United States Cyber Policy Matrix Question
your team has been given the responsibility of conducting a baseline analysis for establishing a secure communications network for your assigned organization at the summit. The risk assessment process for a baseline analysis requires a multidisciplinary examination of the internal and external cyber environments.
The graded assignment for Project 1 is a Cybersecurity Policy and Baseline Analysis Report, which should be a minimum of 20 pages. There are 16 steps in this project, and it should take about 17 days to complete. This project is longer in duration than others in the course because some of the work you will complete also lays the foundation for work to be completed in Projects 2, 3, and 4. Begin with Step 1, where you will complete preparatory exercises designed to familiarize you with the tools and processes to be used throughout the project. ( I am responsible for only 7 steps)
Project 1: Global Economic Summit
Step 2: Establish Team Agreement Plan
You've completed the preparatory exercises. Now, get started on the tasks that will lead to your final deliverable. For more information about your final deliverable, refer to the following document: Cybersecurity Policy and Baseline Analysis Report Instructions.
The first step is to create the team dynamics you and the other members will need to complete the assignments. As a part of your nation team, an agreement needs to be established in order to work efficiently. Begin by reviewing the team agreement, which includes a suggested schedule for project completion. Your team will use this document as a guide to establish a plan for completing and submitting the group tasks. When your team has completed the plan, the designated team member should submit it for review by following the directions below.
Step 3: Research Your Country's Policies
As a cybersecurity intelligence analyst assigned to your Five Eyes Alliance (FVEY) country's team, there are several documents you will need to provide. Your team’s first responsibility will be to help other countries in attendance understand the policy framework within which your team will have to operate. Do not assume that all countries apply cybersecurity in the same way or with the same intentions.
The first order of business will be to create a spreadsheet or table that represents a Cyber Policy Matrix of your country's policies and/or laws that the government has instituted to address cybersecurity management and technology. You may need to conduct additional research on those policies to complete the matrix. Include a cogent explanation of each item listed.
Each team member should create his or her own matrix using the cyber policy matrix template as a guide. In a later step, you will collaborate with your team members on a revision of the matrix and include it in a set of conference materials to be given to your CISO.
When you have completed the spreadsheet, move on to the next step, in which you will begin to track down who is responsible for the problematic cyber activity at the summit.
Step 6: Prepare and Review Preliminary Conference Materials
Each team member should now have completed his or her own policy matrix and the chain of custody form. In this step, you will review your teammates' materials and collaborate with your team to create one policy matrix and one chain of custody form for your nation.
Use the Discussion area to coordinate and collaborate with your team. Time management is crucial as your team progresses. Be fair with yourself and your team with a plan, schedule, and priorities to set you and your team up for success.
When the team has completed the revised policy matrix and chain of custody form, submit them to your CISO for feedback. Refer to your team agreement to determine who will submit the policy agreement and chain of custody form, and when it will be submitted. Also, share your materials with the other nations within the Discussion area and begin your review of the other nations' matrices and custody forms.
Step 7: Compare International Security Policies
Now that you and the team members have viewed the conference material submission from all the countries, add a column to the policy matrix for each country represented in the conference. In this column, you and the other members of your team will compare each of their policies to those of your country.
In your comparison, be sure to address the following policy aspects of their submissions:
security and risk management
asset security
communications and network security
security engineering policies
identity and access management policy
data acquisition, preservation, analysis, and transfer
If one or more of the other countries lack a specific policy addressing any of these issues, note that in your updated report.
Step 12: Analyze the Security Baseline of the Global Economic Summit
TAKE NOTE
This step includes a mandatory lab exercise. The teams should work together on the exercise, relying on each other’s expertise in the subject area of the exercise. Include the results in your team’s Security Baseline Report.
Your team's analysis of the policy matrix will allow team members to create an overview of the methods used to provide a Security Baseline Report of the organization and the need for evolving summit communications.
Your team's baseline analysis should also include an evaluation of network forensics information such as traffic analysis and intrusion analysis, as well as the type of information needed for any future forensics investigations. The team's evaluation of information needs for network forensics could include what is needed to support security software and hardware across multiple platforms, multiple applications, and multiple architectures to communicate with the other nations. All teams will do this by using security baseline tools to build an audit file and then scan their systems. The systems should be hardened based on the policies, procedures, and standards to ensure desired levels of enterprise-wide information assurance requirements developed by the Global Economic Summit.
In the Security Baseline Report, which also includes the Attribution Report, Network Security Checklist, and the System Security Risk and Vulnerabilities Report, your team will use scanning and auditing functions to determine the baseline security posture of your nation team system and those of the other nation teams.
As you perform your baseline, address the following tasks:
Define the components you are searching for in this baseline determination and what you would do in light of possible disasters.
Include the systems-level diagram of how your nation team is configured, which can be obtained from your lab documentation.
How would you recover information assets, and how would you ensure integrity of data if such a situation were to take place?
What are the steps to producing the scan and audit report? What are the communication ports to be used or closed during operation during the Global Economic Summit?
How will you maintain a baseline of registers and images of data? How would you ensure integrity of these components over time?
What are different ways to implement security controls to a system after the security posture has been defined, in order to meet the policy requirements?
What are the missing security configurations or security updates, if any? Report on how these should be addressed to fortify the security posture of the nation system.
In your scanning, can you determine if there are missing security updates on target computers based on your access? If so, what were they, and what tool did you use for this scan? Is there security from/to the IP network to/from the PSTN caller? You will be given decryption information, and then you will determine what are the data types in transit. Identify if these are image files, or document files, and anything else.
Your team will provide all artifacts from the baseline scanning exercise and refer to them in the security baseline analysis report.
Additionally, you should assess (compare) security issues during the scans and provide issues created by social engineering. You should cover the following testing while implementing network infrastructure contingency and recovery plans in your comparison:
damage assessments
types of vulnerabilities and associated attacks
distributed computing model
information assurance (IA) principles
digital certificates
digital signatures (significance of public-key infrastructure)
These will be provided in the Security Baseline Report. Remember to discuss your findings with your team members while you take part in the lab.
Step 13: Analyze the International Domain
In the previous step, you developed the security baseline report. In this step, your team will analyze the legal and regulatory aspects of the summit.
The Global Economic Summit will encompass a mix of attack vectors, forensic laws and regulations, the international law of cyber warfare (cyber offensives/warfare) and ethics as you have researched and provided in this project. It is your responsibility to report clear, accurate, and honest research. The mobility of devices and data further complicates the tracking and analysis of international incidents. In the field of digital forensics, you use tools and techniques, such as visual analysis, to look at geospatial information and connectivity hops for tracking mobile devices.
Mobile data, including storage in the cloud (i.e., cloud computing), presents even more robust challenges to the investigator. Considerations include incorporating international jurisdictional issues as well as whether all the data can be recovered, even when it can be accessed.
Using the policy matrix created in previous steps, you and your team members will complete a Digital Forensic Environment Review and Analysis of the international laws and regulations that deal with data acquisition, preservation, analysis, and transfer. This environment review and analysis is the Forensic Analysis Report for this project and will be submitted with the International Standards Report.
From the environment review and analysis, what artifacts (digital certificates, for example) do you see and keep track from the network traffic, and how does this information inform you of the security posture of the communications and information-sharing networks?
Your team should now have enough information to create a comprehensive report demonstrating the legal and environmental position of each country involved. There are standards that each country, as a member of the international community of nations, will have included in its laws and regulations.
Your environment review should be three to five pages in length. Your team will submit this review with your Transnational Legal Compliance report, which you will complete in the next step.
This environment review and analysis is the Forensic Analysis Report for this project and will be submitted with the International Standards Report.
Submit the Digital Forensic Environment Review and Analysis for instructor feedback. Note: This review and analysis is part of the final graded deliverable.
Step 15: Review Key International Initiatives
Now that you have looked at the regulations used by the other nations, in this step you will consider international initiatives that foster cooperation with each other.
Among the items identified in the Transnational Legal Compliance Report and the policy matrix from the previous steps are certain international initiatives that each country has undertaken to demonstrate cooperation and compliance with other nations.
From the information you have gathered and what you have learned in previous courses, determine as a team which of these initiatives provides the best opportunity for cooperation among all the delegates at the conference.
Your team should develop a two- to three-page International Standards Report. State your sources and support your recommendations with the facts that have been gathered.
for step 3
18-Project management
16-Security development
14-Security technology
21-Legal and regulatory
those are the parts I have to do on the cyberpolicy matrix
step 2
Cybersecurity Policy and Baseline Analysis Report Instructions
Description of Final Deliverable
As a synthesis of all prior steps in this project, the Cybersecurity Policy and Baseline Analysis Report will integrate the following elements from this project:
Cyber Policy Report: The culmination of your policy research, this report should provide your CISO with an understanding of the managerial, technical, and regulatory positions of the FVEY nations attending the summit. The cyber policy report comprises the following materials developed by you and your teammates throughout the project:
Cyber Policy Matrix: A spreadsheet or table that represents a matrix of your FVEY country’s policies and/or laws that the government has instituted to address cybersecurity management and technology, with a comparison of the other nations’ policies. International laws and regulations that deal with the acquisition, preservation, analysis, and transfer of data will also be included.
Transnational Legal Compliance Report: Itemized appraisal of the compliance requirements that are common among the FVEY nations.
International Standards Report: A review that determines which international initiative is most likely to result in cooperation from all the nations at the summit.
Security Baseline Report: This is a comprehensive analysis of networks, tools, threats, and vulnerabilities surrounding this event. The report comprises three reports: Attribution Report, Network Security Checklist, and System Security Risk Vulnerability Assessment Report. The following materials are developed by you and your teammates throughout the project:
Attribution Report, in which you identify the rogue nation responsible for the breach document, detail your processes, and determine the impact to international relationships.
Network Security Checklist, an inventory of the network’s software and hardware components used to ensure multilevel security.
System Security Risk Vulnerability Report, in which you identify threats to your nation’s communication systems and the potential impact of an exploit.
Forensic Analysis Report: The culmination of your investigative efforts, this report will document the eDiscovery process, your findings, and how they are connected to the countries involved. The Forensic Analysis Report comprises the following materials developed by you and your teammates throughout the project:
Chain of Custody Form, which tracks all digital evidence associated with the forensics investigation.
Environmental Review and Analysis, in which your team assesses the legal, environmental, and security postures of the FVEY nations.
Format of Final Report
The general format for this report:
Title page: This includes the title, team members’ names, program and university, and date of submission.
Abstract: The abstract should briefly describe the background and focus of the project, the methods, tools and techniques used in the project, a summary of results, and conclusions. The abstract should be a maximum of 250 words.
Table of contents
List of tables and figures
Background: This introduction should relate the background of the project, including a statement of the scenario and goals of the project. In one or two paragraphs, analyze the principles of warfare that lay the groundwork for cyber warfare theory and application.
Cyber Policy Report
Methods and techniques: This section will explain the methods, tools, and techniques used in this project so that the reader has a clear understanding and could replicate the work in future research.
Results: This section is a presentation of the collected information and data analysis. Relevant tables and figures should be included. All deliverables within the project should be discussed.
Appendices
Security Baseline Report
Network Security Checklist
System Security Risk and Vulnerability Report
Forensic Analysis Report
Chain of Custody Form
thats twhat is in the hyperlink for step 2
step 3 hyperlink
Five Eyes Alliance
The United States, in cooperation with the United Kingdom, Australia, Canada, and New Zealand established an agreement known as the Five Eyes (FVEY) alliance under which these countries agree to both collect, analyze, and share signals intelligence (SIGINT) and not spy on each other as adversaries (Mansfield, 2017).
The members of FVEY use their technical capabilities to collect massive amounts of information on electronic communications world-wide, to target specific individuals and groups, and to retain information about other persons for extended periods of time. This data is collected at “Special Source Operations” (SSO) locations around the globe and stored in the Five Eyes nations’ databases (Parsons, 2015).
Signals intelligence surveillance plays a critical role in the United States’ cybersecurity and cyber-offense approaches. Its cybersecurity posture is dependent upon the ability to protect and defend communications networks from infiltration, manipulation, and exploitation by adversaries both foreign and domestic. The use of deep packet inspection equipment throughout global networks allows the United States and the other FVEY members to collect metadata and content, and very intricate signals development operations enable access to, infiltration of, and modification of data on the networks of adversaries as part of their cyber-offensive strategies.
Once targets are identified, the SIGINT agencies can then identify groups and their relationships with the adversary under surveillance through the development of communications association graphs. Data collected are analyzed and filtered to examine information that may assist in a specific SIGINT operation. This data can then be used to further target specific individuals and to exploit and manipulate their devices, systems, and/or networks (Parsons, 2015).
One of the more difficult aspects of the FVEY relationship is that of the sharing of intelligence data. Disclosure of the intelligence data isn’t as much of a concern as inadvertent or unauthorized disclosures that put methods, sources, and platforms for intelligence collection at risk. While military commanders have long pushed for a common interface for actionable intelligence that can be using in operations planning, intelligence and political leaders have resisted the broadening of intelligence sharing databases due to concerns about endangering their individual nations’ assets (Erwin, 2015).
References
Erwin, S. (2015, September). U.S. Central Command leads push to connect allies in common network. National Defense, C(742), 20-21. (Accession no. 109203109).
Mansfield, H. (2017, April 1). Using VPNs to protect your Internet privacy. https://haroldmansfield.com/using-a-vpn-to-protect...
Parsons, C. (2015, 23 March). Beyond privacy: Articulating the broader harms of pervasive mass surveillance. Media and Communications, 3(3), 1-11. http://www.cogitatiopress.com/mediaandcommunicatio...
RESOURCES
UK Perspective
Australian Perspective
New Zealand Perspective
US Perspective
Canadian Perspective