Ask a question to Desklib · AI bot


MSc Cyber Security and Forensics.

2 Pages431 Words369 Views

Added on  2019-09-18

BookmarkShareRelated Documents
MSc Cyber Security and ForensicsRisk Management Assessment SpecificationCoursework ScenarioYou are required to complete a risk assessment and produce a report to management using the scenario below (in italics) or a similar scenario developed by yourself based on your past/present work experience. If you decide to choose your own scenario, you must providedetails of the context in which the scenario is set.Imagine that you are working as an IT security professional for an organisation called CobWeb. It has 300 employees and one large corporate office with three floors located in central London. Your organisation is a website development company with gross revenue of 5 million pounds per year. Recently, security problems have become a hot topic with management, and you have been asked by the CISO (chief information security officer) to write a security recommendation report for your organisation. The reported security problems include: Data loss due to employee negligence Physical break ins Employees complain that they do not understand what is expected of them from a security standpoint Network administrator complains that the company allows free access to anything on the network for anyone who asks for it The CobWeb home web page was recently hacked. Points to consider:1.Research and document using appropriate forms, all the data and information assetsassociated with the organisation. e.g. customer data, employee information etc. Using appropriate mechanisms, identify the most important assets.[15 marks]2.Research and document using appropriate forms, all the threats that are likely to have an impact on the identified data assets.[15 marks]3.Examine each asset– threat pairing and produce a vulnerability matrix based on likelihood / probability values etc.[10 marks]4.Assume there are no specific controls in place to protect the data assets in question. You may assume general controls such as anti-virus software, logical access controls etc. are already in place., however for completeness, you may want to list these as well and then ‘cross them off’ as already existing controls.[0 marks]
MSc Cyber Security and Forensics._1

Found this document preview useful?

Related Documents
Information Threat Security | Report

Security Problems and Risk Management of CobWeb

Risk Management Assignment - Cloud Services

Assessment of Object Oriented Model

Implementing an Information Security Management System (ISMS) for ABC Organization

Network Security Plan Template- cyber security