This assessment is designed to assess your technical skills in investigation IS security, risk threats and
management to an organization. The assessment is also assessing your skills to evaluate risk
management techniques and IS auditing. You are required to select an organization that uses
information systems to perform daily business operations. You have to identify the most valuable
assets for the organisations and investigate the security threats and mitigation techniques. You have
also to propose/evaluate the risk management techniques adopted by the selected organization to
ensure the reliability, confidentiality, availability, and integrity. You have also to discuss audit plan
and processes used by the organization and investigate the impact of human factors on security and
risk management.
Task Specifications
This assessment includes three tasks as follows:
Task-1:
Steganography is the practice of concealing a file, message, image, or video within another file,
message, image, or video. Use Steghide tools available in Kali Linux/Linux to hide a text file that
includes your group students names and IDs on audio file. You have first to create audio file with no
more than 30 second to record your group students names only. Then, you have to create text file to
include group details include names and student IDs. Finally, use Steghide tools (use APIC as
passphrase) to embedded your text file into the created audio file.
In your report, you have to provide screenshot demonstrate the steps with the commands you
followed during the process of installation of Steghide, and the way use used to hide group
information text file into audio file and finally the steps to extract the text file from audio for
verification of your work.
Task-2:
Access control is granting or denying approval to use specific resources. Technical access control
consists of technology restrictions that limit users on computers from accessing data. In this project
you have to
In this task you have to work in a group to understand Access Control List (ACL) and files system
security using Linux environment. You have to complete the followings tasks using kali Linux or any
Linux OS
Assignment Solution
Assessment 1 – Case Study Report
Introduction
ASD’s ( Australian Signal Directorate) ACSC ( Australian Cyber Security Centre) is well-informed about the fact that the players of APT ( Advanced Persistent Threat) are vigorously aiming at the different health care companies as on the medical exploration provisions (Coventry et al., 2018). The main purpose of the report is to elucidate about the current form of the security attacks, safeguarding mechanisms as well as about the different hazard management techniques. In this context, the first part of the report will discuss about the different kinds of a threats that is being encountered by health care industry-based companies in the country of Australia. In the second part of the report, the discussion would be about the identification as well as the categories properties, consisting of the complete components of the system of an organization, that is the different individuals belonging to an organization, processes, particulars, statistics, hardware, software and the network system of an organization based on the case study given for the purpose of this report. In the next of the report, the various threats that the determined properties of the organization are likely to encounter will be discussed. In this context, the discussion would also be about the method to give importance to such types of threats with proper explanations. In the final part of the report, the five basic security principles would be explored along with the computer security elimination as well as regulations proposed by the ACSC in terms of the health-care industry of Australia.
Threats Faced by the Healthcare Industry- Australia
Threat | Summary |
Cloud Security | Security as well as adherence-based threats is a matter of significant concern for the healthcare companies in the country of Australia. The reason behind it is that healthcare companies are required to manage a wide range of private documents and the pressure for the same is bourne by the IT ( Information Technology) employees of that particular organization (MacIntyre et al., 2018). Moreover, the IT employees experiences a huge number of problems in terms of executing their healthcare IT work output on the cloud. The key threat in this context, lies in the violation of a particular regulation as well as component of the grace of the cloud system from a negative point of view. In this way they are not required to consume exploration time having a look at the elements on the premises. Moreover, they face a number of issues in terms of monitoring the traffic as well as information in and out of the cloud system. Furthermore, it requires a great deal of efforts to protect the profile even more than it is required to attack them. |
Unlocked mobile objects | A downpour of connectivity is determined to constantly serve to be critical issue for the security of the healthcare industry. In this context the moment when an employee of the healthcare organization gets moving then impulsively the view of the concerned organization transforms in terms of the security related issues (Williams et al., 2015). This is known to be a matter of huge concern. Furthermore, when the question is about the BYOD regulations in terms of the healthcare organizations, gaining permission to the various devices along with the security issues related to it should be considered in the manner in which a system would be configured and this should be treated as a matter of immense importance. |
Ransomware | It has been determined to be a critical danger posed to the healthcare industry in the year 2019. Moreover, it is also required to be noted that a significant portion of the ransomware was proliferated via the act of phishing. Phishing in this context is known to be a user-oriented technique that manipulates different individuals in the course of allowing detrimental networking connectivity. |
IoT ( Internet of Things) Exploitations | In this context, issues have been determined in terms of the security as well as the confidentiality of the data at a very significant level. Apparels, inculcated IoT healthcare objects like that of insulin machines, pace-makers as well as different displays are prone to various different security attacks. Moreover, the assemblage of the IoT objects and security threats are strictly integrated together with a critical problem in relation to the privacy of the information to assemble, save and send (Mackey et al., 2016). Furthermore, it has also been determined that there are numerous IoT objects which doesn’t have the potential to provide an assistance in terms of end-point source of security. In this context, it has been determined that the IoT appliances doesn’t have the potential to obstruct an authentication of suspicious actions or an assault. Additionally, due to the massive magnitude of the variance in the applications being hosted on the IoT appliances, creating an endpoint source of security has the potential to be a major operational as well as machine related issues. |
People | There is an absence of proper knowledge as well as consciousness on cyber security issues on the part of the employees of the healthcare organizations (Abouelmehdi et al., 2018). It has been determined from several surveys that the healthcare employees are not prepared and also doesn’t have an adequate level of knowledge on the security related regulations. Due to this critical information of the patients are exposed in an inadequate manner. |
Identification & Categories Assets
Identification of Software, Hardware & Networking properties
It doesn’t matter whether the stock booking procedure is executed physically or it makes use of an automated procedure, it is essential to have an adequate amount of planning in the concerned direction. Moreover, it is significant to find out that which feature of the concerned set of information property should be monitored. The associated procedure of identification will be on the basis of the requirement of a particular company as well as the hazard handling initiative embraced by that particular company (Austin et al., 2016). Furthermore, it also takes into consideration the various requirements of the data security procedure as well as that of the IT groups.
Here are the few features that is required to be monitored for every property of a particular set of information:
- Title
- IP location.
- Kind of properties.
- Sequential order.
- MAC location.
- Name of the developers.
- Product or component number of the developer.
- Software edition, upgrade improvement or even FCO order.
- Manual address.
- Perceptive address.
- Regulating article.
Identification of Individuals, Processes & Information properties
This includes the accountability for determining, elucidating as well as measuring the properties of the data should be allocated to the management who has the significant level of expertise, exposures and critical thinking skills (Cherdantseva et al., 2016). When these properties have been determined, an initiative should be taken to document the same through the application of an information management procedure like the one that is applied for software as well as hardware products. These consists of the following:
- Individuals
- Designation
- Name of the manager
- Security checking stage
- Unique expertise
- Processes
- Elucidation
- Objectives
- Components of hardware, software as well as networking.
- Storage address for the purpose of being referred to at a later stage.
- Storage address for the purpose of any revision taking place.
- Information
- Categorization
- Data developer
- Magnitude of the data format.
- Format of the data.
- Virtual or offline
- Address
- Storage processes.
Categorization of Assets
When the basic stock has been collected, then it is very much significant to find out that if the type of the concerned properties is relevant to the threat handling process of a particular organization or not. Moreover, it also needs to considered that if the concerned stock is depicting any kind of an importance given to the element of reactiveness as well as to the element of security that has been allocated to every property in concern. Furthermore, in this context, a categorization program should be created that will divide all the properties of data on the basis of their reactivity as well as security requirements, for example, privacy, intrinsic and public. Additionally, all the allocated categories of the data property, assigns the extent of security required for specific series of information. There are certain types of properties like that of the executives that might require an optional categorization program that would determine the data protection procedures applied by the particular category of the properties. The process of categorization should be a detailed procedure and commonly segregated.
Identifying & Prioritizing Threats
Types of Assets | Prioritization of Threats |
People | It has been determined in this context, that people working in an organization are not aware of the appropriate security techniques hence they get prone to unintentionally, imposing the crucial information of the company to the attackers (Anwar et al., 2018). In order prioritize this it is required to train and educate the employees of the organization about the proper measures to ensure the security of the data of the concerned organization. |
Processes | The different procedures adopted by an organization is also prone to a huge amount of cyber security threats. Hence, the principle of layering should be implemented to ensure the security of each and every layer of a process. |
Data & Information | If the access to the data of an organization is not restricted, there is a great risk of being prone to cyber attacks. In this context even the access to view data should be limited to prevent such attacks (Jones et al., 2018). |
Software | If one type of a software product is used it will be highly prone to the risk by the attackers. In the order prevent his software components from different distributors should be purchased making it difficult for the intruders. |
Hardware | It is easy for the attackers to determine the weak-point of a hardware and intrude. So, care should be taken not to disclose any such information that will help the attackers to intrude the system (Sanjab et al., 2016). |
Networking | Unnecessary communication among the provisions and the host can pose threat to the networks (Rahmann et al., 2015). Moreover, if such communication is limited, the possibilities of cyber attacks would be high. |
Analysis of the Fundamental Security Principles with Cyber Security Mitigation Recommendations
- Layering- According to this principle of cyber security, it is important that data security should be established in the form of layers. It would comparatively simple for a hacker to intervene against a single protection technique, hence it is important to have layers making it complex for the hacker to break all the different layers of security techniques that has been implemented. Moreover, the concerned perspective plays a significant role in preventing various kinds of an attack and it is determined to offer a holistic level of information security.
Thus, in this context, MFA ( Multi-Factor Authentication) technique has been proposed by the ACSC, through which an organization can protect itself from obtaining an illegal permission to a specific system or a location and thereby compromising certain private set of data (Sun et al., 2018). Moreover, if MFA is executed in an appropriate way, it will make it completely complex for an attacker to gain access to a regulated set of information and thereby enable more suspicious operations taking place in that particular platform. Hence, by making use of the concerned technique of authentication mindless source of attacks can be avoided.
- Limiting- According to this principle, if the permission to view a specific set of information is minimized then consequently the risks prone to that set of information will be reduced. In this way, individuals having the permission to view a particular information will only view it (Offner et al., 2020). Furthermore, the permission given to an individual to view a specific data should also be restricted to certain extent, wherein they should only be given permission to view that information that is required by them for a particular task of an organization. For instance, a computer technician should only be given permission to update the data on a regular basis and not to gain an access to check the salary of vice-chairman of the concerned organization.
In this context, it has been recommended by the ACSC that where ever it is possible it is significant to obstruct the macros from the web and permission should only be given for the purpose of implementing a scrutinized as well as validated macros (Fielder et al., 2016). There are multiple situations, wherein a basic infection is caused to a particular system through implanted macros in terms of MS Office file. Hence, if all the irrelevant macros are obstructed the potential of the threats posed to a system will also be minimized.
- Diversity- It has been determined from the concerned principle that it has a deep connection with the principle of creating layers of security. As per this principle of security, the security layers established should be distinct, such that if the intruder has gain access to one layer of security, he or she will not able to implement the same mechanism to obtain an access to other layers of protection. This means that if a single layer of protection is breached the protection of the complete system will not be at stake (Ding et al., 2018). For instance, a company can apply the security commodities from different distributors, so that is not possible for the intruder to get through all the layers of security.
In this context, it has been recommended by the ACSC to make use of components of different types of software to resolve different types of issues like that of the issues in connection to the risks of computer security.
- Obscurity- As per this principle of security it is important not to reveal the kind of computer system, the kind of the operating system, networks or even the software which the concerned computer system is using. If this is not taken care of then the intruder can easily find out the weak-point of the machine and attack it accordingly (Colarik et al., 2015). However, if an organization is successful in maintaining this principle, then it will take huge amount of hard work on the part of the hacker to retrieve such data.
In this context, it has been recommended by the ACSC to warn as well as provide knowledge about the same to the employees of a particular organization. The employees of an organization should be trained not click on any e-mail that they find to be suspicious and they should not even scan any e-mail consisting of any suspicious documents as this can intrude in to the computer system of an organization and obtain all the vital data.
- Simplicity- According to this principle, a security system should not be complicated which means it should be easily understood by the internal employees of an organization but it should be difficult to depict it from outside.
In this context, it has been recommended by the ACSC to create and implement a set of rules and regulations that will only enable restricted level of communication in between particular hosting system as well as the provisions. Furthermore, in order to ensure simplicity, it is recommended to have updated IRP ( Incident Response Plan) in place so that they will be able to react any kind of impact from the ransomwares (Björck et al., 2015). Additionally, it is even recommended to back-up the important data of an organization on a day to day to basis so that it can be simply retrieved in case of an attack by the ransomwares
Since a healthcare organization contains massive level of confidential information of their patients, there is a high possibility of them being prone to an attack by the ransomwares. Thus, it is recommended by the ACSC to take the back-up of their computers, IoT objects and also make use of automatic backing up mechanism to prevent the loss of crucial data-sets (Štitilis et al., 2016).
Summary
Through this report it has been determined that the various kinds of threats posed to the healthcare organizations of Australia includes, the cloud security, IoT objects, ransomwares and people. It has also been determined that the cyber security threats posed to an organization can be eliminated by means applying the basic principles of security and as per the recommendations provided by the ACSC.
References:
Coventry, L., & Branley, D. (2018). Cybersecurity in healthcare: a narrative review of trends, threats and ways forward. Maturitas, 113, 48-52. Retrieved from https://www.sciencedirect.com/science/article/abs/pii/S0378512218301658
MacIntyre, C. R., Engells, T. E., Scotch, M., Heslop, D. J., Gumel, A. B., Poste, G., … & Broom, A. (2018). Converging and emerging threats to health security. Environment Systems and Decisions, 38(2), 198-207. Retrieved from https://link.springer.com/article/10.1007/s10669-017-9667-0
Williams, P. A., & Woodward, A. J. (2015). Cybersecurity vulnerabilities in medical devices: a complex environment and multifaceted problem. Medical Devices (Auckland, NZ), 8, 305. Retrieved from https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4516335/
Mackey, T. K., & Nayyar, G. (2016). Digital danger: a review of the global public health, patient safety and cybersecurity threats posed by illicit online pharmacies. British medical bulletin, 118(1), 110-126. Retrieved from https://academic.oup.com/bmb/article/118/1/110/1744779
Abouelmehdi, K., Beni-Hessane, A., & Khaloufi, H. (2018). Big healthcare data: preserving security and privacy. Journal of Big Data, 5(1), 1. Retrieved from https://link.springer.com/article/10.1186/s40537-017-0110-7
Štitilis, D., Pakutinskas, P., Kinis, U., & Malinauskaitė, I. (2016). CONCEPTS AND PRINCIPLES OF CYBER SECURITY STRATEGIES. Journal of Security & Sustainability Issues, 6(2). Retrieved from https://pdfs.semanticscholar.org/e1ce/61feae6283b78d54367eb945ccc0909a61d2.pdf
Björck, F., Henkel, M., Stirna, J., & Zdravkovic, J. (2015). Cyber resilience–fundamentals for a definition. In New contributions in information systems and technologies (pp. 311-316). Springer, Cham. Retrieved from https://link.springer.com/chapter/10.1007/978-3-319-16486-1_31
Colarik, A., & Janczewski, L. (2015). Establishing cyber warfare doctrine. In Current and Emerging Trends in Cyber Operations (pp. 37-50). Palgrave Macmillan, London. Retrieved from https://link.springer.com/chapter/10.1057/9781137455550_3
Ding, D., Han, Q. L., Xiang, Y., Ge, X., & Zhang, X. M. (2018). A survey on security control and attack detection for industrial cyber-physical systems. Neurocomputing, 275, 1674-1683. Retrieved from https://www.sciencedirect.com/science/article/abs/pii/S0925231217316351
Fielder, A., Panaousis, E., Malacaria, P., Hankin, C., & Smeraldi, F. (2016). Decision support approaches for cyber security investment. Decision support systems, 86, 13-23. Retrieved from https://www.sciencedirect.com/science/article/pii/S0167923616300239
Offner, K. L., Sitnikova, E., Joiner, K., & MacIntyre, C. R. (2020). Towards understanding cybersecurity capability in Australian healthcare organisations: a systematic review of recent trends, threats and mitigation. Intelligence and National Security, 35(4), 556-585. Retrieved from https://www.tandfonline.com/doi/full/10.1080/02684527.2020.1752459
Sun, C. C., Hahn, A., & Liu, C. C. (2018). Cyber security of a power grid: State-of-the-art. International Journal of Electrical Power & Energy Systems, 99, 45-56. Retrieved from https://www.sciencedirect.com/science/article/abs/pii/S0142061517328946
Rahmann, C., Vittal, V., Ascui, J., & Haas, J. (2015). Mitigation control against partial shading effects in large-scale PV power plants. IEEE Transactions on Sustainable Energy, 7(1), 173-180. Retrieved from https://ieeexplore.ieee.org/abstract/document/7302075
Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H., & Stoddart, K. (2016). A review of cyber security risk assessment methods for SCADA systems. Computers & security, 56, 1-27. Retrieved from https://www.sciencedirect.com/science/article/pii/S0167404815001388
Anwar, M., Gill, A., & Beydoun, G. (2018). A review of Australian information privacy laws and standards for secure digital ecosystems. Retrieved from https://aisel.aisnet.org/acis2018/36/
Austin, G., & Slay, J. (2016). Australia’s Response to Advanced Technology Threats: An Agenda for the Next Government. UNSW Canberra, Canberra, Australian Centre for Cyber Security Discussion Paper, 3. Retrieved from https://www.unsw.adfa.edu.au/unsw-canberra-cyber/sites/accs/files/uploads/ADVANCED%20TECHNOLOGY%20THREATS%20AND%20AUSTRALIA%2030%20May%202106mediaversion.pdf
Jones, E. J., Costello, M. W., Schleiff, M., Miller, D. S., Chetal, A., Belden, M. M., & Gallup, V. V. (2017). U.S. Patent No. 9,602,529. Washington, DC: U.S. Patent and Trademark Office. Retrieved from https://patents.google.com/patent/US9602529B2/en
Sanjab, A., Saad, W., Guvenc, I., Sarwat, A., & Biswas, S. (2016). Smart grid security: Threats, challenges, and solutions. arXiv preprint arXiv:1606.06992. Retrieved from https://arxiv.org/abs/1606.06992
Get solved or fresh solution on Steganography (IT) case study assignment and many more. 24X7 help, plag free solution. Order online now!