Identifies the specific threat actors most likely to target NorStud. Explains why those actors in particular are a threat (why are they more of a threat than other actors).
It needs to cover the three main points highlighted on the cover letter:
• Main Threat Actors – These are the main threats posed to NorStud and who would likely target the company
• Detailed Report – This is the detailed section that goes into why these threat actors pose a threat more than other possible actors.
• Proactive Steps – These details out the next steps that need to be done to help mitigate the threat posed by the main threat actors.
Sources are listed with the cover letter, please try and use them
Instructions are listed below:
You are the IT Security Lead at your company, NorStud Enterprises. Your staff consists of three (3) employees and you.
NorStud employs 500 people, including doctors, medical researchers, engineers, and marketing, customer relations, billing and support staff. The company develops, manufactures and sells medical devices to hospitals worldwide. The company holds patents for a dozen devices, and is in consultation with overseas countries for a possible joint venture in Asia.
Norstud maintains intellectual property, customer and employee records, contract negotiation materials, and financial and billing records on its networks.
NorStud has revenues of about $500 million a year.
The CEO has been reading about cyber-attacks and compromises striking government and business offices “all over the place.” She is concerned that NorStud will be next, and turns to you to help her understand the scope of the problem and what to do next.
Prepare a 2000 word paper, addressed to your CEO, that:
Identifies the specific threat actors most likely to target NorStud
Explains why those actors in particular are a threat (why are they more of a threat than other actors).
Proposes actions NorStud can take to mitigate the threat from the threat actors you’ve identified.
Students have broad leeway to develop this paper as they see fit, as long as it addresses the above. However, the ideal paper will not only satisfy the above
requirements, but will also:
Demonstrate knowledge of why some actors pose more or less of a threat than others
Recognize the potential value of NorStud’s information to potential threat actors and how they may use that information
Not only identify broad groups of threat actor, but identify specific subgroups or actors and specific incidents that focus the threat more narrowly
Consider mitigation steps that go beyond purely technical solutions
Address the risk-benefit balance of suggested mitigation steps.
Incorporate real-world current events
If you are a small business owner worried about a cyberattack, you have good reason to be. The cost of a single data breach can be devastating—up to five figures or more per single lost record. In the event of a serious cyber attack, 60 percent of small businesses will fold, according to recent estimates. Even worse, only 14% of smaller companies are adequately prepared to defend themselves from attack. It you want to stay one step ahead of hackers, your company needs help. It’s time to enlist a managed services IT provider to conduct a comprehensive cybersecurity risk assessment.
A cybersecurity risk assessment is a comprehensive look at your security procedures and your data handling, and it exposes your vulnerabilities. If you haven’t had one done recently, we recommend you have one done sooner, rather than later. What can an assessment do for your company?