security.

• Evaluate the remote access infrastructure, identify vulnerabilities and suggest security improvements to mitigate risks to remote access.

• Address the COO’s concern over the mobility security and design a secure mobile computing (smart phones, tablets, laptops, etc.) in terms of authentication technologies and data protection.

• Identify wireless vulnerabilities and recommend what safeguards, authentication technologies, and network security to protect data should be implemented.

• Evaluate the authentication protocols and methodologies within the wired, wireless, mobility and remote access environments and suggest improvements to secure authentication for HFI.

• Evaluate the web system protocols and vulnerabilities within the Intranet server and suggest secure protocol improvements to improve security for web authentication.

• Design a cloud computing environment for the company with a secure means of data protection at rest, in motion and in process.

• Assess all known vulnerabilities on each asset in this environment and impacts if compromised. • Using the asset inventory and the assigned values (monetary and priority) conduct a quantitative

and qualitative risk assessment of the HFI network. • Recommend risk mitigation procedures commensurate with the asset values from your asset

inventory. Feel free to redesign the corporate infrastructure and use any combination of technologies to harden the authentication processes and network security measures.

• You are welcome to make assumptions for any unknown facts as long as you support your assumptions.

• The Title Page, Table of Contents and References page(s) don’t count in your 15 page minimum!!!

Risk Assessment Paper Rubric

You are given a fictional scenario above describing security issues affecting organizational assets. You will identify the risks associated with the assets, and recommend mitigating procedures. You will prepare a quantitative / qualitative risk assessment to address risk factors on organizational assets. Your final paper will be 15–25 pages long in a Word document (double-spaced with 12 point font) with APA citations for the resources you used in your research and will be graded using the following rubric.

Criteria Non-compliant Minimal Compliant Advanced

Executive summary of risk assessment.

Did not include an executive summary. (0)

Included an executive summary but lacks details. (3)

Included an executive summary in details, but did not address the mission objectives. (7)

Included an executive summary in details, and addressed mission objectives. (10)

Inventory assets and prioritize them in the order of mission criticality.

Did not inventory or prioritize assets in the order of mission criticality. (0)

Inventoried assets but did not prioritize them in the order of mission criticality. (3)

Inventoried, prioritized assets, but did not address mission objectives in their asset priority. (7)

Inventoried, prioritized assets and addressed mission objectives in their asset priority. (10)

Evaluate enterprise topology and perimeter protection.

Did not evaluate enterprise topology and perimeter protection. (0)

Evaluated enterprise topology but did not include perimeter protection measures. (3)

Evaluated enterprise topology, perimeter protection measures, but did not address mission objectives. (7)

Evaluated enterprise topology, perimeter protection measures, and addressed mission objectives. . (10)

Evaluate remote access to the networks.

Did not evaluate remote access protocols and safeguards to the network. (0)

Evaluated remote access protocols but did not address security safeguards to the network. (3)

Evaluated remote access protocols, security safeguards to the network, but did not address mission objectives. (7)

Evaluated remote access protocols, security safeguards to the network, and addressed mission objectives. (10)

Evaluate authentication protocols and methodologies.

Did not evaluate authentication protocols and methodologies. (0)

Evaluated authentication protocols, methodologies but with insufficient data or inadequate description. (3)

Evaluated authentication protocols, methodologies with supporting data and description, but lacks mission objectives. (7)

Evaluated authentication protocols, methodologies with supporting data, description; and addressed mission objectives. (10)

Assign asset values to organization assets for quantitative / qualitative risk assessment.

Did not assign asset values to organization assets for quantitative / qualitative risk assessment. (0)

Assigned asset values to organization assets for quantitative / qualitative risk assessment but incomplete. (3)

Assigned asset values to organization assets in a complete assessment, but did not address mission objectives. (7)

Assigned asset values to organization assets in a complete assessment, and addressed mission objectives. (10)

Assess vulnerabilities on each asset and impacts if compromised.

Did not assess vulnerabilities on each asset and impacts if compromised. (0)

Assessed vulnerabilities on each asset and impacts if compromised; but incomplete. (3)

Assessed vulnerabilities on each asset and impacts if compromised; of complete inventory but did not address mission objectives. (7)

Assessed vulnerabilities on each asset and impacts if compromised; of complete inventory and addressed mission objectives. (10)

Evaluate web access protocols and vulnerabilities and Cloud Computing

Did not evaluate web access protocols and vulnerabilities and Cloud Computing (0)

Evaluated web access protocols and vulnerabilities or Cloud Computing. (3)

Evaluated web access protocols and vulnerabilities and Cloud Computing but did not address mission objectives. (7)

Evaluated web access protocols and vulnerabilities and Cloud Computing and addressed mission objectives. (10)

Criteria Non-compliant Minimal Compliant Advanced

Recommend risk mitigation procedures commensurate with asset values.

Did not recommended risk mitigation procedures commensurate with asset values. (0)

Recommended risk mitigation procedures commensurate with asset values, but incomplete. (3)

Recommended risk mitigation procedures commensurate with asset values of complete inventory, but did not address mission objectives. (7)

Recommended risk mitigation procedures commensurate with asset values of complete inventory, and addressed mission objectives. (10)

Formulate 15-25 pages of a quantitative or qualitative risk assessment in APA format.

Did not follow proper quantitative or qualitative risk assessment format, and failed to conform to APA format. (0)

Followed proper quantitative or qualitative risk assessment format but did not conform to APA format. (3)

Followed proper quantitative or qualitative risk assessment format and conformed to APA but insufficient reference list and page count. (7)

Followed proper quantitative or qualitative risk assessment format and conformed to APA in a sufficient reference list and page count. (10)

Figure 1 HFI Executive Organizational Chart BACKGROUND AND YOUR ROLE
CORPORATE OFFICE NETWORK TOPOLOGY
CONSIDERATIONS WHEN CONDUCTING THE RISK ASSESSMENT:
ASSIGNMENTS
Risk Assessment Paper Rubric

Management Assignment 7

Please read Chapter 16 on the topic of Control Systems and Quality Management.

Using terms and concepts from Chapter 16, please:

Define Total Quality Management.
Provide an example of how Total Quality Management (TQM) is used in business organizations.
Explain what “Lean Six Sigma” is.

Project Deliverable 6: Project Plan

Project Deliverable 6: Project Plan

This assignment consists of three (4) sections: a written project plan, revised business requirements document, project plan PowerPoint presentation, and a finalized project plan. You must submit the four (4) sections as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for. Additionally, you may create and / or assume all necessary assumptions needed for the completion of this assignment.
While taking all business and project parameters into consideration, make quality assumptions to support the following requirements.
Section 1: Written Project Plan
You are now in the final stage of the project plan development. All previous documentation should be combined into one document that will serve as the statement of work for the project. Your goal is to have the project approved by the executive team. The project plan should be very detailed, which is designed to accomplish the monumental task of implementation; however, the executive team is only interested in a 30-minute summation. Therefore, you also must create a compelling executive summary that is supported by your detail that convinces the executive team that they should move forward with your solution.

Develop a thirty to forty (30-40) page project plan in which you:

Write a five to ten (5-10) page executive summary that provides a high-level technical overview of your project in which you:

Describe the scope of the project and control measures.

Describe the goals and objectives of the project.

Include a high-level overview of all project deliverables.

Give a detailed, realistically estimated cost analysis of the entire project, including human capital.

Relate the value of the project plan solution to the competitive advantage that information technology will afford your organization.

Recommend solution providers who can assist with development and implementation.

Combine all previous documentation for Project Deliverables 1-5 in which you: Use at least five (5) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Provide all aspects of the information technology implementation into the project plan.

Revise the documentation based on feedback from the earlier evaluation of your deliverable.

Section 1: of this assignment must:

Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

Include charts or diagrams created in MS Visio or Dia as an appendix of the project plan. All references to these diagrams must be included in the body of the project plan.

Section 2: Revised Business Requirements Document

Document all revisions made to the written project plan in the Document Control section of the business requirements document from Project Deliverable 2: Business Requirement. Note: This documentation must outline the revisions made to the previous deliverables required in Section 1: Written Project Plan.

Section 3: Project Plan PowerPoint Presentation
Additional to your detailed executive summary you must present your findings to the executive team and the venture capital group that along with the executive summary will convince the group that your solution is optimal.

Create a ten to fifteen (10-15) slide PowerPoint presentation in which you:

Illustrate the concepts from your executive summary in Section 1 of this assignment.

Create bulleted speaking notes for your presentation to the executive board in the Notes section of the PowerPoint. Note: You may create or assume any fictitious names, data, or scenarios that have not been established in this assignment for a realistic flow of communication.

Use a professional technically written style to graphically convey the information.

Section 4: Finalized Project Plan
Use Microsoft project to:

Finalize your project plan from Project Deliverable 5: Infrastructure and Security to include all necessary changes in assumptions, tasks, and / or subtasks.

The specific course learning outcomes associated with this assignment are:

Develop information systems-related activities to maximize the business value within and outside the organization.

Demonstrate an understanding of existing and emerging information technologies, the functions of IS, and its impact on the organizational operations.

Evaluate the issues and challenges associated with information systems integration.

Use technology and information resources to research issues in information systems.

Write clearly and concisely about strategic issues and practices in the information systems domain using proper writing mechanics and technical style conventions.

Below are all the links from all the past written assignments you will use to compile the final part which is this assignment:

https://www.homeworkmarket.com/questions/assignment-6-19436659 Assignment 5

https://www.homeworkmarket.com/questions/assignment-4-19427315 Assignment 4

https://www.homeworkmarket.com/questions/assignment-3-19404909 Assignment 3

https://www.homeworkmarket.com/questions/assignment-1-19399337 Assignment 2

https://www.homeworkmarket.com/questions/assignment-1-19376327 Assignment 1

Module 10 Discussion – How Can You, One Nurse, Educate Clients In Your Facility/Neighborhood/Community?

The ANA has stated, “Education for those in the health-care professions must increase in depth and breadth as scientific knowledge expands” (Catalano, 2012, p.91) According to Catalano, there has been a lack of adequate preparation for educating clients with self-management concerns, particularly clients with chronic illnesses, and this lack of education is a serious violation of ethical responsibilities by health care providers.
Do you agree or disagree with this statement and why? Is the failure to properly educate clients on the fault of the Nurse? Does the Nurse’s level of education matter? Why do you feel that way?

Please provide in-text citation and references

Research Paper in MLA style

Ivana Bin

Professor Sylne

English 1101

October 30, 2019

Should Abortion Be Legal?

ProCon.org. Should Abortion Be Legal?. May 9, 2019.

This article talks about the Pros and Cons of abortion, it says that a woman’s right to abort, should not be limited by governmental or religious authority. Women that can’t abort legally, resort to unsafe and illegal abortions that can harm their health. The cons say that abortion is killing an innocent human being, and that it’s unfair to allow abortion when they are couples that can’t conceive.

Senior Politics Writer, Milligan, Susan. Is Abortion A Human Right?, Dec. 2, 2015.

Susan Milligan talks about the battle of abortion between choice and life. The article explains the sadness of seeing a women’s right being politicized. An abortion Act law was passed, making the procedure legal up to 28 weeks. It is only legal to save the lives of the pregnant women or girl, victims of rape or incest, and also women who are carrying fetuses with fatal abnormalities. In the case of a fatal abnormality, there is no life to protect, when the fetus leaves the womb it cannot survive independently.

Corporate And Foundation Philanthropy

For this question, analyze your institution’s(Albany State University GA) financial information related to the philanthropic support of corporations and foundations. Respond to the following:

Identify the efforts to connect your institution with corporations and foundations.
Explain how these methods differ from those used to solicit individual donors.
Determine if your institution has been successful in obtaining the support of corporations and foundations.

It is up to the advancement department to identify potential donors to meet various institutional needs. Review the process the advancement staff at your institution(Albany State University GA) uses to connect potential donors with the needs of the institution. Address the following in your initial post:

It is up to the advancement department to identify potential donors to meet various institutional needs. Review the process the advancement staff at your institution(Albany State University GA) uses to connect potential donors with the needs of the institution. Address the following in your initial post:

Describe how your institution identifies potential donors.
Explain how the college advancement staff matches donors to the needs of the institution.
Discuss the effectiveness of these donor outreach efforts by reviewing the financial results from them.

Essay Topic: Amazon Vs. Walmart

topic: write a two page paper about Amazon VS. Walmart. Why is Amazon doing better E-commerce wise.

provide an average of all the financial metrics (profitability, solvency, liquidity, etc), or weight one statistic more heavily than the others. An example of this would be preparing an average of all metrics, but discounting debt percentage by ½, or overweighting profitability by a factor of 2, in order to skew results in favor of firms based on one or more metrics.
**Need it by tomorrow Dec. 5th by 2 p.m

Choose one author of literature that we have read this semester or choose another published literary writer.

Author – William Faulkner

Choose one author of literature that we have read this

semester or choose another published literary writer. All

authors are subject to my approval. (The best strategy is to

choose one work written by your author. A story, novel, poem or

play is best and then limit you research to that one work.)

.

1. Start with biographical information on your author. Find at

least one good biographical source and use this information

for the first part of your paper.

2. Choose one literary source, preferably a scholarly (peer

reviewed) or critical article published in a university press

journal. Use this source as the second part of your paper.

3. Choose another source of the same quality as your first

source and make this source the third part of your paper.

4. Choose a third source of the same quality as your first two

sources and make this source the fourth part of your paper.

5. The fifth and last part of your paper is a conclusion in which

you will comment on what you have learned about your

author from your research.

General Guidelines:

Use MLA Guidelines from your Bedford Handbook pp. 569-674.

Length: 1,000 – 1,500 Words.

Cyber Policy for a Small World Simtray Report 1 page Malicious Cyber Technology Review discussion refer to inst

Cyber Policy for a Small World Simtray Report 1 page

Malicious Cyber Technology Review discussion refer to inst

International Cybersecurity Threat Matrix

International Cybersecurity Environmental Scan Summary 2 page

Regional Fact Sheet 1 page

Botnet Evaluation 1-2 page

Botnet Discussion 2 page

Botnet Conclusion 1 page

Global Cybersecurity Environment Report refer to attached inst

Overview

As a cybersecurity professional, it is important for you to not only understand the organizational and national human and technical factors, but because you will encounter international threats and concerns, it’s also important to be able to recognize threats from other countries.

In this project, you are tasked with creating a chart that depicts your recommendations regarding the assessment and evaluation of the cybersecurity threats and policies that can be linked to origins in the Middle East, Europe, Africa, and other regions, including the relevant cultural differences in global security outlooks across these regions. You will base your findings from the view of a consultant to an international company looking to expand in those geographical areas. Generally, what kind of cybersecurity climate will the company encounter?

In your research, focus on a malicious cyber technology or capability (malware) that is specific to the global environment, i.e., Trojans, rootkits, worms, spyware, keystroke loggers, or advanced persistent threats (do not select botnets, as they will be studied separately in this project). Along with your country threat assessments, you must also assess and evaluate the evolution of this malware and recommend how global cybersecurity policies might be used to counter the effects.

You will review the characteristics of your chosen malware by discussing six specific characteristics (purpose, size, attack method, attribution, etc.) and describe how these characteristics have emerged, changed, or evolved over the past five to 10 years. Also discuss what contributing factors may cause these characteristics to change, and how these characteristics may change over the next 10 years. How might these technologies be countered by global cybersecurity policy controls (do not describe technology controls) in the future? Support your position with policy, security practice, theories, principles, and recommendations based on your own thoughts, examples, and cited references.

Finally, you will study botnets, which are a specific and particularly pervasive type of malware. You will learn about the global nature of botnets and the emerging security issues associated with botnets, to include their impact on the formulation of global cybersecurity policies.

Scenario GlobalOutreach is an international company that specializes in risk mitigation, with particular emphasis on cyber risk. You are a consultant to GlobalOutreach, which is looking to expand into the geographical areas of the Middle East, Europe, Africa, and other regions. The company has asked you to provide your thoughts (based on research) on what kind of cybersecurity climate can be expected when expanding to these areas. Your assessment of the global environment will include the identification of specific cyberthreats pervasive in selected regions as well as the identification and characterization of malware in these regions.

You decide to also focus on networked computing systems, which are important to businesses, commerce, and education worldwide, but may be controlled by the global governments that vary from country to country. Botnets, which leverage networks of computers, are a particular global concern, and GlobalOutreach has dedicated research funds to better understanding the propagation of botnets and also how to eradicate them. Networked computing systems are particularly vulnerable to botnets, which can be used in distributed denial-of-service attacks and other malicious purposes.

Your report will highlight cybersecurity policies in three international regions as well as in NATO and the United Nations, representing global alliances, and will then document the impact of your selected malware in the three geographic areas. It will feature the types of malicious activities most widely observed and what they are used for, and will also consider the role of international cybersecurity policies in eradicating the malware.

A comprehensive report will show GlobalOutreach that you are in the best position to advise about global affairs, laying the groundwork for future consulting with the company.

When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission.

· 2.1: Identify and clearly explain the issue, question, or problem under critical consideration.

· 7.2: Evaluate international cybersecurity policy.

· 8.2: Evaluate specific cybersecurity threats and the combination of technologies and policies that can counter them.

·

Cyber Policy for a Small World Simtray Report

As a consultant to a global risk mitigation company, you will need an overview of global cybersecurity issues and related policies. The global connections that characterize modern cyberspace and catalyze near-instantaneous communication and productivity are also the Achilles’ heel of governments. Cybernetworks, like their physical counterparts, are prone to being used as instruments of sabotage, espionage, disruption, and war. In order to familiarize yourself with these types of global issues and relevant terminology and concepts, open the SIMTRAY titled “Cyber Policy for a Small World.”

SIMTRAY is a simulation that will give you a sense of the need for cybersecurity personnel to maintain a global perspective. There are no local incidents in cyberspace, but more importantly, you will reflect on US policy on cybercrime and cyberwarfare. Some of the issues and topics addressed in this exercise include EMP Attack, the role of state actors, and attacks using technologies such as botnets.

The SIMTRAY will provide you with scores to give you a sense on how well you are grasping the concepts. The sections are timed for 30 minutes; however, you can run the SIMTRAY as many times as you need. Record your best score and at least one lesson learned from the exercise to include in your report at the end of the three-day simulation.

In the previous step, you started to examine the SIMTRAY, “Cyber Policy for a Small World.. In this step, continue to focus on SIMTRAY, but document the specific technologies and policies that you believe could be better addressed in the global scene. You may encounter the following topics in this exercise: EMP Attack, the role of state actors, and attacks using technologies such as botnets.

The SIMTRAY will provide you with scores to give you a sense on how well you are grasping the concepts. The sections are timed for 30 minutes; however, you can run the SIMTRAY as many times as you need. Record your best score and at least one lesson learned from the exercise to include in your report at the end of the three-day simulation.

In this step, you should continue to explore the scenarios within SIMTRAY, “Cyber Policy for a Small World.” If you have not already, you will most likely encounter the following topics in this exercise: EMP Attack, the role of state actors, and attacks using technologies such as botnets.

Document events that you experience in the exercise that might affect the global cybersecurity policy. Think about threats brought about by new technologies and how these threats are or could be handled by global policy.

The SIMTRAY will provide you with scores to give you a sense on how well you are grasping the concepts. The sections are timed for 30 minutes; however, you can run the SIMTRAY as many times as you need in order to have a firm grasp of the concepts. Compile your recorded scores, lessons learned and documented technologies and policies into a one-page report.

Submit your report for feedback.

Malicious Cyber Technology Review

Now that you have practiced the SIMTRAY to familiarize yourself with global issues, you will focus on a specific malicious cyber technology or capability (malware) that is specific to the global environment. Select one technology or capability and post a brief description on the discussion board of the technology, its intended use, and how it is being used maliciously. Include a brief discussion of how your selected technology has evolved and how global cybersecurity policies might be used to counter its effects.

Possible choices include, but are not limited to: Trojans, rootkits, worms, spyware, keystroke loggers, or advanced persistent threats (APTs). Do not select botnets.

International Cybersecurity Threat Matrix

Threat Review
Due to the vast differences in culture, leadership, laws, and policies of countries around the globe, cybersecurity threats are handled differently. These differences result in various approaches to cybersecurity economic issues, different tolerances for cybersecurity cultural issues, and different responses to cyberterrorism. Ultimately, global perspectives on international cybersecurity legal issues have broad impact as different nations attempt to both thrive in the global economic environment and survive in light of global cyberthreats. Organizations that desire to expand into foreign nations must consider these differences, particularly when they are not relevant when operating in the United States.

For this step, you will evaluate global cybersecurity threats coming from a minimum of three different regions; for example, the Middle East, Europe, Africa, Russia, or other regions. More specifically, think about networked computing systems being critical to businesses, commerce, education, and governments. Keeping them secure is no longer solely the concern of corporate entities and the relevant regulatory environments. Global governments must also work to ensure the security of their networks. Also consider your selected technology from the previous step.

Complete the International Cybersecurity Threat Matrix for at least three international countries or regions.

Complete the Andrew Bowers NATO Intern eLearning Module for an overview of the NATO cybersecurity stance. Evaluate its effectiveness as well as the effectiveness of the United Nations cybersecurity stance in helping to contribute to cybersecurity international policy over the next decade. For more information, read about international cybersecurity approaches.

Update the International Cybersecurity Threat Matrix from the previous step, based on your findings in this step. Submit your matrix for feedback. This matrix will be included in your final report.

International Cybersecurity Environmental Scan Summary

Compile all of the information you found in the previous two steps and write a two-page summary. Use the International Cybersecurity Environmental Scan Template to guide your summary, which should include descriptions of the regions and of the cybersecurity threats prevalent in the regions selected. Address the role of international bodies (NATO and United Nations) in influencing and contributing to international cybersecurity policies.

Submit your summary for feedback. This summary will be included in your final report.

Regional Fact Sheet

To illustrate the impact of cybersecurity threats, develop a one-page fact sheet using one of the regions from your matrix. Explain the cybersecurity threat experienced in one region, the evolution of the associated malware, the implications (e.g., economic, political, national security, etc.) of it to that region and how global cybersecurity policies might be used to counter the effects. You will discuss six specific characteristics (purpose, size, attack method, attribution, etc.) of the malware and describe how these characteristics have emerged, changed, or evolved over the past five to 10 years. Also discuss what contributing factors may cause these characteristics to change, and how these characteristics may change over the next 10 years. How might these technologies be countered by global cybersecurity policy controls (do not describe technology controls) in the future? Support your position with policy, security practice, theories, principles, and recommendations based on your own thoughts, examples, and cited references.

Submit your regional fact sheet for feedback.

Botnet Evaluation

A botnet is a particular type of cyberthreat wherein a network of computers are infected with malware and then co-opted and controlled by one entity. Botnets are globally pervasive and used in many modern-day cyber intrusions. It’s important to understand how they operate and their impact to global security.

Review the learning content modules listed below and create notes using the Botnet Research Template. Learning Content Modules:

1. Botnets Creating Profit

2. Global Botnets and Emerging Issues

3. Botnet Attack at Westwood Mutual

These notes will be used for your evaluation of the international concerns of botnets in the next step.

Evaluate the issues associated with botnets and with formulating global cybersecurity policy. Identify the characteristics of botnets, and how they have evolved over the past 5-10 years. Research the key technical features of botnets and determine the factors that contribute to botnet characteristics to change. Your Botnet Evaluation should be one and a half to two pages in length.

Submit your Botnet Evaluation for feedback.

Botnet Discussion

In a two-page document,

1. Discuss six specific characteristics of the global nature of botnets (such as purpose, size, attack method, attribution, etc.).

2. Describe how these characteristics have emerged, changed, or evolved over the past five to 10 years.

3. Describe the key technical features of six example botnets.

4. Discuss what contributing factors may cause botnet characteristics to change, and how these characteristics may change over the next 10 years.

Submit your Botnet Discussion for feedback.

Botnet Conclusion

Create a one-page document that answers the following questions, taking into consideration your country research and botnet reviews.

How might future botnets be countered by global cybersecurity policy controls (do not describe technology controls) in the future?

What impact could global cybersecurity policies have on the eradication of botnets?

Submit your Botnet Conclusion for feedback.

Global Cybersecurity Environment Report

Throughout this project, you have researched and considered global cybersecurity issues, technologies, and related policies. You have evaluated various countries and international organizations. It is now time to compose your consultant’s report to GlobalOutreach documenting your findings. Refer to the instruction for the Global Cybersecurity Environment Report for additional guidelines.

Submit your completed report.

Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them in your work.

· 2.1: Identify and clearly explain the issue, question, or problem under critical consideration.

· 7.2: Evaluate international cybersecurity policy.

· 8.2: Evaluate specific cybersecurity threats and the combination of technologies and policies that can counter them.