1CSE5CRM CYBERSECURITY RISK MANAGEMENT Table of Contents Introduction......................................................................................................................................2 Mechanism of Breach..................................................................................................................2 Risk Management Programme Control Objective.......................................................................4 Mitigation of Actual Threat.........................................................................................................6 Conclusion.......................................................................................................................................7 References........................................................................................................................................8
2CSE5CRM CYBERSECURITY RISK MANAGEMENT Introduction On 6thSep, British Airways have encountered a breach that ultimately resulted in breach of data of customers. British Airways announced that around 380,000 customers are affected and information like personal and payment information were stolen (Ganin et al., 2017). Hackers were unable to steal the information with respect to passport. On the Official website, British Airways has placed an article which explains all the required details of the incident. The technical details mainly comprise of information like payment which is made through the website was affected. Apart from this, the payment made through mobile application was also affected (Meszaros & Buchalcevova, 2017). In the between the time period 21 August and 5th September, the payments made to British Airways were affected. The report highlighted the fact that information was stolen from the website of British Airways and mobile application. There was nothing clearly mentioned about database and server which indicated the indicated the affected breach in comparison to information of payment which is provided on website. In the coming pages of the report an idea has been provided with respect to mechanism of breachat BritishAirways. Afterthat,an overviewhasbeengiven withrespect torisk management programme control objectives. A list of methods has been discussed in details which is needed for avoiding the security breach. The main focus of cyber risk assessment is all about informing stakeholders and decision maker along with providing proper risk response. Mechanism of Breach Around 380,000 data of customer have highlighted the data breach by British Airways prior to this year (Randall & Kroll, 2016). This particular attack resulted in theft of data of customer which is inclusive of both financial and personal data. This particular data breach is highly targeted as it makes use of JavaScript and digital card for skimmers which is loaded from
3CSE5CRM CYBERSECURITY RISK MANAGEMENT web server. It is expected that Mega cart which is a malicious threat actor is main reason for this data breach at British Airways. This has mainly impacted a large number of victims which is known to be part of massive credit card skimming that is inclusive of Newegg breaches (Radziwill & Benton, 2017). From the year 2015, it is expected that Megarcart comes up with modification or even injection PII or credit card logging JavaScript. The complete payment is done on web pages of different organization which is needed for stealing the data of credit card user and PII customers. Fig 1: Data Breach of British Airways (Source: Airways, 2019) Depending on the present available details, all the data of third party compromised for supplychainservicesorevendirectcompromising.Thisparticularaspectwillhelpin understanding the target webserver which is known to be initial vector (Hubbard & Seiersen, 2016).InthedatabreachcaseofBritishAirways,theorganizationtendtohavebeen compromised in direct way. The main focus of hacker in this attack is to modify one of the files of JavaScript (Modernizr JavaScript library, version 2.6.2) that is inclusive of credit card and PII
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4CSE5CRM CYBERSECURITY RISK MANAGEMENT for logging script. In this attack, the hacker collected the payment information and send to the server which is completely controlled by hacker, on “baways[.]com”. It is coming up with SSL certificate which is completely issued by the certificate authority. The Mobile application of this airway loads webpages that is completely built on the same CSS and JavaScript parts that are major part of the website that comprises of malicious script completed installed by Mega cart. In this way the payment made through mobile application of British Airways were also affected. From the available data, the major reason for Data Breach at British Airways is due to progression of Magecart which Grable up the supply chain attack. The beginning reconnaissance is mainly done by making use of a suitable tool leveraging (Allodi & Massacci, 2017). In this case study, the modernizr library composed of data which is a part of PII that has grabbed the initial vector where infiltration vector was used. Depending on available details, the biggest progression which is leverage by attacker is all about customizing the malicious PHP log payload for the beginning infiltration into a CND instance which is used British Airways. Fig 2: British Airways
5CSE5CRM CYBERSECURITY RISK MANAGEMENT (Source: Khidzir et al., 2016) Depending on the present attack vector which is leverage Magecart malicious threat actor, there are mainly three areas of monitoring which is needed for increasing the overall chance of detection. The areas that need to be revised are Web Server Content, Endpoints log and HTTP proxy logs (Busby, Green & Hutchison, 2017). The first point that needs to be taken is all about identifying any kind of supply chain attack. Any kind of attempt of malicious threat actor needs to be installed on JavaScript on the given server. Apart from this, there are many other areas that is needed to be identified for working within the user. Risk Management Programme Control Objective Risk Management and internal control can help the organisation like British Airways to understand the risk the exposed to. It is mainly done so that they can put proper controls for counter the threats and effectively pursuing the objectives (Barrett, 2018). It is considered to be a vital parameter which is needed for governance, operation and management. There are many professional accountants which can play a key role that will help organization in achieving their objectives. This particular aspect can create an approach which is needed for risk management and internal control (Basto-Fernandes et al., 2017). This particular aspect will help in creating and protecting the stakeholder value at British Airways. ISRM stands for Information Security Risk Management can be stated as a method which is needed for proper management of risk which is associated with the use of information security. Organization like British Airways mainly focus on identifying and analysing the risk with respect to confidentiality, availability and integrity of need of information (Teixeira et al., 2015). This particular process mainly comprises of two aspects that risk assessment and treatment of risk. At present, there are large number of frameworks which will help British Airways in
6CSE5CRM CYBERSECURITY RISK MANAGEMENT creating ISRM strategy. There are large number of Cybersecurity framework that needs to be taken into consideration like Identification:Activities in this group focus on development of proper understanding with respect to cybersecurity risk with respect to people, data and overall capabilities (Shetty et al., 2018). In the present business context, all the risk associated with British Airways will help the organization understanding the present threat along with giving priority to the security efforts. In the given stage, the activities mainly comprise of asset management and governance. Protecting:British Airways need to implement proper safeguards which is needed for safeguarding and providing proper security controls that is needed for protecting the vital data against any cyber-attack. Detection:British Airways need to quickly spot certain number of events that can bring huge amount of risk to the present data security (Roldán-Molina et al., 2017). On a usual note, British Airways need to be completely depended on certain number of monitoring techniques and incident detection techniques. Responding:British Airways need to proper action which is needed for detecting any kind of cyber-security based incidents (Nurse, Creese & De Roure, 2017). British Airways can easily make use of huge number of techniques like overall impact of incident. Recovering:British Airways need to come develop and implement activities which is needed for restoring the services that has been impacted by the security incident (Mills, 2017). This particular group of activities mainly comprises of normal operation that is needed for minimizing the overall impact of the incident.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
7CSE5CRM CYBERSECURITY RISK MANAGEMENT Fig 3: Customer Data Theft at British Airways (Source: Randall & Kroll, 2016) ISRM can be stated as an ongoing method that is needed for accessing and responding to any kind of security risk. For effective management of risk, British Airways need to make an evaluation of the likelihood of data breach (Radziwill & Benton, 2017). It can ultimately create huge amount of risk to the present environment and overall impact of each of the given risk. As per the various ISRM programs to be completely effective in nature, mere focus is on the comprehensive programs. It is all about simplification of complete security risk management method by dividing it into required steps (Hubbard & Seiersen, 2016). ISRM method are considered to be very much manageable which is needed for overcoming some of the major issues. It mainly comprises of five steps which is needed for building an effective risk management program like Awareness of Business:British Airways need to have an idea with respect to the present condition like consideration of budget and overall complexity of the business process
8CSE5CRM CYBERSECURITY RISK MANAGEMENT Definition of the program:British Airways need to completely define the present ISRM program that needs to be implemented in this organization. Development of Program:In this step, British Airways need to have an idea with respect to the functional capabilities and control with respect to IT security and risk management (Allodi & Massacci, 2017). The governance model is all about defining the people that are responsible for each of the ISRM strategy. Benchmarking and Metrics:In the final stage, British Airways need to completely defining the present metrics which is needed for understanding the overall effectiveness of ISRM strategy. Implementation and Operation:British Airways need to go through all the required above stages along with repeating them on regular basis (Khidzir et al., 2016). It is very much mandatory for organization like British Airways to come up with a policy needed for describing the various stages of ISRM. Mitigation of Actual Threat British Airways need to understand overall benefits of cybersecurity strategy. The organization need to follow a list of steps like Getting ready for Incident:Cybersecurity Incident can easily take place on any given time or it have the potential to take place. British Airways need to take up fundamental step for any kind of incident response (Busby, Green & Hutchison, 2017). British Airways need to sit down with team so that they can review the communication plan. Increasing the visibility and Looking for blind spot:British Airways need to have an inventory of system and proper understanding of data. The organization need to have a picture
9CSE5CRM CYBERSECURITY RISK MANAGEMENT which the environment is inclusive of (Barrett, 2018). Much of the attention is paid to the areas which lack visibility. Suring up most of the vector attack:The most general view is all about having an idea with respect to data breach and reports of incident that highlighted the attack at much higher rate. British Airways is generally attacked by making use of email that is phishing attempt. Finding and fixing vulnerabilities:The most vital aspect is all about having an idea with respect to having idea with respect to updates and patches which is needed by British Airways (Basto-Fernandes et al., 2017). Any outdated application, security program and policy can be considered to be a hole. Any kind of hole in website of British Airways can result in bringing threats, reducing overall safety, efficiency that can result in huge number of issues. Conclusion The above pages help us in concluding the fact that this report is all about cyber risk management. For this particular report, the case study of data breach at British Airways has been taken into account. A proper review has been done with respect to the fact that how the breach has taken place. The need of risk management programme for analysing the control objectives has been discussed in details. On6 Sep, British Airways have announced the fact that both their personal and payment details of around ten thousand of customer were stolen at the time of data breach. British Airways has revealed the fact around 382,000 transactions were done in between 21stAugust and 5 September. After the data breach, British Airways have revealed the fact that their services are working on normal way and all the passport and travel details of passengerswere safe. Lateron, the higher authoritiesat British Airways apologised for disruption of services due to criminal activity. In the upcoming days, higher executives at British Airways ensure the fact that in the upcoming days there will be serious protection of passenger
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10CSE5CRM CYBERSECURITY RISK MANAGEMENT data. After the attack, the authorities of British Airways assured their passengers that they will be completely reimbursed.
11CSE5CRM CYBERSECURITY RISK MANAGEMENT References Airways, B. (2019).BA boss apologises for data breach. [online] BBC News. Available at: https://www.bbc.com/news/uk-england-london-45440850 [Accessed 5 May 2019]. Allodi, L., & Massacci, F. (2017). Security events and vulnerability data for cybersecurity risk estimation.Risk Analysis,37(8), 1606-1627. Barrett, M. P. (2018). Framework for improving critical infrastructure cybersecurity.National Institute of Standards and Technology, Gaithersburg, MD, USA, Tech. Rep. Basto-Fernandes, V., Yevseyeva, I., Silva-Rabadão, C., Almache-Cueva, M., & Roldán-Molina, G. (2017). A comparison of cybersecurity risk analysis tools. Busby, J. S., Green, B., & Hutchison, D. (2017). Analysis of affordance, time, and adaptation in the assessment of industrial control system cybersecurity risk.Risk Analysis,37(7), 1298- 1314. Ganin, A. A., Quach, P., Panwar, M., Collier, Z. A., Keisler, J. M., Marchese, D., & Linkov, I. (2017).Multicriteriadecisionframeworkforcybersecurityriskassessmentand management.Risk Analysis. Hubbard, D. W., & Seiersen, R. (2016).How to measure anything in cybersecurity risk. John Wiley & Sons. Khidzir, N. Z., Ismail, A. R., Daud, K. A. M., Afendi, M. S., Ghani, A., & Ibrahim, M. A. H. (2016). Critical cybersecurity risk factors in digital social media: Analysis of information security requirements.Lecture Notes on Information Theory Vol,4(1). Meszaros, J., & Buchalcevova, A. (2017). Introducing OSSF: A framework for online service cybersecurity risk management.computers & security,65, 300-313.
12CSE5CRM CYBERSECURITY RISK MANAGEMENT Mills, A. J. (2017). The Gendering of Organizational Culture: Social and Organizational Discourses in the Making of British Airways☆. InInsights and Research on the Study of Gender and Intersectionality in International Airline Cultures(pp. 37-47). Emerald Publishing Limited. Nurse, J. R., Creese, S., & De Roure, D. (2017). Security risk assessment in Internet of Things systems.IT Professional,19(5), 20-26. Radziwill, N. M., & Benton, M. C. (2017). Cybersecurity Cost of Quality: Managing the Costs of Cybersecurity Risk Management.arXiv preprint arXiv:1707.02653. Randall, K. P., & Kroll, S. A. (2016). Getting Serious about Law Firm Cybersecurity.NEW JERSEY LAWYER, 55. Roldán-Molina, G., Almache-Cueva, M., Silva-Rabadão, C., Yevseyeva, I., & Basto-Fernandes, V.(2017).Acomparisonofcybersecurityriskanalysistools.Procediacomputer science,121, 568-575. Shetty, S., McShane, M., Zhang, L., Kesan, J. P., Kamhoua, C. A., Kwiat, K., & Njilla, L. L. (2018). Reducing informational disadvantages to improve cyber risk management.The Geneva Papers on Risk and Insurance-Issues and Practice,43(2), 224-238. Teixeira, A., Sou, K. C., Sandberg, H., & Johansson, K. H. (2015). Secure control systems: A quantitative risk management approach.IEEE Control Systems Magazine,35(1), 24-45.