CMP 610 9040 UMGC Security Vulnerabilities for Capital One Project
Project 4: Attack Vector SolutionsStep 1: Define Vulnerabilities, Threats, and RisksVulnerabilities, threats, and risks are important to understand in order to evaluate and ultimately improve security posture by mitigating risks. Your organization’s security posture will determine its cybersecurity policies. Assessing risk is key in this process.Define vulnerability, threat, and risk. Consider their relationship to one another and how they relate to the security of networks and data.You will use this information to complete your vulnerability assessment. Review topics as needed from previous projects: creating a program, systems, utilities, and applications software, and interaction of software.Step 2: Identify Examples of Vulnerabilities, Threats, and RisksIn the previous step, you familiarized yourself with the concepts of vulnerability, threat, and risk. You now understand their relationship to one another and how they relate to security. In this step, you are going to identify at least two examples of a vulnerability, two examples of a threat, and two examples of a risk in each of the following categories:technologypeople (human factors)policyIdentify a minimum of 18 examples. This will assist you in conducting the vulnerability assessment and developing the educational brochure. Review topics such as basic elements of communication and computer networks.In the next step, you will look more closely at current vulnerabilities and threats.Step 3: Identify Current Vulnerabilities and ThreatsAfter defining and identifying examples of vulnerabilities, threats, and risks in the first two steps, you should understand the basic concepts of vulnerabilities and threats as they apply to general cybersecurity. However, vulnerabilities and threats are dynamic: They can evolve with changes in technologies, changes in adversary capabilities or intentions, or changes in human behaviors and organizational policies.It is important to understand current vulnerabilities and threats and their applicability to the larger community as well as to your organization (e.g., critical infrastructure protection), so that you can make informed recommendations on how/whether to mitigate them. Identify current known vulnerabilities and threats that could affect your organization. The vulnerabilities and threats that you identify will be necessary for your final presentation.List a minimum of two current known vulnerabilities and threats involving the following:people (human factors)technologypolicyWhen complete, move to the next step, where you will take part in a simulation.Step 4: Vulnerability Assessment and Operational SecurityTo prepare for the upcoming vulnerability assessment. You will learn how to maintain effective audit, risk analysis, and vulnerability assessment practices in a fictional scenario. You will also review risk and vulnerability analysis tools. You may want to review some topics from earlier projects: network devices and cables and network protocols.Take notes during the learning as the information will be helpful during your own vulnerability assessment in Step 7. Specifically note the major components of cybersecurity architecture, architectural methodologies for the physical structure of a system’s internal operations and interactions with other systems, and architectural methodology standards that are compliant with established standards or guidelines.When you have completed the learning, move to the next step, when you will consider attack vectors.Step 5: Identify Attack VectorsAttack vectorsare the means by which vulnerabilities are exploited and threats realized. As a result, understanding attack vectors is critical to developing impactful mitigations. Identify applicable attack vectors, the weaknesses exploited, and the means used to gain access based on the vulnerabilities and threats identified in Step 2. Also note the common types of cyberattacks.The attack vectors and weaknesses that you identify will be necessary for your vulnerability assessment and final presentation. You may want to review some topics from earlier projects: a closer look at the World Wide Web web markup languages, and web and internet services.Identify attack vectors and weaknesses exploited via the following:hardwaresoftwareoperating systemstelecommunicationshuman factorsIn the next step, you will take a closer look at the importance of attribution.Step 6: Examine and Identify Known AttributesAttribution is often difficult, if not impossible, to identify. One reason is the anonymity afforded by the internet. Another reason is the potential sophistication of malicious state actors and nonstate actors who are able to disguise themselves and/or exploit an innocent and often unknowing computer user to achieve their goals.Attribution is desired because knowing who is behind an exploit can provide insight into the motivations, intentions, and capabilities of threat actors. Understanding attack vectors used by threat actors provides key insights that help to build stronger defenses and construct better policy management.To complete your vulnerability assessment, you will need to first do the following:From the attack vectors identified in the previous step, determine if attribution is known for the threat actor (e.g., name of nation state, nonstate and/or hackers and threat actors) most likely involved in exploiting each weakness.Categorize the threat actor(s) based on attribution for previous exploits, likely targets, and rationale(s) for targeting/exploitation (e.g., profit, political statements, extortion, etc.).In the next step, you will compile your findings from the past few steps on a spreadsheet.Step 7: Submit a Vulnerability Assessment Spreadsheet (1 page)From the results of Steps 4, 5, and 6, develop and submit a spreadsheet that includes the following:characterization of current and emerging vulnerabilities and threatsidentification of the attack vector(s) employed against eachyour assessment (high, medium, or low) of the impact the vulnerability could have on your organizationMake sure to address security architectures, including components, specifications, guidelines, standards, technologies, etc. Also consider international threats and attack vectors. This assessment will be included in your final presentation.Step 8: Identify CountermeasuresNow that you have assessed your organization’s vulnerability, you are ready to identify possible countermeasures. Identify specific countermeasures that will address the vulnerabilities/threats to your organization that you summarized in the previous step.Review best practices as well as any published mitigations for the specific weaknesses identified. Include both cyber defenses and, as appropriate and legal in the United States, cyber offenses (cyber offensives/warfare). Make sure to address key cybersecurity technologies, methodologies, standards, and legal compliance.Record the findings to be included in your upcoming white-paper resource for the final presentation.You will need to figure out the cost of your security solutions, and you will do that in the next step.Step 9: Determine the Cost of Security SolutionsOnce you have identified possible countermeasures for your organization, you will need to determine their cost. Discuss the relative financial impact of these countermeasures, considering appropriate technology and policy changes to address cyberthreats at the enterprise, national, and international levels as a result of procurement, implementation, and maintenance. Also consider the policy and technology trade-offs at each level.Rank the countermeasures according to cost and effectiveness. Record your findings to be included in your upcoming white-paper resource for your final presentation.In the next step, you will be asked to consider how successful your mitigations will be.Step 10: Assess the Potential Success of MitigationsNow that you have identified countermeasures and their costs, develop an assessment of the likelihood of success of the mitigations when implemented as you prescribe. Criteria to be considered should include the following:ease of implementation (technically as well as from a policy perspective)ease of adoption by the workforceimpact on ability to perform the organization's work (e.g., is productivity affected are additional steps required that impede workflow?)record of success of this mitigation on the same/similar weaknesscost (as a factor of the overall budget of the organization, e.g., will significant trade-offs have to be made in order to invest in this solution?)leadership supportRecord the findings to be included in your upcoming white-paper resource for the final presentation.Step 11: Submit the Countermeasures White Paper (3 pages)Compile your findings from the last three steps and submit a three-page paper that describes the countermeasures, cost, and potential challenges with implementing them in your organization. This paper will provide much of the basis for your final presentation. Make sure to include the following:critical issues in cybersecurity management and technology policyprinciples of cyber warfare theory and application (cyber offensives/warfare)various concepts of enterprise cybersecuritycybersecurity standards organizationskey initiatives in international cybersecurity policy advancesStep 12: Summarize the SolutionsIn order to develop recommendations to include in your presentation, you must prepare your solutions. Summarize recommended solutions to mitigate the vulnerabilities and/or threats as identified in Step 10, with at least two recommendations each in the categories of people, technology, and policy. Rank your recommended solutions by both cost and effectiveness. You will use this solutions summary to develop your recommendations in your final presentation.Step 13: Develop Your Security RecommendationsYour presentation will also need to consider an overall security strategy. Develop the overall way forward for your company that includes an explanation of the current security environment in your organization, identification of security vulnerabilities and threats, explanation of attack vectors, and recommended solutions. Refer specifically to the information prepared in Steps 4 through 12. Your recommendations must meet the following criteria:coincide with IT vision, mission, and goalsalign with business strategyincorporate all internal and external business functions within the organization’s security programcreate an organizational structure, if it does not already exist, to operate the security program and align it with the entities of the organization as a wholeinclude a rough implementation planevaluate the effectiveness of the security programThese recommendations will be the focus of your presentation.Step 14: Submit the Presentation (18 slides)You now have the information needed to develop the slide presentation that John requested for senior management. The presentation should clearly explain current known weaknesses in your organization’s security (to include people, technology, and policy) that could result in successful exploitation of known vulnerabilities and/or threats.Develop a narrated slide presentation of 16 to 20 slides that concludes with the recommended way forward (e.g., continue to accept risks, accept some risks (identify them), mitigate some risks (identify them), mitigate all risks, etc.).