Major Assessment: Risk Assessment
Due Week 11, Worth 30%
In this assignment, your task is to create a report on the threat scope against a specific target. There
are three profiles for these threats, of which you choose one.
The three profiles are:
1) Policy Profile: You are the Chief Information Security Officer (CISO) for a large multinational
enterprise with a very large collection of intellectual property that represents a major
portion of your business’ holdings. What are the threats against your corporate network,
where do they come from and what do you need to mitigate against them? Keep in mind
that, as a CISO, you are more interested in developing Policy and Procedure than day to day
threat management.
2) Response Profile: You are a threat researcher for a Computer Emergency Response Team
(CERT) that is responsible for protecting Government networks. The Government will be
releasing an unpopular policy in the near future and is expecting attacks from “hacktivists”.
What are the sorts of cyber-attacks that can be expected? How can the agency organise
itself now to help reduce the impact of those cyber-threats? Remember that Government
agencies often have lots of partners and social media accounts.
3) Technical Level: You are a penetration tester providing services to a client (i.e. not the
company you work for), who is a major national accounting firm. Identify the risks to your
company in performing the penetration test, identify the standard framework for
conducting a penetration test and the methods that you would employ to conduct the test.
Your assignment is to choose one of those profile, and write a report that is at least 3000 words or
15 pages (whichever is longer). Your assignment should cover the above brief for your profile, and to
also cover the following aspects:
• What are the countermeasures to those threats, and how do they fit within the Situational
Crime Prevention framework?
• How does the current law help or hinder your countermeasures? Are there any proposals for
laws that would assist?
• Is your problem of international scope and, if so, how?
See the scoring sheet for this assignment, which is on the next page, and ensure that your report
fulfils the criteria listed.
GET ANSWERS / LIVE CHAT