The United States’ critical infrastructure—power, water, oil and natural gas, military systems, financial systems—have become the target of cyber and physical attacks as more critical infrastructure systems are integrated with the internet and other digital controls systems.
Description
The United States’ critical infrastructure—power, water, oil and natural gas, military systems, financial systems—have become the target of cyber and physical attacks as more critical infrastructure systems are integrated with the internet and other digital controls systems. The lesson learned in mitigating and defending against cyberattacks is that no entity can prevent or resolve cyberattacks on its own. Collaboration and information sharing are key for success and survival.
This is a group exercise, representing collaboration across all sectors to support and defend US critical infrastructure. In the working world, a team like this would include agencies, industrial partners, and private sector corporations. Each organization has different strengths and skills, different access to information, and different authorities to report to. When the sectors work together and share resources and skills, the result is that everyone benefits from the defense and protection of US IT infrastructure.
In your teams, you can model the same collaboration, leveraging each other’s expertise, sharing each other’s knowledge, and teaching each other. This will include providing contributions specific to your role in the scenario:
Financial Services Representative, special task in Step 3
Law Enforcement Representative, special task in Step 4
Intelligence Agency Representative, special task in Step 5
Homeland Security Representative, special task in Step 6
There are seven steps that will help you create your final deliverables. The deliverables for this project are as follows:
Security Assessment Report (SAR): This report should be a 14- to 15-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.Step 3: The Financial Sector
To be completed by the Financial Services Representative: Provide a description of the impact that the threat would have on the financial services sector. These impact statements can include the loss of control of the systems, the loss of data integrity or confidentiality, exfiltration of data, or something else. Also provide impact assessments as a result of this security incident to the financial services sector. Ensure that the information is appropriately cited.Step 4: Law Enforcement
To be completed by the Law Enforcement Representative: Provide a description of the impact that the threat would have on the law enforcement sector. These impact statements can include the loss of control of systems, the loss of data integrity or confidentiality, exfiltration of data, or something else. Also provide impact assessments as a result of this security incident to the law enforcement sector. Ensure that the information is appropriately cited.Step 5: The Intelligence Community
To be completed by all team members: Provide an overview of the life cycle of a cyberthreat. Explain the different threat vectors that cyber actors use and provide a possible list of nation-state actors that have targeted the US financial services industry before.Review this threat response and recovery resource and use what you learn to propose an analytical method in which you are able to detect the threat, identify the threat, and perform threat response and recovery. Identify the stage of the cyberthreat life cycle where you would observe different threat behaviors. Include ways to defend and protect against the threat. Provide this information in your SAR and AAR. Ensure that the information is appropriately cited.To be completed by the Intelligence Community Representative: Provide intelligence on the nation-state actor and the actor’s cyber tools, techniques, and procedures. Use available threat reporting such as from FireEye, Mandiant, and other companies and government entities that provide intelligence reports. Also, include the social engineering methods used by the nation-state actor and their reasons for attacking US critical infrastructure. Include this information in your SAR and AAR. Ensure that the information is appropriately cited.Step 6: Homeland Security
To be completed by the Homeland Security Representative: Use the US-CERT and similar resources to discuss the vulnerabilities and exploits that might have been used by the attackers. Ensure that the information is appropriately cited.Explore the resources for risk mitigation and provide the risk, response, and risk mitigation steps that should be taken if an entity suffers the same type of attack.To be completed by all team members: Provide a risk-threat matrix and a current state snapshot of the risk profile of the financial services sector. These reports will be part of an overall risk assessment, which will be included in your SAR and AAR. Ensure that the information is appropriately cited.Step 7: The SAR and AAR
All team members: After you compile your research and your own critical assessments and analysis, determine which information is appropriate for a Security Assessment Report (SAR) that will be submitted to the White House, and for an After Action Report (AAR) that will be submitted to the rest of the analyst community.
Prepare your SAR for the White House Cyber National Security staff, describing the threat, the motivations of the threat actor, the vulnerabilities that are possible for the threat actor to exploit, current and expected impact on US financial services critical infrastructure, the path forward to eliminate or reduce the risks, and the actions taken to defend and prevent against this threat in the future.
Prepare your SAR for the White House Cyber National Security staff, describing the threat, the motivations of the threat actor, the vulnerabilities that are possible for the threat actor to exploit, current and expected impact on US financial services critical infrastructure, the path forward to eliminate or reduce the risks, and the actions taken to defend and prevent against this threat in the future.
Focusing on the 4 main sectors. Finance, Homeland Security, Intelligence agencies, and Law Enforcement.
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.