Cyber Security Overview & Security Weakness Assessment
Paper 1 – CyberSecurity Overview
Write a three-page background summary that includes a general overview of cybersecurity and a section on enterprise cybersecurity.
Please include the following items in your general overview of cybersecurity:
- Compare and contrast cybersecurity and computer security.
- Discuss Data flows across networks. (Review Bits and Bytes, Non-Textual Data, Evolution of Communication systems, Computer Networks, Network Devices & Cables and Network Protocols if you do not already have a working understanding of these topics.)
- Discuss basic cybersecurity concepts and vulnerabilities, including flaws that can exist in software. (Review Systems Software, Application Software, Software Interaction and Programming if you do not already have a working understanding of these topics.)
- Discuss common cybersecurity attacks. (Review A Closer Look at the Web and Web Markup Language if you do not already have a working understanding of these topics.)
- Discuss penetration testing.
- Discuss how to employ Network forensic analysis tools (NFAT) to identify software communications vulnerabilities.
Please include the following items in your enterprise cybersecurity section:
- List and discuss the major concepts of enterprise cybersecurity.
- Discuss the principles that underlie the development of an enterprise cybersecurity policy framework and implementation plan.
- List the major types of cybersecurity threats that a modern enterprise might face.
Paper 2 – Security Weakness Assessment
Step 1: Analyze OPM’s security from the following perspectives:
- A technology perspective
- A people perspective
- A policy perspective
Step 2: Identify areas that should be improved or strengthened, including potential risks associated with maintaining the current security posture. Discuss how you would employ network analysis tools to identify software communications vulnerabilities. Make sure to include the following information:
1.Classify risks according to relevant criteria.
2.Explain system and application security threats and vulnerabilities.
3.Prioritize risks from internal and external sources.
4.Assess the cybersecurity threats faced by your entity.
Step 3: Develop a two-page summary of your organization’s security weaknesses. Identify threats, risks, and vulnerabilities to achieve a holistic view of risk across the entity.
Consider areas that should be improved from a technology perspective, a people perspective, and a policy perspective. Also note potential risks associated with maintaining the current security posture.
Agency facts: The Office of Personnel Management provides human resources support to agencies of the United States federal government.
Leadership: Beth F. Cobert was appointed acting director of OPM in 2015.
Mission/vision: “We’re responsible for keeping the government running smoothly.”
The breach: Cybersecurity breaches in 2015 affected the data of millions of federal government employees, contractors, and some who may have only applied for a background investigation with the government. In April 2015, OPM reported that 4.2 million current and former employees’ information was compromised. Another breach, discovered in June 2005, involved 21.5 million people. In addition, 5.6 million records of fingerprints were exposed. Names, birth dates, addresses, and Social Security numbers were affected. As of early 2016, it was still unclear who was behind the breach. Notifications to those affected began September 30, 2015, and were expected to last 12 weeks.
OPM.gov. (2016).Our people and organization. Retrieved from https://www.opm.gov/about-us/our-people-organization/senior-staff-bios/beth-f-cobert/
OPM.gov. (2016).Our mission, role, and history. Retrieved from https://www.opm.gov/about-us/our-mission-role-history/what-we-do/ https://www.opm.gov/about-us/budget-performance/strategic-plans/
OPM.gov. (2016). What happened.Cybersecurity Resource Center. Retrieved from https://www.opm.gov/cybersecurity/cybersecurity-incidents/
Peterson, A. (2015, September 23). OPM says 5.6 million fingerprints stolen in cyberattack, five times as many as previously thought. Washington Post. Retrieved from https://www.washingtonpost.com/news/the-switch/wp/2015/09/23/opm-now-says-more-than-five-million-fingerprints-compromised-in-breaches/
Singletary, M. (2015, December 11). What to do if you are affected by the OPM data breach. Washington Post. https://www.washingtonpost.com/business/get-there/what-to-do-if-you-are-affected-by-the-opm-data-breach/2015/12/09/534455e0-9dd0-11e5-a3c5-c77f2cc5a43c_story.html