Create a 20 slides PowerPoint with notes that would be presented to the CISO and the nation's leader concerning attacks, evidence acquired, attribution, impact, business recovery, and remediation success. Areas that should be discussed are defined below.
Use this opportunity to describe not only what occu
ed during the attack and the results of evidence items but also how operations and communications can be done in a secure fashion. Also describe the need for information sharing and how it can be possible between nations and private business operations without source attribution. Is source attribution needed?
Use this opportunity for any lessons learned throughout the project that IT staff can take back to business units to incorporate into daily operations. Recall the threats you received. If you were the leader of the group, what would you want the CISO to know in case of an event? What could have been identified earlier as a critical system that may have been protected? Also, take a look back at your team's BCP and discover any setbacks that may happen once an event occurs. Describe any additions or changes that you would incorporate in the plan. Describe the following information in your power point at a minimum and additional topic that could better the operational tempo of business units.
Recovery: How the incident was contained and eradicated
· The work performed during recovery
· Areas where the incident response team was effective
· Areas that need improvement
· Which security controls failed (including monitoring tools)?
· How can we improve those controls?
· How can we improve the security awareness programs?
· What were the cu
ent operating system vulnerabilities that were leveraged to execute the attack?
· How can managing patches and basic operating system security enhance security from known threats?
PROJECT 3 - CISO FINAL DELIVERABLE 2
LOCK DOWN
PROJECT 3 - CISO FINAL DELIVERABLE
University of Maryland Global Campus
CYB XXXXXXXXXXCapstone in Cybersecurity
Professor Glebocki
Table of Content
Introduction --------------------------------------------------------------- XXXXXXXXXX3
Cyber Operations and Risk Management Briefing ------------------ XXXXXXXXXX3
Next Steps for the Computer Security Incident Response --------- XXXXXXXXXX9
Intelligence De
iefing ------------------------------------------------- XXXXXXXXXX13
SITREP 1 ----------------------------------------------------------------- XXXXXXXXXX20
SITREP 2 ---------------------------------------------------------------- XXXXXXXXXX23
SITREP 3 ---------------------------------------------------------------- XXXXXXXXXX31
Business Continuity Plan ---------------------------------------------- XXXXXXXXXX37
Conclusion -------------------------------------------------------------- XXXXXXXXXX47
References -------------------------------------------------------------- XXXXXXXXXX48
Introduction
Before the summit began, each nation and its cybersecurity team were tasked with the responsibility of creating a secure network capable of responding to any malicious network activity. A malicious actor was, however, able to circumvent the security measure, install a malware and gain unauthorized access to the network server. Each nation at the summit received an e
or message – ["Your Computer has been involved in Computer Fraud Activity!!! and has been locked down by the FBI and the Justice Department. Unless you pay the sum of $500 (FIVE HUNDRED DOLLARS)—in Bitcoin you will be a
ested immediately! You have 48 hours to pay up via email - XXXXXXXXXX."] - when they tried to log in to their system the following morning. After they saw the message, an emergency meeting was called to discuss mitigation strategies that would resolve the attack. Although the decision was split, the United States and its cybersecurity team decided to resolve the attack by implementing specific measures that would quickly pinpoint the computer system/identify the vulnerability that the hacker was able to exploit. This paper will list a series of reports and recommendations on how the United States’ cybersecurity team wishes to handle this attack.
Cyber Operations and Risk Management Briefing
Software Assurance Needs and Expectations
The level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its life cycle, and that the software functions as intended by the purchaser or user (NIST, n.d). Software assurance needs to define the assurance objectives and drive technical requirements whereas the expectations help define management issues. Software assurance must meet security needs, and threats to information, and the information system falls part of the software assurance needs. Software assurance also requires risk concerns to be aligned across all stakeholders and all interconnected technology elements. As part of the expectations for software assurance, it is expected that attacks will occur. It should also be expected that time constraints and costs should be managed properly regarding the software. It is also expected that software assurance shall be well planned and dynamic and that a means to measure and audit the overall assurance should be built into the software assurance documentation.
Key Attributes of The Software Development Life Cycle
The Software Development Life Cycle has certain characteristics that are significant for the software development process. Firstly, each module of the software development project should be thoroughly tested before another module begins and project requirements should be measured against actual results (SDLC Characteristics, XXXXXXXXXXMilestones and deliverables should be included in each step of the development of the software. Secondly, the level of risk should be identifiable. Thirdly, there should be end-user involvement in every phase of software development. Fourth, the project model structure and function should be properly documented. The fifth is the continuous maintenance of the software, and lastly, the software should have properly structured time constraints.
Identification of Supply Chain Risks and Challenges
As with any process used in cybersecurity, there are risks prevalent to the supply chain in the development of an application or software. Some of the risks posed to the supply chain include.
· Insufficient monitoring of supply chain performance
· Risk of suppliers going out of business
· Risk of liability due to material lapses
· Risk Natural disaster disruption
Of the widespread challenges facing the supply chain risk, some of the most prevalent are outlined below:
· Lack of resources, tools, data, and platforms to capture, analyze and integrate supply chain risk into the supply chain management process.
· Lack of understanding of supply chain risks and concerns among stakeholders.
· Inventory management challenges.
· Cybersecurity concerns.
Identification of Vulnerabilities in the Existing Software Used
Vulnerability scanning is essential to identify vulnerabilities in the existing software used by the organization. Proper and regular (depending on the needs of the organization and to meet compliance requirements) vulnerability scanning will help to identify the risk or threats that the organization may face. The Open Web Application Security Project (OWASP) is a resource to help familiarize with the top 10 application security risk and can be used to identify vulnerabilities in existing software. Common software vulnerabilities include missing data encryption, OS command injection, cross-site scripting and forgery, URL redirection, and path transversal (ŻEgota, 2021).
Identification of Software Options that Could Meet Organizational Needs
The software that could meet the organization’s needs are those made using the agile development model, spiral model, and iterative model. All these models present both advantages and disadvantages. The organization will need to weigh its needs in terms of continuous operation and performance of the software as well as the security provided with the software option.
Evaluation of Software Options and Recommendations
Agile software is the recommended software. Agile software development focuses more on team interactions, customer collaborations, user involvement, and quick response to changes. Agile software development will help deliver the needed software for this mission faster, easily manage changes to the federal government priorities and increase productivity. However, agile projects face risks associated with timeline, budget, and scope creep (Raphael-Rene, XXXXXXXXXXTimeline issues revolve around the number of available resources to do the work and effort needed to meet the project’s requirements. Like any schedule planning, things can go awry (such as losing talented and efficient team members during development) which can delay the progress of a project. For every software project, an inaccurate budget plan or running out of the budget with no reserve to fall on can affect the development process. Certain circumstances such as delay in delivery of the software can have negative impacts on the planned budget for the project. It is easy to fall into scope creep when it comes to agile projects (Raphael-Rene, XXXXXXXXXXThis occurs when requirements are not properly defined from the start of the project. Additions can that were not agreed upon initially can thus be slipped into the mix.
The Spiral Development model software is a
idge between the traditional waterfall and the agile development which can be an alternative software framework for this mission. It incorporates waterfall planning, and upfront discovery to provide the level of certainty required in installations (Feeney, XXXXXXXXXXIt also allows for rapid iterations once certain variables are known. The greatest advantage when it comes to Spiral development is the fact that it builds on existing capabilities and assets as opposed to starting up new documentation. Spiral is also risk-driven and based on the unique risk patterns of a project such as ours, the model will guide the team to select and implement elements of other models such as waterfall, incremental or evolutionary prototyping.
The iterative model software is another ideal alternative. This is because this model is for large mission-critical enterprise applications (Shiklo, XXXXXXXXXXThe software is delivered in parts, unlike the waterfall where there is a full specification for the start of the project. This model makes room for small changes in the requirements during the development process. This does not however imply that requirements are not specified at the beginning of the project. They are and make room for future amendments to suit the needs of the project
Evaluation of Supply Chain Options and Recommendations
The supply chain considers the flow of information, the product, and the money involved. Aligning the supply chain with business strategy is therefore important to ensure a high level of business performance. In view of that several supply chain options can be considered that best match the factor criteria that drive the organization.
The continuous flow option is best if the organization demands a steady cadence and continuous flow of information. This option considers the customer’s demand profile with little variation and the production workload can match a continuous replenishment model (Perez, XXXXXXXXXXThe agile supply chain option takes into consideration unique specifications for the customer. The idea is to meet unpredictable demand, exceeding the customer’s forecast. The custom-configured supply chain option is characterized by comparing the relevance of assets cost to the total cost, and unlimited configurations of the finished product (Perez, XXXXXXXXXXThis option competes with other options such as agile by offering a unique configuration of the finished product according to the needs of the end-user.
Evaluation of supply chain options considerably depends on the organization’s strategic objectives, areas of interest covered, fulfilling expectations sufficiently, and internal element consistency (Perez-Franco et al., XXXXXXXXXXIn view of that, a custom-configured option is appropriate for this project.
Explanation of the Costs Involved in the Recommendations
The total sum required for the recommendations will include the sum of the people involved and the time required. This implies the team or labor and their hourly wages. Every project is unique and its costs in influenced by certain factors including the type and size of the project,