Cybercom is corporation that designs and manufactures proprietary communication devices. One of Cybercom’s most important contracts is with the United States Department of Defense (DoD), producing small communication devices that are small enough to fit in a soldier’s helmet, but powerful enough to reach communication satellites in orbit. The encryption and communication technologies used in the devices are highly classified and closely guarded. As part of Cybercom’s contract with the DoD, the company is required to conduct a formal security risk analysis of its internal network in order to identify security vulnerabilities and prevent network breaches.
Cybercom’s security risk ...view middle of the document...
24). In conducting the assessment, specific threats and vulnerabilities are identified, as well as the likelihood of such events and the potential damage each may cause. The third stage of the assessment process is to compile the information researched, and report it to management, with which top level decisions can be made. The final stage of the risk assessment process is concerned with two main points; lessons learned through the practice of security and updating security procedures as threats and vulnerabilities change over time.
The risk assessment process is performed with three target categories in mind which conform to the NIST risk management hierarchy; tier one – organization, tier two – mission/business processes, tier three – information systems (NIST, 2012, p.17). The organization tier involves the policies and operations of the organization. The mission/business tier takes into account organizational security procedures and protocols, as well as business continuity plans (BCP), in the event of a disaster (NIST, 2012, p.19). Lastly, the information system tier is the section associated with hardware and automated security controls of information systems.
The Investigation Plan
The primary concern of Cybercom’s risk analysis is to determine the resilience of its internal network to cybercrime and system breach, leading to the compromise of sensitive data. The strategy that was decided on is to conduct the risk assessment, and evaluate the results using risk levels that are determined by assessing the likelihood of an attack vector versus the potential damage it may cause. The assessment is a two-fold process; assess vulnerabilities from within the organization, and simulate threats from outside the organization to determine the likelihood of successful attacks. Forensics tools and techniques will be used on devices to establish the adequacy of security measure on such devices.
One of the major threats to Cybercom’s sensitive data was identified to be the loss or theft of company cell phones. To test this vulnerability, various cell phones that have been used by employees with high level security clearance were tested...