× Limited Time Offer ! FLAT 20-40% off - Grab Deal Before It’s Gone. Order Now
Connect With Us
Order Now

SIT763 Cyber Security Management Report Sample

Task 1: Cyber Security Risk Identification

Asset identification: Identify four assets, one of each type: information, knowledge, application, and business process. For each asset, determine is current worth (value), and the security requirements (confidentiality, integrity, and availability). Finally, prioritise the assets based on their level of criticality from highly critical to less critical.

 

Table I: Asset risk register

Record the name of the asset along its attributes on the table below.

Provide rational for the selection of the assets and their attributes as well as for the priority.

Threats and vulnerabilities identification: For each asset, identify two potential threats capable of causing harm to the asset and the corresponding vulnerabilities. Describe briefly the rational for the selection of the threats and vulnerabilities. Record the information on the table below.

 

Table II: Threat-vulnerability pair register

Task 2: Cyber Security Risk Assessment

In this section, you will rate the risk. You must justify and support your choice and show step by step your work and include all the formulas required to arrive at your answer.

Ranking vulnerabilities and threats: Rate the vulnerabilities and threats you identified in previous section. Record the result in the Table III.

 

Table III: Inherent risk register

Compute the risk likelihood: Risk likelihood represents the likelihood that a threat will exploit a vulnerability assuming that there are no security controls in place. Record the result in the Table III.

Compute the risk impact: the risk likelihood represents the likelihood that a threat will exploit a vulnerability assuming that there are no security controls in place. Record the result in the Table III.

Compute the risk level: calculated risk level from the “likelihood” and “impact” and record the result in the Table III.

Task 3: Cyber Security Risk Evaluation

Existing Control: evaluate existing security control effectiveness to reduce the likelihood of a threat exploiting the vulnerability or the potential consequence arising from the vulnerability exploitation or both.

 

Table IV: Control and risk evaluation

Prioritise the risks: prioritise the risk to the asset based on the risk level. The risks are ordered from highest risk to lowest risk.

Task 4: Cyber Security Risk Treatment

Identify appropriate treatment option for mitigating the risk. Select and assess a range of security controls appropriate to remedy the risk. Provide rational and justification for the selection of the controls, treatment option and assessments.

 

Table V: Risk treatment

Solution

Introduction

Cybersecurity management is a strategic counterpart of an organization to protect their information resources and maintain a competitive advantage in spite of the evolving threat landscape [1]. It can be done by protecting sensitive data, personally identifiable information and intellectual property rights. This study has shed light on the cybersecurity management of XYZRG board by undertaking a broad cybersecurity risk assessment for The Assignment Help within their corporate setting.

Task 1: Cyber Security Risk Identification

1. Asset identification

 

Table I: Asset risk register

 

Table II: Assets and attributes pair register

2. Threats and vulnerabilities identification

 

Table III: Threat-vulnerability pair register

Task 2: Cyber Security Risk Assessment

Table IV: Inherent risk register

It can be indicated from the cybersecurity risk assessment of XYZ real estate that they have an overall 8 types of risks that might devastate their employee productivity and business profitability. This might be due to the low-risk appetite of the organization in terms of brand reputation and loyalty as they have failed to pursue their long-term goals on the consideration of poor security policy and fraudulent dealing of their own pre-installed laptops to the respective clients [14]. There are four top-most and high risks of the real estate company such as malware attack, operational risks, ransomware attack and distributed denial-of-service attacks. XYZ real estate have failed to cover the warranty of their laptops through negligence including spilling liquids on the devices or dropping. It is due to such consideration that the organization is facing increased challenges of stolen databases as well as theft of laptops. This might instill a risk for the organization around their cybersecurity wall and damage the access control systems. It can be indicated from the likelihood and impact of these four risks that they are concerning XYZ real estate in terms of ensuring smooth connection with the clients due to the increase of unauthorized access to the computer system. It is quite important to get rid of malware attacks in the real estate company to achieve a baseline of cyber security by providing a safe compliance in their certification. This can assure the organization numerous benefits in terms of owning private productivity software and personal messaging apps on the laptop [15]. The benefits include improved customer confidence on investment, reduced insurance premiums and ability to tender their real estate services through a scheme of pre-requisite. Therefore, XYZ real estate needs to ensure strong memorable passwords and password-protected laptops to avoid the malware and DDOs attacks with a frequent check on the cybersecurity wall.

Task 3: Cyber Security Risk Evaluation

 

Table V: Control and risk evaluation

Task 4: Cyber Security Risk Treatment

 

Table VI: Risk treatment

Conclusion

It can be concluded from the above that cybersecurity management for XYZRG board is crucial to protect their short-term and long-term resources. This can ensure them to stay safe from third-party attackers like malware, ransomware and DDOs, which might affect their brand reputation rate. Therefore, involving intrusion detection system and other security control measures are effective for the real estate agency to keep aloof their laptop services by improving customer service department and business productivity rate.  

References

 

Fill the form to continue reading

Download Samples PDF

Assignment Services