Risk Management Assessment for CobWeb

Verified

Added on 2019/09/18

AI Summary

The assignment requires the completion of a risk assessment for an IT security professional working at CobWeb, a website development company with 300 employees and one corporate office in London. The goal is to produce a report to management recommending security controls to mitigate risks associated with data loss due to employee negligence, physical break-ins, lack of understanding among employees regarding security expectations, unrestricted network access, and the recent hacking of the company's home webpage. The assessment involves identifying data assets, threats, vulnerability matrices, risk calculations using automated tools, proposing countermeasures, and justifying recommendations.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

MSc Cyber Security and Forensics
Risk Management Assessment Specification
Coursework Scenario
You are required to complete a risk assessment and produce a report to management using
the scenario below (in italics) or a similar scenario developed by yourself based on your
past/present work experience. If you decide to choose your own scenario, you must provide
details of the context in which the scenario is set.
Imagine that you are working as an IT security professional for an organisation called
CobWeb. It has 300 employees and one large corporate office with three floors located in
central London. Your organisation is a website development company with gross revenue of
5 million pounds per year. Recently, security problems have become a hot topic with
management, and you have been asked by the CISO (chief information security officer) to
write a security recommendation report for your organisation. The reported security
problems include:
• Data loss due to employee negligence
• Physical break ins
• Employees complain that they do not understand what is expected of them
from a security standpoint
• Network administrator complains that the company allows free access to
anything on the network for anyone who asks for it
• The CobWeb home web page was recently hacked.
Points to consider:
1. Research and document using appropriate forms, all the data and information assets
associated with the organisation. e.g. customer data, employee information etc.
Using appropriate mechanisms, identify the most important assets. [15 marks]
2. Research and document using appropriate forms, all the threats that are likely to
have an impact on the identified data assets. [15 marks]
3. Examine each asset– threat pairing and produce a vulnerability matrix based on
likelihood / probability values etc. [10 marks]
4. Assume there are no specific controls in place to protect the data assets in question.
You may assume general controls such as anti-virus software, logical access controls
etc. are already in place., however for completeness, you may want to list these as
well and then ‘cross them off’ as already existing controls. [0 marks]

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

5. Using an automated tool, calculate the risk factors for each of the asset-threat
pairing identified above. [10 marks]
6. Using appropriate methodology and assuming a reasonable risk appetite value,
propose suitable countermeasures. [30 marks]
7. Justify your recommendations using appropriate calculations. [20 marks]

1 out of 2

+13062052269

info@desklib.com

Risk Management Assessment for CobWeb

Contribute Materials

Secure Best Marks with AI Grader

Related Documents

Information Security Risk Assessment

Security Problems and Risk Management of CobWeb

Risk Management Assignment - Cloud Services

RTL and Landing Programme Analysis and Design using UML

Implementing ISMS for ABC Organisation

Network Security Plan Template