ICS 230 – Assignment #2 (Risk Analysis for a Company) Due date: 11:30 PM on Nove

ICS 230 – Assignment #2 (Risk Analysis for a Company)
Due date: 11:30 PM on November 3rd, 2024
Format: This is a group of students assignment. Reflection of each member is required.
Template
Given: The student is given a scenario where an organization’s sensitive data are leaked due to a breach and information about their currently implemented security defense system/measures are provided. The student is also given a list that contains a full list of assets inventory for the organization, including all descriptions and monetary values.
XYZ Company Background:
ABC Solutions is a medium-sized IT services company with 150 employees, specializing in cloud infrastructure management and cybersecurity consulting. The company works with clients in various sectors, including e-commerce, legal services, and healthcare. Given the nature of its business, ABC Solutions handles highly sensitive client data, including financial records and personal information. The company is known for its strong focus on security, with robust measures in place to safeguard its assets.
Current Security Defense Systems/Measures:
1.** Firewall and Endpoint Security: **ABC Solutions has implemented a multi-layered security approach with advanced firewalls and endpoint detection and response (EDR) systems. These monitor all network traffic, block unauthorized access attempts, and respond to any potential malware or virus threats. 2. **Access Control and Multi-Factor Authentication: **Strict access control policies are enforced, where employees have role-based permissions to access only the systems they need. Multi-factor authentication (MFA) is mandatory for all employees accessing critical systems or cloud storage solutions. 3. **Data Encryption: **The company employs high-level encryption for sensitive data both at rest and in transit. All databases are encrypted using AES-256, and data is transmitted over secure protocols (such as HTTPS). This ensures that any intercepted data is unreadable. 4. **Regular Vulnerability Assessments and Patching: **ABC Solutions conducts routine vulnerability assessments to identify and address potential weaknesses in their infrastructure. Additionally, all software—including operating systems, firewalls, and third-party applications—undergo regular updates and security patches. 5. **Incident Response Plan: **The company has developed a comprehensive incident response plan. This ensures that in case of a security breach, appropriate actions are taken to minimize damage, contain the incident, and recover any lost data. 6. **Employee Cybersecurity Training: **Employees at ABC Solutions undergo bi-annual cybersecurity training to remain aware of the latest threats, such as phishing scams, ransomware, and social engineering attacks. This includes simulations to improve their response to potential threats.
Company IT Infrastructure:
Servers and Networking Equipment:
HP ProLiant DL380 Gen10 Server (x3) – $9,500 each
Cisco Nexus 9300 Switch (x2) – $6,500 each
Fortinet FortiGate 200E Firewall – $7,000
Databases and Storage Systems: -Microsoft SQL Server – $18,000
Dell EMC PowerVault ME4024 Storage System – $14,000
Workstations and Laptops:
Lenovo ThinkPad X1 Carbon (x50) – $1,600 each
Apple iMac (x25) – $1,800 each
Software Licenses:
Google Workspace Enterprise License – $10,000
Autodesk AutoCAD License – $7,500
Client Data:
Retail Client Transaction Data (confidential) – Value not specified
Government Agency Client Data (sensitive information) – Value not specified
Note: The values provided are hypothetical and may not represent actual prices in market.
Description of Data Breach Incident:
Despite the security measures in place, ABC Solutions recently fell victim to a data breach incident. The breach was triggered when an attacker exploited a zero-day vulnerability in the company’s cloud infrastructure management tool. This tool had not been updated with the latest patch due to an internal delay in the patch management process. The attacker successfully bypassed ABC Solutions’ firewall and endpoint detection systems, gaining unauthorized access to sensitive client data.
The stolen data included confidential e-commerce transaction records and legal client information, including personally identifiable information (PII). The full extent of the breach is still under investigation, but early estimates suggest that several gigabytes of sensitive client data were compromised, potentially exposing clients to significant risks such as identity theft and financial fraud.
Upon discovering the breach, ABC Solutions immediately activated its incident response plan. They isolated the affected systems, engaged with a third-party cybersecurity incident response team to conduct a thorough investigation, and notified all impacted clients. The company has taken swift action to remediate the vulnerability by applying all pending patches and conducting a company-wide review of its security protocols. Furthermore, ABC Solutions is increasing the frequency of its vulnerability assessments and employee cybersecurity training to reduce the likelihood of future incidents.
Required: The student group will
Assess the current security measures and strategies implemented at this company.
Perform a full analysis of possible types of breaches that might take place on those assets (minimum of three breaches) and use a risk analysis and assessment statistical techniques to report the security posture of that organization.
Devise a revised version of the company’s defense strategies to mitigate similar future attacks.
Perform a web search and recommend a suitable security assessment tool to be used during the mitigation phases in organizations like XYZ. Provide a brief description of that tool and how it can be used for this purpose.
NB. Make sure to use proper and concise security terminologies in your report as covered in various sessions.
Deliverables: The assignment deliverables are as follows:
A Full PDF report to document your findings for the following (Template):
Part A: A comprehensive assessment/critique of the listed 5 current security measures adopted by the XYZ company. The description shall include how these measures operate to protect data, which assets they target to protect, whether they are effective, and what are other potential security threats the current defenses impose on the XYZ company.
Part B: Provide full description of a minimum of three attacks (web based, network based, and software based) that can be launched against the company XYZ based on the current security posture as analyzed in part A. For each identified attack, provide sufficient information about the attack type, vulnerability or vulnerabilities that might lead to that attack, asset or assets that might be compromised, and security components that might be compromised, and your suggestion to mitigate that attack.
**Part C: **Provide 9roper documentation: proper screenshots, how to use it, and a proper demonstration if the tool can be installed (free) and deployed on student’s machine to get the results/report and try to explain their findings
Note: Check useful resources for some useful tools that might shed light on what we expect you to submit in this part of the assignment.
Part D: Risk Management. Perform the following tasks with respect to risk management of the company ABC assets: (a) Identify and Prioritize Assets. Make sure to explain how you have prioritized the assets in your report. You are supposed to include only the asset categories and not their sub-assets(b) Identify and Prioritize Threats and Vulnerabilities for each asset. You need to identify one threat and one vulnerability for each asset. Make sure to demonstrate the respective calculations in your report for 3-5 assets. Make sure to explain all assumptions you have made (c) Calculate risk for each vulnerability and demonstrate how you did the calculation in your report for at least 3-5 vulnerabilities. Make sure to explain all assumptions you have made(d) Prioritize which vulnerability would you address first and why using the cost-benefit analysis method?. Make sure to determine a risk acceptance rate and then demonstrate the CBA for 3-5 risks, what risk treatment would you suggest for each risk according to the risk acceptance rate, and then decide the feasibility for each risk treatment based on the CBA(e) The risk management process shall be done using a tool that can be either a well-documented source code (as ipynp file) of a computer program in Python to perform the statistical risk analysis for XYZ company assets OR a full excel spreadsheet showing all calculations and interpretations. Also, include the source code in the PDF file as an appendix to the report. Note: Check useful resources for some useful tools that might shed light on what we expect you to submit in this part of the assignment.
Reflection: Each student needs to write one paragraph reflecting on their role in carrying out the requirements of this assignment as a member of the team.
References: Cite all used references using APA style.
Submission instruction
Submit PDF file as a primary resource (Template)
Submit Excel sheet as a secondary resource.
Students must use their own words to document the report and refrain from copy/paste from web resources or using AI tools and also cite any references used properly.
Useful Resources
https://www.isaca.org/resources/isaca-journal/issu…
https://www.archives.gov/files/era/recompete/sp800…
https://www.dataskunkworks.com/latest-posts/buildi…
Academic Integrity Disclaimer
I hereby confirm that the work submitted for the assignment is entirely my own. I affirm that I have not used any artificial intelligence (AI) tools or any other unauthorized means to generate answers or complete any part of this assignment. The work presented reflects my own ideas, research, and understanding of the subject matter. I understand the importance of academic integrity and the consequences of submitting work that is not my own. I acknowledge that any violation of academic honesty policies may result in disciplinary action, including but not limited to, a failing grade for the assignment or the entire course.
By submitting this assignment, I declare that I have complied with the academic integrity standards set forth by CIS/ZU. I am aware of the ethical implications of using external assistance and have adhered to the principles of honesty and integrity throughout the completion of this assignment.