Risk Management week 6
PURPOSE OF ASSIGNMENT
One unique characteristic of this course is that we’ll bring Cyber IT Risk management ecosystems to life by studying a set ofconcrete case studies, based on real-world vulnerabilities and threats that organizations face worldwide. This is really the learning part, and I hope you’ll enjoy diving deep into the research and understand more deeply how these vulnerabilities and threats impact the Organization and produce Risk.
So, to make the topics in our class concrete, we use four case studies (each one week long) to investigate concrete cyber vulnerabilities and threats that have impacted the Confidentiality, Integrity, and Availability of IT networks, computer systems, and produced risks to the crown jewels of information of organizations across every business sector and government.
ASSIGNMENT INSTRUCTIONS
For the first case study this week, you will research a trusted insider significant cyber event from the following list.
1) Edward Snowden – NSA
2) Bradley Manning – DOD
3) Ahmad Abouammo, Ali Alzabarah – Twitter employees charged with accessing user accounts on behalf of the Saudi Arabian government.
4) Jun Xie’s exfiltration of roughly 2.4 million files from GE Healthcare’s secure network
5) Dejan Karabasevic – American Superconductor Intellectual Property Theft by Sinovel.
6) Xiaolang Zhang – Apple employee arrested for stealing self-driving car IP
7) Paige A Thompson AWS employee who breached CapitalOne
This assignment will be broken down into several parts to maximize learning. The first part is to understand the Organization that was impacted by the Insider Threat Agent.
Write a minimum 1000-word (not counting the title page) case study report document in the format mandated in the UCOL Style Guide (see the link to the guide document in the lower part of the course home page) with these sections:
1. Describe the background, history, organizational and leadership culture, and risk appetite of the organization. Did the Organizational Leadership communicate and demonstrate their cyber risk tolerance, appetite, and influence the culture of the organization?
1. Identify the Organizations security policies, procedures, technical security measures that were in place to prevent a trusted insider threat.
1. Identify the motivations of the Insider Threat Actor. Were there indications or signs of behaviors that should have tipped off the management, information security/risk staff of the Organization to this threat?
1. Using the publicly known cyber vulnerability reporting systems and the MITRE ATT&CK framework, map out theattackTactics, Techniques, and Procedures (TTPs)used by the Trusted Insider. Reflect on why and how the Trusted Insider was effective in attacking the IT systems, networks, gaining access to the crown jewels and successfully exfiltrating that information.
1. Describe the Organizational response to the Trusted Insider what was done to identify, respond and mitigate the attack? What were the lessons learned by the Organization to include additional security controls, policy changes, and consequences to the Trusted Insider?
1. Build a Cyber Risk Register for a Systems Administrator Trusted Insider Threat include 5 different possible scenarios/events that could occur. Use the elements described on pages 82-83 of the CRISC All In One book.
1. Create a Trusted Insider Cyber Threat Incident Response Plan Annex. Identify specific Trusted Insider policies, procedures, technical security controls, executive management roles and responsibilities, check lists, communications plans (internal, external), legal considerations, external support, engagement requirements, business continuity and disaster response considerations.
Pro Tip: Look at the rubric for this assignment to best understand the assignment expectations in detail.
FORMATTING AND STYLE REQUIREMENTS
1. Submissions should be between 1000 words and 1200 words in length.
1. Refer to theUCOL Format and Style Requirements(Links to an external site.)on the Course Homepage, and be sure to properly cite your sources usingTurabian Author-Date style citations(Links to an external site.).
1.
1.
1.
1.
Rubric
ICT-4215 Case Study Rubric
ICT-4215 Case Study Rubric
Criteria
Ratings
Pts
This criterion is linked to a Learning OutcomeContent
25.0pts
Excellent
Balanced presentation of relevant and legitimate information that clearly supports a central purpose or argument and shows critical thought and in-depth analysis of a significant topic. Results are based on findings. Conclusions reflect complete understanding of results. Reader gains important insights. Creativity is demonstrated where appropriate
16.3pts
Meets Requirement
Information provides reasonable support for a central purpose or argument and displays evidence of a basic critical thinking and analysis of a significant topic. Results are not completely based on evidence. Conclusions are not completely related to results. Reader gains some insights. Creativity is minimally demonstrated
14.08pts
Needs Work
Information supports a central purpose or argument at times. Findings are basic or general. Reader gains few insights and results appear muddled. Results and conclusions do not relate to evidence. Little creativity is present.
0.0pts
Unsatisfactory
purpose support or argument is not clearly identified. Analysis is vague, not evident or biased. Reader is confused or may be misinformed due to poor results from findings. Inaccurate or incomplete conclusions. Does not demonstrate creative thought
25.0pts
This criterion is linked to a Learning OutcomeOrganization
15.0pts
Excellent
The ideas are arranged logically to support the purpose or argument. They flow smoothly from one to another and are clearly linked to each other. The reader can follow the line of reasoning. Every section, paragraph, sentence, and word of the paper supports the thesis of the project
11.85pts
Meets Requirement
The ideas are arranged logically to support the central purpose or argument. They are usually clearly linked to each other. For the most part, the reader can follow the line of reasoning. Every section and the majority of paragraphs, sentences, and words support the thesis of the paper.
8.89pts
Needs Work
In general, the writing is arranged logically, although occasionally ideas fail to make sense together. The reader is fairly clear about what writer intends. Every section, majority of paragraphs, sentences, and words support the thesis
0.0pts
Unsatisfactory
The writing is not logically organized. Frequently, ideas fail to make sense together. The reader cannot identify a clear line of reasoning and loses interest
15.0pts
This criterion is linked to a Learning OutcomeProject Assignment Requirements
10.0pts
Excellent
Assignment is complete.
8.15pts
Meets Requirement
Assignment is partially complete and majority of instructions followed.
5.93pts
Needs Work
Assignment is missing key elements
0.0pts
Unsatisfactory
Assignment is incomplete and instructions not followed.
10.0pts
This criterion is linked to a Learning OutcomePurpose
10.0pts
Excellent
: The writers central purpose or argument is readily apparent to the reader
8.15pts
Meets Requirement
The writing has a clear purpose or argument, but sometimes digresses
5.93pts
Needs Work
The central purpose or argument is not consistently clear throughout the paper
0.0pts
Unsatisfactory
The purpose or argument is generally unclear.
10.0pts
This criterion is linked to a Learning OutcomeQuality of References
10.0pts
Excellent
References are primarily peerreviewed professional journals or other scholarly sources (e.g., government documents, white papers, respected industry sources, etc.). The reader is confident that the information and ideas are based on sound decision making and knowledge utilization. Reference bias is mitigated.
8.15pts
Meets Requirement
Although most of the references are professionally legitimate, a few are questionable (e.g., trade books, internet sources, popular magazines, ). The reader is uncertain of the reliability of some sources, use of knowledge is slightly confusing. Decision making skills could be questioned. Bias of reference is recognized
5.93pts
Needs Work
Most of the references are from sources that are not peer-reviewed or industry vetted and have uncertain reliability, demonstrates little understanding of knowledge utilization. The reader doubts the accuracy of much of the material presented or reference material is quite biased. Decision making skills are not demonstrated effectively.
0.0pts
Unsatisfactory
There are virtually no sources that are professionally reliable. The reader seriously doubts the value of the material and stops reading. Personal and reference bias is obvious.
10.0pts
This criterion is linked to a Learning OutcomeWriting
10.0pts
Excellent
Sentences are clear, wellphrased and varied in length and structure. They flow smoothly from one to another. Flow continues from one paragraph to the next and from section to section. Demonstrates effective communication
8.15pts
Meets Requirement
Sentences are wellphrased and there is some variety in length and structure. The flow from sentence to sentence, paragraph to paragraph and section to section is generally smooth. Effective communication is generally demonstrated
5.93pts
Needs Work
Some sentences are awkwardly constructed so that the reader is occasionally distracted. The fluency of sentences, paragraphs and sections is disruptive. Effective communication skills are not readily apparent
0.0pts
Unsatisfactory
Errors in sentence structure are frequent enough to be a major distraction to the reader. Communication is not effective.
10.0pts
This criterion is linked to a Learning OutcomeGrammar, Spelling, Writing, Mechanics (punctuation, italics, capitalization, etc.)
5.0pts
Excellent
The writing is free or almost free of errors. Shows evidence of proofreading.
3.7pts
Meets Requirement
There are occasional errors, but they dont represent a major distraction or obscure meaning. Not thoroughly proofread.
2.22pts
Needs Work
The writing has many errors, and the reader is distracted by them. Minimal proofreading is evident.
0.0pts
Unsatisfactory
There are so many errors that meaning is obscured. The reader is confused and stops reading. Lack of evidence of proofreading.
5.0pts
This criterion is linked to a Learning OutcomeTone
5.0pts
Excellent
The tone is consistently professional and appropriate for an academic research paper. The writing is compelling. It hooks the reader and sustains interest throughout. Demonstration of fully empowered thinking about project and confidence in presented ideas.
3.7pts
Meets Requirement
The writing is generally engaging, but has some redundancy or lacks clarity in a few sentences or paragraphs. In general, it is focused and keeps the readers attention. The tone is generally professional. Largely, it is appropriate for an academic research paper. Tone uses active voice when appropriate
2.22pts
Needs Work
The writing is dull and unengaging. Though the paper has some interesting parts, the reader finds it difficult to maintain interest. The tone is not consistently professional or appropriate for an academic research paper. Little confidence in presented ideas.
0.0pts
Unsatisfactory
The writing has little personality. The reader quickly loses interest and stops reading. The tone is unprofessional or overly casual. It is not appropriate for an academic research paper.
5.0pts
This criterion is linked to a Learning OutcomeUse of References and Sources
5.0pts
Excellent
Compelling evidence from professionally legitimate sources support claims. Attribution is clear and fairly represented. No plagiarism is evident. Documentation style is followed for every level of rubric.
3.7pts
Meets Requirement
Professionally legitimate sources that support claims are generally present and attribution is, for the most part, clear and fairly represented.
2.22pts
Needs Work
Although attributions are occasionally given, many statements seem unsubstantiated. The reader is confused about the source of information and ideas
0.0pts
Unsatisfactory
References are seldom cited to support statements or consistently cited incorrectly. Plagiarism may be a concern. Knowledge utilization and decision making skills are not apparent.
5.0pts
This criterion is linked to a Learning OutcomeWord Choice
5.0pts
Excellent
Word choice is consistently precise and accurate.
3.7pts
Meets Requirement
Word choice is generally good. The writer often goes beyond the generic word to find one more precise and effective
2.22pts
Needs Work
choice is merely adequate, and the range of words is limited. Some words are used inappropriately or repetitively
0.0pts
Unsatisfactory
Many words are used inappropriately, confusing the reader. There may be extensive and unwarranted repetition.
5.0pts
Total Points:100.0
