COMP2216 Principles of Cyber Security Management


The purpose of this assignment is to identify, critically assess and apply the necessary security controls to mitigate cyber threats in a complex distributed environment (hypothetical scenario) and create a realistic plan of action for data governance. A technical report will be produced to document the threat analysis process and its outcomes. Ability to write concisely will be considered in determining the quality of the writing.

A large manufacturing company has a headquarter office and two sections in each of three sites, distributed in England, Scotland and Wales, respectively. Each section has a local network system and has a SCADA (supervisory control and data acquisition) system for business operation. The SCADA system contains real-time sensor data and routine administrative information, and maintains a large amount ofcritical data and sensitive information. To ensure better management, these local networks are connected to the company intranet. However, this also means increased potential security risks to the systems from the internet. For instance, the SCADA system was originally designed for use on physically isolated and trusted networks and the operating systems and software application were not upgraded, which contain known vulnerabilities. You are a cyber specialist and are tasked:

1) To provide Security risk assessment and analysis

2) To recommend further action for improvement including robust authentication mechanism, security controls and mechanisms for mitigation

Analyse the effectiveness of various identity management and authentication techniques and technologies, to support authorisation and accountability in distributed systems.

Describe and discuss the concept of usable security, human factors of cyber security and security awareness to mitigate threats.

Recognise a data management plan and align a data governance for protecting personal and organisational information.

Identify and apply various security controls and mechanisms used to identify and mitigate attacks.

tag Read less

Leave a Reply

Your email address will not be published. Required fields are marked *