Each student will conduct and document a personal cyber security risk assessment.
Process
The assessment will include:
1) An inventory of the cyber resources used by the student, including
computers, phones, and other devices, internet access through Wi-Fi,
wireless, and wired connections, types of applications, interfaces,
information storage, and other resources. Be sure to categorize the
resources based on criticality of information, impact of exposure, and
ability to operate (as a student, person, etc.).
2) Identify Threats including natural disasters, system failures, human mistakes, and malicious activities.
3) Identify vulnerabilities in your personal cyber resources.
4) Determine the likelihood of an incident.
5) Assess the impact of a potential threat.
6) Prioritize the Risks either qualitatively or quantitatively or using a combination.
7) Recommend controls you should apply.
Based on their Risk Assessment, they will write a Risk Assessment Report in the format specified in NIST Special Publication 800-30r1