COIT20249 Assessment Item 3: Cyber Security Report
VerifiedAdded on 2025/05/04
|19
|3026
|484
AI Summary
Desklib provides solved assignments and past papers to help students succeed.
COIT20249 Assessment Item 3: Cyber Security
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Contents
List of Figures..................................................................................................................................3
Executive Summary.........................................................................................................................4
Introduction......................................................................................................................................5
Cyber Security.................................................................................................................................6
The three cyber or data security pillars........................................................................................6
Cybersecurity Importance to ABCT............................................................................................7
Three major security vulnerabilities to ABCT................................................................................8
5 emerging threats for ABCT........................................................................................................11
Conclusion.....................................................................................................................................16
Recommendations..........................................................................................................................17
References......................................................................................................................................18
List of Figures..................................................................................................................................3
Executive Summary.........................................................................................................................4
Introduction......................................................................................................................................5
Cyber Security.................................................................................................................................6
The three cyber or data security pillars........................................................................................6
Cybersecurity Importance to ABCT............................................................................................7
Three major security vulnerabilities to ABCT................................................................................8
5 emerging threats for ABCT........................................................................................................11
Conclusion.....................................................................................................................................16
Recommendations..........................................................................................................................17
References......................................................................................................................................18
List of Figures
Figure 1: Cyber Security..................................................................................................................5
Figure 2: Three Cyber Security pillars............................................................................................6
Figure 3: Vulnerability related to VPN...........................................................................................8
Figure 4: BYOD Vulnerabilities......................................................................................................9
Figure 5: Cloud Vulnerabilities.....................................................................................................10
Figure 6: crypto jacking.................................................................................................................11
Figure 7: Cross-site scripting.........................................................................................................12
Figure 8: Mobile malware.............................................................................................................12
Figure 9: Social Engineering.........................................................................................................13
Figure 10: Denial of service (DoS)................................................................................................14
Figure 1: Cyber Security..................................................................................................................5
Figure 2: Three Cyber Security pillars............................................................................................6
Figure 3: Vulnerability related to VPN...........................................................................................8
Figure 4: BYOD Vulnerabilities......................................................................................................9
Figure 5: Cloud Vulnerabilities.....................................................................................................10
Figure 6: crypto jacking.................................................................................................................11
Figure 7: Cross-site scripting.........................................................................................................12
Figure 8: Mobile malware.............................................................................................................12
Figure 9: Social Engineering.........................................................................................................13
Figure 10: Denial of service (DoS)................................................................................................14
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Executive Summary
With the increasing risk of the cyber-attacks and the increasing trends related to technological
advancements, there is a requirement for organizations to ensure the security of their intellectual
property. Cybersecurity is concerned with protecting the personal and office devices and
networks from the cyber-attacks. The report is based on the discussion of the recent threats and
vulnerabilities along with the importance of implementing a security system to an organization.
The case scenario of ABCT was discussed along with the discussion of the threats and
vulnerabilities that are related to the security system of the company. Certain recommendations
are also discussed in the report for ensuring cybersecurity to the organization. The report will
provide a clear insight of cyber-attacks and cyber security to an organization.
With the increasing risk of the cyber-attacks and the increasing trends related to technological
advancements, there is a requirement for organizations to ensure the security of their intellectual
property. Cybersecurity is concerned with protecting the personal and office devices and
networks from the cyber-attacks. The report is based on the discussion of the recent threats and
vulnerabilities along with the importance of implementing a security system to an organization.
The case scenario of ABCT was discussed along with the discussion of the threats and
vulnerabilities that are related to the security system of the company. Certain recommendations
are also discussed in the report for ensuring cybersecurity to the organization. The report will
provide a clear insight of cyber-attacks and cyber security to an organization.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Introduction
This report is generated based on the analysis of the cybersecurity issues that are related to
ABCT and the importance of cybersecurity to an organization with technological development
domain. The report will define the concept of cyber security and cyber security concept that is in
current affairs nowadays due to increasing cyber exploit and vulnerabilities. The main focus of
this report will be the study of the security infrastructure of ABCT and providing a security
solution to the company by updating the security infrastructure according to the identified threats
and vulnerabilities. The report will discuss the definition of cybersecurity and the importance of
the implementation of cybersecurity measures to ABCT information structure. The security
threats will be discussed along with the proper description of their mood of operation and their
complexities along with the source. The report will also discuss the recent threats to the company
and will provide the recommendation based on the analysis of the entire scenario that is provided
and based on the analysis of the threat and the vulnerabilities that will be identified. The report
will properly explain the importance of cybersecurity to ABCT and will successfully determine
the threats and the vulnerabilities along with that the report will provide a proper
recommendation that is required to be implemented to the security system of ABCT and also for
ensuring security at home and offices.
This report is generated based on the analysis of the cybersecurity issues that are related to
ABCT and the importance of cybersecurity to an organization with technological development
domain. The report will define the concept of cyber security and cyber security concept that is in
current affairs nowadays due to increasing cyber exploit and vulnerabilities. The main focus of
this report will be the study of the security infrastructure of ABCT and providing a security
solution to the company by updating the security infrastructure according to the identified threats
and vulnerabilities. The report will discuss the definition of cybersecurity and the importance of
the implementation of cybersecurity measures to ABCT information structure. The security
threats will be discussed along with the proper description of their mood of operation and their
complexities along with the source. The report will also discuss the recent threats to the company
and will provide the recommendation based on the analysis of the entire scenario that is provided
and based on the analysis of the threat and the vulnerabilities that will be identified. The report
will properly explain the importance of cybersecurity to ABCT and will successfully determine
the threats and the vulnerabilities along with that the report will provide a proper
recommendation that is required to be implemented to the security system of ABCT and also for
ensuring security at home and offices.
Cyber Security
Cybersecurity refers to the act of protecting the network, programs, and systems from the digital
attacks. The main aim of these attacks is destroying, accessing and changing the intellectual and
the sensitive information’s, financially affecting the host or the user or even affecting or
interrupting the business processes. With the growth of the Internet of Things (IoT) and the
increasing devices more than humans, the implementation of cybersecurity issues is getting
tough as a constant graph can be seen with the proportionality of hackers and device growth.
Cybersecurity is basically the design of systems, processes, and technologies for protecting the
networks, devices, and processes from the wide range of cyber attacks. Cybersecurity is basically
the division of information technology security. Cyber attacks can exploit websites, data centers,
servers, programs, and accounts so cybersecurity basically focuses on the security of the
computer system (Von et.al, 2013).
Figure 1: Cyber Security
Source: (Digital Guardian, 2019)
The three cyber or data security pillars
Cybersecurity basically involves the control and implementation of cyber attacks within three
pillars processes, technology, and pillar. Working within these three pillars helps the
organization in protecting them from internal and external cyber threats at a personal and
organizational level.
Cybersecurity refers to the act of protecting the network, programs, and systems from the digital
attacks. The main aim of these attacks is destroying, accessing and changing the intellectual and
the sensitive information’s, financially affecting the host or the user or even affecting or
interrupting the business processes. With the growth of the Internet of Things (IoT) and the
increasing devices more than humans, the implementation of cybersecurity issues is getting
tough as a constant graph can be seen with the proportionality of hackers and device growth.
Cybersecurity is basically the design of systems, processes, and technologies for protecting the
networks, devices, and processes from the wide range of cyber attacks. Cybersecurity is basically
the division of information technology security. Cyber attacks can exploit websites, data centers,
servers, programs, and accounts so cybersecurity basically focuses on the security of the
computer system (Von et.al, 2013).
Figure 1: Cyber Security
Source: (Digital Guardian, 2019)
The three cyber or data security pillars
Cybersecurity basically involves the control and implementation of cyber attacks within three
pillars processes, technology, and pillar. Working within these three pillars helps the
organization in protecting them from internal and external cyber threats at a personal and
organizational level.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
People: This ensures security at the personal level through awareness among the
employees regarding cyber threats, updating the employees of the organization regarding
the recent cyber threats and the preventive measure.
Technology: Other than the organizational control that is a major portion of the
technological control of the cyber attack. From installing an antivirus to control on the
access point technologies are deployed for the mitigation of the cyber risk.
Processes: For the communication of the cybersecurity measure processes plays an
important role. The processes that are documented must define the responsibilities and
roles regarding the procedure for ensuring cybersecurity at a personal and organizational
level (Wang et.al, 2013).
Figure 2: Three Cyber Security pillars
Source: (DeNisco-Rayome, 2019)
Cybersecurity Importance to ABCT
ABCT is basically an Australian based technology company that deals with the production of a
wide range of hardware and software products. The company faced several a cyber attacks due to
the poor security management system and the intellectual property of the company including the
employees regarding cyber threats, updating the employees of the organization regarding
the recent cyber threats and the preventive measure.
Technology: Other than the organizational control that is a major portion of the
technological control of the cyber attack. From installing an antivirus to control on the
access point technologies are deployed for the mitigation of the cyber risk.
Processes: For the communication of the cybersecurity measure processes plays an
important role. The processes that are documented must define the responsibilities and
roles regarding the procedure for ensuring cybersecurity at a personal and organizational
level (Wang et.al, 2013).
Figure 2: Three Cyber Security pillars
Source: (DeNisco-Rayome, 2019)
Cybersecurity Importance to ABCT
ABCT is basically an Australian based technology company that deals with the production of a
wide range of hardware and software products. The company faced several a cyber attacks due to
the poor security management system and the intellectual property of the company including the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
information of the customer about the product code is required to be secured from any further
attacks. Following are some of the major reasons for the importance of Cybersecurity to ABCT:
The soaring cost of the data breaches: In case of an emergency it may cost the company
a lot in implementing the privacy cost. These penalties are less in front of the
reputational loss can be faced by the company when the confidential information of the
company is compromised.
The sophisticated growth of the cyber-attacks: The cyber attackers are their
sophistication day by day with the increase in the complexity of the technology and with
this the complexity the security model of the company is required to be updated.
The leakage of data during the cyber-attack can affect the uniqueness if the product that
is produced by ABCT so it is required to protect the intellectual property of the
company.
The use of a VPN (a virtual private network) is open to a ransomware attack that can
lock the data and the services that can cause huge cost loss in unlocking the data.
BYOD is implemented in ABCT and this can be a threat as the personal devices can be
accessed by anyone at their homes.
There are certain legal consequences that the company might have to deal with in case
of any security breach (Hahn et.al, 2013).
Three major security vulnerabilities to ABCT
There are several cybersecurity vulnerabilities that are related to ABCT system that is used by
the company for its mobility practices and the proliferation by the company. Given below are the
three major security vulnerabilities to ABCT system:
The application of a VPN that is used by the company for providing the computer services
The software programs of the Virtual Private Networks (VPN) connects the user of the service to
the different computers of the corporate network over certain internet channels. The major
security vulnerability that is related to the VPN service is the storage of the login information by
the software in a manner that is not encrypted or secured in the log files or in the system memory
attacks. Following are some of the major reasons for the importance of Cybersecurity to ABCT:
The soaring cost of the data breaches: In case of an emergency it may cost the company
a lot in implementing the privacy cost. These penalties are less in front of the
reputational loss can be faced by the company when the confidential information of the
company is compromised.
The sophisticated growth of the cyber-attacks: The cyber attackers are their
sophistication day by day with the increase in the complexity of the technology and with
this the complexity the security model of the company is required to be updated.
The leakage of data during the cyber-attack can affect the uniqueness if the product that
is produced by ABCT so it is required to protect the intellectual property of the
company.
The use of a VPN (a virtual private network) is open to a ransomware attack that can
lock the data and the services that can cause huge cost loss in unlocking the data.
BYOD is implemented in ABCT and this can be a threat as the personal devices can be
accessed by anyone at their homes.
There are certain legal consequences that the company might have to deal with in case
of any security breach (Hahn et.al, 2013).
Three major security vulnerabilities to ABCT
There are several cybersecurity vulnerabilities that are related to ABCT system that is used by
the company for its mobility practices and the proliferation by the company. Given below are the
three major security vulnerabilities to ABCT system:
The application of a VPN that is used by the company for providing the computer services
The software programs of the Virtual Private Networks (VPN) connects the user of the service to
the different computers of the corporate network over certain internet channels. The major
security vulnerability that is related to the VPN service is the storage of the login information by
the software in a manner that is not encrypted or secured in the log files or in the system memory
that is temporary. The VPN network can easily be exploited by the attacker in entering into the
files and gaining entry into the sensitive corporate network of the computer services that are
provided by ABCT. The attacker can easily exploit the network and impersonate the actual user
and gain the accessibility of the resources and the sensitive data of the company (Craigen et.al,
2014).
Figure 3: Vulnerability related to VPN
Source: (Watkins, 2014)
The BYOD (Bring Your Own Device) Policy by ABCT
BYOD policy was incorporated in the company policies for the workers those who were working
on site. This policy of ABCT which allows the employees to bring their personal devices to the
workplace is affecting the policies that are related to the cyber security of the company. This
policy is a huge threat to the ABCT as this exposes the company to a huge number if
cybersecurity risk. Some of the major risks related to this BYOD policy to ABCT are as follows:
Data leakage risk: with the permission of accessing the corporate data related to the
company at any time and from anywhere increase the risk of data leakage.
Exposure to more vulnerabilities: As the data can be accessed from anywhere this
increase the vulnerabilities as the devices can be connected by the employee from ant
LAN or Wi-Fi device without any security protection.
The combination of the personal and corporate data: As the personal devices can be used
at the workplace so the corporate and the personal information are stored at the same
files and gaining entry into the sensitive corporate network of the computer services that are
provided by ABCT. The attacker can easily exploit the network and impersonate the actual user
and gain the accessibility of the resources and the sensitive data of the company (Craigen et.al,
2014).
Figure 3: Vulnerability related to VPN
Source: (Watkins, 2014)
The BYOD (Bring Your Own Device) Policy by ABCT
BYOD policy was incorporated in the company policies for the workers those who were working
on site. This policy of ABCT which allows the employees to bring their personal devices to the
workplace is affecting the policies that are related to the cyber security of the company. This
policy is a huge threat to the ABCT as this exposes the company to a huge number if
cybersecurity risk. Some of the major risks related to this BYOD policy to ABCT are as follows:
Data leakage risk: with the permission of accessing the corporate data related to the
company at any time and from anywhere increase the risk of data leakage.
Exposure to more vulnerabilities: As the data can be accessed from anywhere this
increase the vulnerabilities as the devices can be connected by the employee from ant
LAN or Wi-Fi device without any security protection.
The combination of the personal and corporate data: As the personal devices can be used
at the workplace so the corporate and the personal information are stored at the same
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
place and if the device is lost the sensitive corporate data can easily be accessed by
anyone accessing the device.
The security related to BYOD can easily be exploited by malware once an employee
installs any malware program to his device and this can easily spread to all the network of
computers in the company (Biscoe, 2017).
Figure 4: BYOD Vulnerabilities
Source: (Haskins, 2017)
Use of cloud for storing the product and the customer information
ABCT is using cloud storage for the storing sensitive data that are related to the customer and the
product information's such as cloud services provides remote access to the data and also easy to
use. But with the immense advantages that are provided by cloud storage to the company, there
are several security risks that are inherent due to the use of cloud storage by ABCT. The major
risk that is related to the use of cloud storage is that the business data that are sensitive are
required to be shared with the third party that is the service provider of the cloud service and
ABCT is unaware of the interest of the cloud provider. Following are the list of some of the
threats that are related to the use of cloud service by ABCT:
There is no control over the data that is shared: The major problem with cloud storage is
that it requires the sharing of data with the third party that basically takes the corporate
information away from the IT environment of the company and hence it took the data
control away from the reach of the company. And as cloud storage is for storing the data
anyone accessing the device.
The security related to BYOD can easily be exploited by malware once an employee
installs any malware program to his device and this can easily spread to all the network of
computers in the company (Biscoe, 2017).
Figure 4: BYOD Vulnerabilities
Source: (Haskins, 2017)
Use of cloud for storing the product and the customer information
ABCT is using cloud storage for the storing sensitive data that are related to the customer and the
product information's such as cloud services provides remote access to the data and also easy to
use. But with the immense advantages that are provided by cloud storage to the company, there
are several security risks that are inherent due to the use of cloud storage by ABCT. The major
risk that is related to the use of cloud storage is that the business data that are sensitive are
required to be shared with the third party that is the service provider of the cloud service and
ABCT is unaware of the interest of the cloud provider. Following are the list of some of the
threats that are related to the use of cloud service by ABCT:
There is no control over the data that is shared: The major problem with cloud storage is
that it requires the sharing of data with the third party that basically takes the corporate
information away from the IT environment of the company and hence it took the data
control away from the reach of the company. And as cloud storage is for storing the data
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
of the company so the data that are highly sensitive are also stored and that increase the
vulnerability of the stored data.
Leakage of data: Cloud storage is basically an environment consisting of multiuser that
includes the sharing of almost all the resources of the company. This increase the risk of
sensitive data being viewed and utilized by unauthorized access. And the cloud service of
ABCT is not having any data encryption or password protection for its cloud storage.
Snooping: As the files of the cloud storage are transferred through the internet there is
always a risk of the file getting exploited even after the encryption and password
protection.
Data breach: cloud storage basically provides a wide range of data storage space and this
enables that the data that are related to the company and the customer’s data get mixed
which may lead to the data breach by the third party service provider (Abomhara, 2015).
Figure 5: Cloud Vulnerabilities
Source: (Refsdal et.al, 2015)
5 emerging threats for ABCT
The landscape of the cyber threat keeps on evolving with the invention of new threat almost each
and every day. ABCT security system is required to be updated against the threats that are
tracked to improve the resilience against the treats. Following are the top five threats to ABCT
that are identified and required to be addressed first in the new security system:
vulnerability of the stored data.
Leakage of data: Cloud storage is basically an environment consisting of multiuser that
includes the sharing of almost all the resources of the company. This increase the risk of
sensitive data being viewed and utilized by unauthorized access. And the cloud service of
ABCT is not having any data encryption or password protection for its cloud storage.
Snooping: As the files of the cloud storage are transferred through the internet there is
always a risk of the file getting exploited even after the encryption and password
protection.
Data breach: cloud storage basically provides a wide range of data storage space and this
enables that the data that are related to the company and the customer’s data get mixed
which may lead to the data breach by the third party service provider (Abomhara, 2015).
Figure 5: Cloud Vulnerabilities
Source: (Refsdal et.al, 2015)
5 emerging threats for ABCT
The landscape of the cyber threat keeps on evolving with the invention of new threat almost each
and every day. ABCT security system is required to be updated against the threats that are
tracked to improve the resilience against the treats. Following are the top five threats to ABCT
that are identified and required to be addressed first in the new security system:
Crypto jacking
Ransomware is the biggest threat that can impact the business of ABCT as there are no access
policies in the company that can exploit the basic vulnerabilities that include lack of backup and
network segmentation. Ransomware used to lock the data of the organization from its own
access and the company requires paying the huge cost in getting access to its own data and this
act is termed as Crypto jacking.
Figure 6: crypto jacking
Source: (Wingrave, 2018)
Cross-site scripting
Cross-site scripting or XXS allows the hackers or adversaries in using the business website of the
company and to execute the code that are untrusted into the browser of ABCT that help in the
easy interaction of the hacker with the cookies of the companies browser that are used for the
authentication of the site and hijack the site without any credentials. The access to the cookies
helps the hacker in gaining certain sensitive information about the company’s intellectual
property (Wingrave, 2018).
Ransomware is the biggest threat that can impact the business of ABCT as there are no access
policies in the company that can exploit the basic vulnerabilities that include lack of backup and
network segmentation. Ransomware used to lock the data of the organization from its own
access and the company requires paying the huge cost in getting access to its own data and this
act is termed as Crypto jacking.
Figure 6: crypto jacking
Source: (Wingrave, 2018)
Cross-site scripting
Cross-site scripting or XXS allows the hackers or adversaries in using the business website of the
company and to execute the code that are untrusted into the browser of ABCT that help in the
easy interaction of the hacker with the cookies of the companies browser that are used for the
authentication of the site and hijack the site without any credentials. The access to the cookies
helps the hacker in gaining certain sensitive information about the company’s intellectual
property (Wingrave, 2018).
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 19
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.