COIT20249: Cyber Security Assessment Report - ABCT Analysis

Verified

Added on 2023/03/21

AI Summary

This report provides a comprehensive cyber security assessment of the ABCT organization. It begins by highlighting the importance of cyber security, emphasizing its role in protecting data, ensuring business continuity, and maintaining customer trust. The report then delves into the specific context of ABCT, an Australian technology company, and examines the vulnerabilities within its system, including the use of VPNs, BYOD policies, and cloud storage. Key vulnerabilities identified include denial-of-service attacks, ransomware, and direct access attacks. The report further explores emerging cyber threats such as serverless apps vulnerability, IoT threats, cryptojacking and mobile malware. Recommendations are made for improved security, including implementing firewalls, anti-malware software, cyber security policies, employee training, strong passwords, and multi-factor authentication. The report concludes by emphasizing the need for proactive cyber security measures to protect ABCT from significant financial and operational damage, and provides a detailed overview of the vulnerabilities and threats, as well as the importance of implementing appropriate frameworks to mitigate the identified issues effectively.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: ASSESSMENT ON CYBER SECURITY
Title: ASSESSMENT ON CYBER SECURITY
- Assessment number 3
[Unit Code]
[Name of the Student]
[Assessment due date]
[Student Number]
[CQU email address]
[Name of the Tutor]
[Word count: 2500]

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1
ASSESSMENT ON CYBER SECURITY
Executive summary
This report focuses on describing the importance of cyber security within an organization. The
report will focus on describing the concept associated with cyber security and importance of
proper cyber security within the ABCT. In addition to this the report will also focus on three
main security vulnerabilities that are identified within the organization’s system.
With the growing technology it becomes essential to focus on the threats that are likely to impact
the performance of the organization. The finding states that there is a huge need to identify the
threats that are associated with the cyber and so that it can be mitigated easily. Cyber security
ensures a better safety towards the functioning of organization. Hence it becomes essential to
implement proper measures.
The report makes it clear that there is a high need to have proper control over the cyber threats so
that it can provide better benefits towards the organization. Implementation of appropriate
framework will help in overcoming the issues effectively within time and will safeguard the
organization from serious damages.
 The following are the list of recommendation that is made for the purpose of protecting
the system in home and office from cyber attacks.
 Implementing firewall and installing anti malware software
 Cyber security policies needs to be implemented along with training employees
 Ensuring proper passwords along with effective monitoring on the employees
 Using multifactor identification

2
ASSESSMENT ON CYBER SECURITY
Table of Contents
1.0 Introduction................................................................................................................................3
2.0 Importance of cyber security.....................................................................................................3
2.1 Cyber security and importance for ABCT.............................................................................4
2.1.1 Offers better protection...................................................................................................5
2.1.2 Productivity increases.....................................................................................................6
2.1.3 Protect customers:...........................................................................................................6
2.1.4 Maintains data confidentiality:.......................................................................................6
2.2 Security vulnerabilities within the ABCT’s system..............................................................6
3.0 Emerging threats associated with cyber security.......................................................................8
3.0.1 Serverless Apps Vulnerability:.......................................................................................8
3.0.2 Iot Threats:......................................................................................................................9
3.0.3 Cryptojacking:................................................................................................................9
3.0.4 Mobile malware:.............................................................................................................9
3.0.5 Bring your own device (BYOD):...................................................................................9
4.0 Conclusion...............................................................................................................................10
5.0 Recommendation.....................................................................................................................11
6.0 References................................................................................................................................12

3
ASSESSMENT ON CYBER SECURITY
1.0 Introduction
1.1 background
Cyber security is referred to the security that is provided towards the computer systems so
that the hackers does not gets the ability to damage the hardware , software or the electronic
data. ABCT is basically an Australia based technology company that focuses on lining up the
products from different rangers that typically includes hardware and software components
(Xia et al., 2018). The organization maintains a huge office base throughout the nation and
two organizations in overseas. The systems associated with the organization are provided
with virtual private network that is being maintained in Canberra the head office of the
organization. The organization also allows the employee to work from home with the help of
VPN. The organization also offers bring your own device policy for employees. The
organization maintains an effective cloud solution for the purpose of storing the data so that
they can get backup easily in case of any emergency. As the employees associated with the
organization shares a common connection thus it becomes essential to be aware about the
cyber security concept.
1.2 Aims
The main aim of the report is to provide a better concept associated with cyber security. It
becomes essential to understand the importance of cyber security within the organization.
with a proper implementation of cyber security it will become easy to manage the threats and
will also protect the organization from serious damages. Cyber security is most important
security concepts within the organization that has the potential to impact the performance of
the organization.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4
ASSESSMENT ON CYBER SECURITY
1.3 Scope
The report will focus on finding the major cyber security concerns so that it becomes easy to
manage security towards the data. The report aims at describing the important components
associated with the concept of cyber security so that it becomes easy to manage the data
(Buczak & Guven, 2015). With the development of this document it will become easy to
manage the staffs and training process can be enhanced. Thus the report will entirely focus
on listing the security vulnerabilities within the ABCT’s system so that they can be
maintained effectively.
2.0 Importance of cyber security
With the increase in technology the cyber world has enhanced widely and hence there is a high
need to have a proper control over the cyber related functioning. Over years it has observed that
the cyber threats have increased a lot that has the potential to impact the performance of business
(Gupta, Agarwal & Yamaguchi, 2016). The types of cyber attacks that have grown exponentially
are malware attacks, denial of service attack and phishing. These are the most common cyber
attacks that are faced by current business. Thus it becomes essential to implement proper cyber
security within the organization so that it can provide better safety towards the performance of
the organization (Graham, Olson & Howard, 2016). Proper cyber security measures will ensure
that the system is being protected from attackers, the network is protected from hackers and the
data maintained within the system. The main challenges that are associated with the cyber
security is that security issues that arises with the use of application, hardware security and cloud
security issues. The main reason behind implementing a proper cyber security strategy is that it
helps in preventing the organization from huge damages or loss of data and prevents the system

5
ASSESSMENT ON CYBER SECURITY
from further data loss. The main challenges towards the cyber security concept are the increase
of cloud and internet of things for the purpose of accessing the data. The different types of cyber
security that are available for protecting the data from further intrusions are application security,
network security, cloud security and hardware security (Knowles et al., 2015). Apart from this
there are several other ways for protecting the data stored within the system. This includes data
loss prevention, intrusion detection system, intrusion prevention systems, antivirus and
cryptography. Thus with the implementation of these cyber security it will become easy to
manage the activities.
2.1 Cyber security and importance for ABCT
Cyber security plays a crucial role in every business and ensures that the data stored within
the organization are maintained with high security. In order to check the business
performance it becomes essential for the organization to monitor the performance of the
organization so that the users can be identified at earl stage and allows the users to develop
proper strategy for the purpose for enhancing the business activities (Liu et al., 2015). Thus it
becomes essential for every organization to implement proper security measures within the
organization so that it does not affects the performance of the organization. The threats that
are likely to impact the performance of the organization are malware attacks, spyware,
ransomware, rootkits, payloads and many more. In order to prevent the system from these
types of effects the organizations are offered with huge defense mechanisms. The defense
mechanisms that are offered with the cyber security includes authentication process that will
only allow the authorized person to get into the system, implementing firewall, data centric
security and implementation of proper encryption method.

6
ASSESSMENT ON CYBER SECURITY
ABCT is an organization that shares different types of high-tech product for the purpose of
providing better security towards the hardware and software (Do et al., 2017). The main
reason behind implementing proper cyber security application within the organization is that
it offers a virtual private network towards each employee. In order to harm the performance
of organization this network can be used. Moreover the employees are allowed to carry the
laptop wherever they want to work this gives the opportunity towards the hackers. This
makes the system of the organization vulnerable to several threats and can impact the
confidentiality of the system. This will further lead to impacting the overall performance of
the system. The main reason behind implementing proper cyber security measures within the
organization are as follows:
2.1.1 Offers better protection: the cyber security offers a better solution for the purpose
of protecting the business functionality (DiMase et al., 2015). This also ensures that
proper protection is provided towards the data stored within the organization.
2.1.2 Productivity increases: with the help of proper cyber security measures it has
been observed that the virus impacts can be identified effectively. This will ensure that
proper mitigation strategy is offered towards the organization for the purpose of
removing the potential impacts (DiMase et al., 2015). This will eventually lead to
development of organization in a better way.
2.1.3 Protect customers: with the implementation of proper business policies it is
observed that it becomes easy to manage the customers so that they do not get hampered
with the threats (Do et al., 2017).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7
ASSESSMENT ON CYBER SECURITY
2.1.4 Maintains data confidentiality: the implementation of proper cyber security also
ensures that the business is protected from unwanted threats and the access is only
provided to authorize person (Do et al., 2017). This ensures better performance and also
helps in maintaining of proper confidentiality throughout the data maintained within the
system.
2.2 Security vulnerabilities within the ABCT’s system
Cyber security is one of the most important security concepts within the organization
that has the potential to impact the performance of the organization. It is important to take the
concept of cyber security important for every organization as proper strategy has the
potential to enhance the services provided towards the organization (Almeshekah &
Spafford, 2016). After analyzing the case study ABCT organization and the working
performed by the system of the organization it can be stated that the types of attacks that are
likely to occur within the system are denial of service attack, ransomware attack and direct
access attacks. The identified vulnerabilities are described below:
2.2.1 Denial of service attacks: the denial of service attack is mainly referred to the
attack in which the network resources are made unavailable towards the intended users
and these leads to disrupting the services for the organization. These are being done by
traffic flooding the victims systems with viruses. This leads to hampering the system
performance. Thus it becomes essential to implement proper defense techniques that will
protect the organization from serious damages. ABCT organization is associated with
virtual private network, thus there are high chanced that the system may get affected with
these attack. The different types of defense techniques that are used for the purpose of

8
ASSESSMENT ON CYBER SECURITY
protecting the system includes implementation of proper firewalls, implementing up
streaming the filters and implementing IPS based prevention system.
2.2.2 Ransomware: this is referred to the type of malware that tends to threaten the
victims data and the access is only provided when the ransom is paid by the victim
(Collins, 2016). These attacks are mainly carried out with the help of Trojan that attaches
malicious mauls with the system that are further downloaded by the users. As the
connection provided towards the employee in ABCT organization is public, hence the
chances of ransomware increase. This needs to be mitigated effectively so that it does not
harm the performance of the organization. Once the system is being affected with
ransomware attack then it can cause a huge damage towards the economy of the
organization. The attacker first generates a pairof keys and transferred towards the victim.
These are further attacked by sharing the key with attacker and asking for extortion
money. Thus this types of issues needs to be mitigated with the help of proper file system
defenses against the ransomware and implementing file decryption method so that data
can be easily recovered from the attackers.
2.2.3 Direct access attacks: denial access attacks are mainly designed for the purpose of
gaining a physical access over the system for the purpose of directly copying the
materials. The main reason behind these attacks is that they tend to acquire all the data
from the system. These get executed even if the system is protected with security
standards (Hemdrix, Al-Sherbaz &Victoria, 2016). These are mainly done by booting
another operating system. With the use of these attacks it becomes difficult to manage the
activities within the organization. There is a high chance that the system may get affected

9
ASSESSMENT ON CYBER SECURITY
with the direct access attacks and will eventually lead to hampering the whole
performance of the system.
3.0 Emerging threats associated with cyber security
With the growing technologies it has been observed that the security concerns has increased
within the organization. Nowadays the attackers have also become active and this becomes one
of the major concerns for the organization. The cyber security threats are inventive, have the
potential to manipulate the data of organization, and can harm the performance of the
organization in different forms. The data gets stolen from the organization and gets breached for
the purpose of harming the organization. The major reason behind addressing the threats is that it
becomes essential to develop proper security measures that will protect the organization from
future damages (Stevens, 2016). The five emerging threats that are associated with the cyber
security are ransomware evolution, AI expansion, IoT threats, blockchain revolution and
serverless apps vulnerability. The below part will describe about the ach emerging threats in
details:
3.1 Serverless Apps Vulnerability: this has the potential to invite cyber attacks. These types
of threats have the potential to impact the customer information whenever the user gets
access towards the application located within the system(Stevens, 2016). The main reason
behind occurring this event is that, as soon as the data are updated within the cloud storage
the data gets accessed by the attackers. This hampers the overall performance and this
precaution will eventually hamper the overall performance.
3.2 Iot Threats:with the enhancement in technology it has been observed that the threats are
increasing and this possess the ability to hamper the overall performance of the system. The

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

10
ASSESSMENT ON CYBER SECURITY
problem that is mainly associated with the IoT is that the data are shared with every user
(Stevens, 2016). According to research made it is observed that the IoT devices have 70
percent chances of impacting the performance of the system.
3.3 Cryptojacking: this is referred to the one of the biggest threats that has the potential to
impact the business performance and has the potential to exploit the system with basic
vulnerabilities. This mainly includes lack of backup and lack of network segmentation.
Cryptojacking can affect the performance of a system even if they have basic applications
developed within the organization (Stevens, 2016). This are basically strains of malware that
are small in size that are in different types and affects the place in which they are being
installed.
3.4 Mobile malware: with the increase in technology it has been observed that the mobile
devices have became one of the top targets for the attackers(Stevens, 2016). The attacker
focuses on these devices and analyses every activity for the purpose of impacting the privacy
concerns.
3.5 Bring your own device (BYOD): it is observed that several organizations offers a
facility of taking the device or bring the devices at working place. These possess a huge
threat towards the organization as the security concerns with the use of personal devices. It
becomes difficult to understand and determine each and every user’s activity(Stevens, 2016).
These motivates the attacker to perform illegal activities for the purpose harming the
organization. It is observed that the system tends to impact the performance of the system.

11
ASSESSMENT ON CYBER SECURITY
4.0 Conclusion
The recent progress of computer networks has introduced a huge fascination towards the users.
This has improved the way of living and also ensures that a proper growth is maintained
throughout the office and home system. However it has been observed that with the increase in
number of attacks the systems has became more vulnerable towards the threats. This will
eventually hamper the performance of the system. Thus from the above report it can be stated
with the proper implementation of recommendation it will become easy to manage the activities
within the system. The main issues that are faced within the ABCT organization are with the
strategy implemented for maintaining the cyber security. It is observed that there is a high need
to maintain a proper security throughout the organization. The report has described all the major
findings and hence it can be stated that it becomes essential to develop a proper technology that
will help in enhancing the security throughout the system. The report has described the concept
of cyber security and the importance of having a proper cyber security concept within the
organization. Apart from this the organization has also described the threats that are likely to
impact the performance of organization. Lastly the report has described the recommendation that
will enhance the performance of the system. The recommendation will suggest ways for
enhancing the system so that they can take proper measures for protecting the system from cyber
threats. Thus it can be concluded that there is a high need to manage the security concerns within
the organization as this will ensure better performance of the system.

12
ASSESSMENT ON CYBER SECURITY
5.0 Recommendation
For the purpose of enhancing the functions within the organization it becomes essential to take
proper steps that will ensure a better output throughout the organization. The steps that will help
in enhancing the performance of the system are described below:
 Implementing firewall within the organization for providing a better defense towards the
cyber attacks.
 Cyber security policies need to be implemented for enhancing the performance of the
organization.
 Training employees about the cyber security
 Ensuring proper passwords are being implemented within the organizations
 Proper monitoring needs to be done on the data and activities performed by the
employees
 Installing anti malware software within the organization
 Using multifactor identification for providing better security towards the system

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

13
ASSESSMENT ON CYBER SECURITY
6.0 References
Almeshekah, M. H., & Spafford, E. H. (2016). Cyber security deception. In Cyber deception (pp.
23-50). Springer, Cham.
Buczak, A. L., & Guven, E. (2015). A survey of data mining and machine learning methods for
cyber security intrusion detection. IEEE Communications Surveys & Tutorials, 18(2),
1153-1176.
Collins, A. (Ed.). (2016). Contemporary security studies. Oxford university press.
DiMase, D., Collier, Z. A., Heffner, K., & Linkov, I. (2015). Systems engineering framework for
cyber physical security and resilience. Environment Systems and Decisions, 35(2), 291-
300.
Do, C. T., Tran, N. H., Hong, C., Kamhoua, C. A., Kwiat, K. A., Blasch, E., ... & Iyengar, S. S.
(2017). Game theory for cyber security and privacy. ACM Computing Surveys (CSUR),
50(2), 30.
Graham, J., Olson, R., & Howard, R. (2016). Cyber security essentials. Auerbach Publications.
Gupta, B., Agrawal, D. P., & Yamaguchi, S. (Eds.). (2016). Handbook of research on modern
cryptographic solutions for computer and cyber security. IGI global.
Hendrix, M., Al-Sherbaz, A., & Victoria, B. (2016). Game based cyber security training: are
serious games suitable for cyber security training?. International Journal of Serious
Games, 3(1), 53-61.

14
ASSESSMENT ON CYBER SECURITY
Knowles, W., Prince, D., Hutchison, D., Disso, J. F. P., & Jones, K. (2015). A survey of cyber
security management in industrial control systems. International journal of critical
infrastructure protection, 9, 52-80.
Liu, Y., Sarabi, A., Zhang, J., Naghizadeh, P., Karir, M., Bailey, M., & Liu, M. (2015). Cloudy
with a chance of breach: Forecasting cyber security incidents. In 24th {USENIX}
Security Symposium ({USENIX} Security 15) (pp. 1009-1024).
Stevens, T. (2016). Cyber security and the politics of time. Cambridge University Press.
Xia, Y., Etchevers, X., Letondeur, L., Coupaye, T., & Desprez, F. (2018, April). Combining
hardware nodes and software components ordering-based heuristics for optimizing the
placement of distributed iot applications in the fog. In Proceedings of the 33rd Annual
ACM Symposium on Applied Computing (pp. 751-760). ACM.