Instructions
Advanced persistent threats (APTs) have been thrust into the spotlight due to their advanced tactics, techniques, procedures, and tools. These APTs are resourced unlike other types of cyber threat actors.
Your chief technology officer (CTO) has formed teams to each develop a detailed analysis and presentation of a specific APT, which she will assign to the team.
This is a team assignment, and the team members that were selected by the instructor in the previous assignment will work together. It is up to the team members to decide who is responsible for contributing to the sections of the paper. Remember, if a member fails to complete his or her part of the work, the team is still responsible for all sections.
Note that you are required to complete a peer review for yourself and for each member of the team. The peer review template is provided in the Activities folder.
Your team’s report should use the The Cybersecurity Threat Landscape Team Assignment Resources to cover the following five areas:
Part 1: Threat Landscape Analysis
Provide a detailed analysis of the threat landscape.
What has changed over the past year?
Describe common tactics, techniques, and procedures to include threat actor types.
What are the exploit vectors and vulnerabilities threat actors are predicted to take advantage of?
Part 2: APT Analysis
Provide a detailed analysis and of the APT your group was assigned. Describe the specific tactics used to gain access to the target(s).
Describe the tools used. Describe what the objective of the APT was/is. Was it successful?
Part 3: Cybersecurity Tools, Tactics, and Procedures
Describe current hardware- and software-based cybersecurity tools, tactics, and procedures.
Consider the hardware and software solutions deployed today in the context of defense-in-depth.
Elaborate on why these devices are not successful against the APTs.
Part 4: Machine Learning and Data Analytics
Describe the concepts of machine learning and data analytics and how applying them to cybersecurity will evolve the field.
Are there companies providing innovative defensive cybersecurity measures based on these technologies? If so, what are they? Would you recommend any of these to the CTO?
Part 5: Using Machine Learning and Data Analytics to Prevent APT
Describe how machine learning and data analytics could have detected and/or prevented the APT you analyzed had the victim organization deployed these technologies at the time of the event. Be specific
Part 6: Ethics in Cybersecurity
Do you think the vulnerability(ies) exploited by the APT constitute an ethical failure by the defender? Why or why not?
For the APT your group studied, were there identifiable harms to privacy or property? How are these harms linked to C-I-A? If not, what ethically significant harms could result from the scenario your group researched?
For the APT your group studied, when the targeted organization identified the breach, was the disclosure made with transparency? Do you feel the organization acted ethically? Why or why not?
Notes
Use additional sources of information but also describe the concept in layman’s terms.
Use visuals where appropriate.
While quality is valued over quantity, it is expected that a quality paper will result in a minimum length of 1015 pages.
You will be assigned an individual grade for this assignment based on your contribution to the overall project.
How Will My Work Be Evaluated?
The following evaluation criteria aligned to the competencies will be used to grade your assignment:
1.1.3: Present ideas in a clear, logical order appropriate to the task.
2.1.3: Explain the significance of the issue or problem.
4.1.1: Establish a collaborative approach for working together as a team.
4.2.4: Prepare a finished teamwork product.
10.1.1: Identify the problem to be solved.
12.6.1: Identify the controls needed for confidentiality.
12.6.2: Identify the controls needed for integrity.
12.6.3: Identify the controls needed for availability.
12.7.2: Explain the process of analyzing IT incidents.
14.1.1: Explain how ethical principles used in the information technology industry apply to the welfare and safety of stakeholders and society.
Submitting Your Work
When complete, export your file as a PDF and upload to the LEO Assignments Folder (e.g., Week 5 & 6 – The Cybersecurity Threat Landscape Group Assignment).
Note: Only one group member is required to submit the team assignment, but all team members must submit their own peer review.
Download the Week 5 & 6 – Peer Review Template from the The Cybersecurity Threat Landscape Team Assignment Resources page.
Answer the questions and rate your teammates appropriately.
Export to a PDF and email to your instructor
Project 5and Policy Team Assignment
Hide Assignment Information
Turnitin
Turnitin enabledThis assignment will be submitted to Turnitin.
Instructions
The chief technology officer (CTO) has indicated that your organization has been requested by the National Security Council (NSC) to comment on the upcoming National Cybersecurity Strategy. The NSC has asked for specific recommendations as it relates to the next cybersecurity strategy, private/public partnerships, and comments on how specific technologies should be incorporated into the assessment.
The CTO has asked you to collaborate with your team to provide the organizational input.
You will be collaborating with your previously assigned team on this assignment. It is up to the team members to decide how they will plan, meet, discuss, and complete the six sections of the paper. Remember, if a member fails to complete his or her part of the work, the team is still responsible for all sections. You will also complete a peer review for yourself and for each member of the team. The peer feedback will be incorporated into each team members assignment grade.
As a group, use the Cybersecurity Strategy, Law, and Policy Team Assignment Resources to write your paper, which should cover the following topics:
Part 1: National Security Strategy and Cybersecurity
After reading the National Security Strategy (2017), comment on the following.
Should the United States create a separate cybersecurity strategy to be published alongside the National Security Strategy (NSS), or do you feel the NSS is sufficient? Why or why not?
Consider your answer in the context of the original National Strategy to Secure Cyberspace (2003). What is not adequately addressed in the National Security Strategy (2017) as it relates to cybersecurity?
Part 2: Public/Private Partnerships
After reading the Cybersecurity Act of 2015, address the private/public partnership with the DHS National Cybersecurity and Communications Integration Center (NCCIC), arguably the most important aspect of the act. The Cybersecurity Act of 2015 allows for private and public sharing of cybersecurity threat information.
What should the DHS NCCIC (public) share with private sector organizations? What type of threat information would enable private organizations to better secure their networks?
On the flip side, what should private organizations share with the NCCIC? As it is written, private organization sharing is completely voluntary. Should this be mandatory? If so, what are the implications to the customers’ private data?
The government is not allowed to collect data on citizens. How should the act be updated to make it better and more value-added for the public-private partnership in regards to cybersecurity?
Part 3: Private Sector Organizations
Review the General Data Protection Regulation (GDPR) of the European Commission (EU). It includes many provisions and arguably strengthens data protection for individuals within the EU. It even includes the right to be forgotten. The United States does not have a similar regulation. There have only been a few regulations implemented related to US citizens’ private data, which include medical and financial industries. Some argue implementing regulation such as GDPR in the United States would hinder innovation. They contend that the End User License Agreements (EULA) provide sufficient protections and allow the citizens to make the choice of what is and is not shared.
As a private sector organization, do you believe that an equivalent to GDPR should be implemented in the United States?
Part 4: Protecting Critical Infrastructure and the Homeland
The Department of Defense (DoD) Cyber Strategy 2018 discusses the protection of critical infrastructure and the homeland.
What does that mean to private organizations such as yours?
If most critical infrastructure in the United States is owned by the private sector, what responsibility does the DoD have in this regard?
Some would argue US laws are outdated and thus the DoD has little authority to assist. Others would argue US laws were purposely established such that the private sector would defend itself and not need assistance from the military. Obviously, for the DoD to assist, it would need the private organizations’ data. Said another way, the DoD would need your data as a private citizen/customer of that organization. Those that believe our laws need to be updated argue giving up privacy for protection is legitimate.
Others will argue that we should not give private information of citizens to the government for any reason. As a citizen, would you feel comfortable with this? As a private organization, would you feel comfortable giving information that may contain your customers’ private data to the DoD?
Is there a third solution (middle ground) you would propose that enables privacy but also enables cybersecurity?
Part 5: Cybersecurity Technologies
The authors of the National Security Strategy (NSS) are looking to address particular technologies that have the opportunity to revolutionize cybersecurity. They believe that blockchain technology is a revolutionary technology that has the ability to significantly improve cybersecurity.
What would be your recommendation for how the NSS should incorporate this technology to the public?
Propose exactly what you believe should be written in the NSS. Specifically, explain the blockchain technology in layman’s terms to nontechnical people that may be reading the NSS, give examples of how it could be used to provide revolutionary cybersecurity, include examples of how it is being used to provide cybersecurity solutions, and discuss what, if any policies or laws should be established to mandate its use in specific industries.
Part 6: Ethics in Cybersecurity
Ethical issues are at the core of what we do as cybersecurity professionals. Think of the example of a cyber defender working in a hospital. They are charged with securing the network, medical devices, and protecting sensitive personal health information from unauthorized disclosure. They are not only protecting patient privacy but their health and perhaps even their lives. Confidentiality, Integrity, Availability – the C-I-A triad – and many other cybersecurity practices are increasingly at play in protecting citizens in all walks of life and in all sectors. Thus, acting in an ethical manner, is one of the hallmarks of a cybersecurity professional.
What are the ethically significant harms that may result from mass surveillance (including by government and corporations)?
What are the ethically significant harms that may result from emerging technologies such as blockchain technology, artificial intelligence, and machine learning.
Notes
While quality is valued over quantity, it is expected that a quality paper will result in a minimum length of 1015 pages.
Use additional sources as needed and be sure to critically analyze the questions, addressing the pros and cons in your proposal.
Use visuals where appropriate.
Each team will submit one assignment.
You will receive an individual grade for this assignment based on your contribution to the overall project.
How Will My Work Be Evaluated?
The following evaluation criteria aligned to the competencies will be used to grade your assignment:
1.1.3: Present ideas in a clear, logical order appropriate to the task.
2.1.3: Explain the significance of the issue or problem.
4.1.2: Engage in regular and consistent communication and meetings with team members and external project stakeholders.
4.2.4: Prepare a finished teamwork product.
10.1.1: Identify the problem to be solved.
12.9.1: Describe organizational compliance with government legislation that impacts technology.
12.9.2: Explain organizational compliance with industry regulations.
12.9.3: Explain compliance with organizational policies.
13.1.2: Describe the various processes that affect policies, processes, and procedures.
14.1.1: Explain how ethical principles used in the information technology industry apply to the welfare and safety of stakeholders and society.
To Submit Your Work
When complete, export your file as a PDF and upload it to the LEO Assignments Folder (e.g., Project 5 – The Cybersecurity Threat Landscape Group Assignment).
Note: Only one group member is required to submit the team assignment, but all team members must submit their own peer review.
Peer Review
Download the Week 7 & 8 Peer Review Template from the Cybersecurity Strategy, Law, and Policy Team Assignment Resources page.
Answer the questions and rate your teammates appropriately.
Export to a PDF and submit it via the LEO grade book.