System Security Plan Presentation
For this presentation, you will prepare a System Security Plan (SSP) presentation slide deck to present your system security plan for CMI. The SSP may include artifacts discovered from the CMI risk assessment, the security policy report, and/or the ROE. This SSP presents the current security posture to the organization’s stakeholders and employees by describing security controls, procedures, & techniques to deter, detect, prevent cyberattacks. You may include technical, administrative, and operational controls to harden the network operations and bolster the enterprise security in your plan.
This assignment is based on the Cyber Marketing Inc. Case Study provided in this course. The CMI network diagramLinks to an external site. (opens in a new browser window) is shown below for your convenience but is also available in the CMI Case Study.
Procedures
You will prepare an SSP slide presentation to convey your findings of the CMI security posture and a proposed solution. Your SSP should include best security practices to build strong enterprise security for CMI from the areas of securing wireless systems, secure web content/access, perimeter security, audit, authentication, encryption, incident response, mobile device security, data hiding/forensics, reverse engineering, social engineering, cyber threat intelligence, cyber awareness/training and written security policy. Utilize what you have learned in the areas of network host/server/communications device port scanning, malware & threat detection, vulnerability assessment, packet components & flows, risk assessment, application of security policy, and penetration testing. As you are presenting this SSP to your client in a presentation format, you will summarize your solutions with highlighted prioritized security controls to build a strong enterprise security.
While you are free to create your own SSP to best prevent cyber vulnerabilities and improve the CMI security posture, and build a defense in depth, you will, at a minimum, include the following sections.
1. Executive Summary
2. Brief Description of the organization
3. Brief Description of the system(s) or technology(s) under review and their requirements in Confidentiality, Integrity & Availability (CI&A).
4. Summary of Systems Threat, Vulnerability, Impact and Likelihood (TVIL) findings,
5. Selection of Controls to be applied to their systems for CI&A given their TVIL, and
6. Brief outlook on expected implementation timetable and resources for maintaining assurance.
Use the document System Security Plans (SSP) Guidelines for CMI Presentation Links to an external site.in Module 8 of the Google drive as a directive.
Slide Deck & Presentation
Your system security presentation should incorporate a slide deck of between 10-20 slides, with annotation in the Notes section and take about 10 minutes to deliver. The presentation should be a deliverable to CMI who will make decisions about hardening the CMI network operations and enforcing the security policy to improve the CMI enterprise security posture. A typical SSP would include many pages of documents. You will present your solutions in a Slide-based presentation to convey your security controls and solutions for CMI.
Post your slide presentation to the Discussions Section once you are ready for others to view it.
The following are recommended tool options for creating and sharing your presentation:
· You may use VoiceThreadLinks to an external site. to create a slide-based presentation to share. For information about creating slides in VoiceThread, please click hereLinks to an external site..
· You may upload a video to YouTube Links to an external site.and post a link to it in the discussion forum.
· You may record your video using Screen-cast-o-maticLinks to an external site. and post a link to it in the forum.
· You may record your video directly in the forum or upload directly to the forum by clicking reply and then selecting the Media icon.Links to an external site.
For more detailed instructions regarding how to create and share a video using the content editor in the discussion board, click hereLinks to an external site..
Grading
Presentation Grade Weighting
Systems Security Plan Points
Content
SSP Executive Summary 5 points
Organizational Description & Mission 5 points
System(s) Under Review Description 10 points
Threats to & Vulnerabilities of the System, Likelihood &
Impact of Destruction points
10
Controls Selection, Justification, & Application 15 points
Implementation & Maintenance Timetable & Resources 10 points
References 5
Support
Slide Core Content & Organization 10 points
Recorded Oral Presentation Quality 10 points
Slide Annotation 10
Diagrams, graphs, tables 10
Case study
Cyber Marketing, Inc. (CMI) is a marketing company that markets its products and services to thousands of its clients across North America. As a marketing company, the products and services catalog is an important corporate asset to keep up-to-date for its clients. In order to keep its products and services updated at all times, its corporate IT infrastructure plays an important role in processing data within and between the company and the clients. The following organization chart depicts the CMI executive management team.
Org chart
Your Role
For the assignments related to this case study, you will assume the role of a Cybersecurity Manager at Cyber Marketing Incorporated. You have been educated, trained, and hired to protect the physical, logical, and operational security of CMI’s corporate information system. CMI has experienced several cyber-attacks from outsiders over the past a few years. In 2013, the Oracle database server was attacked and its customer database lost its confidentiality, integrity, and availability for several days. Although the company restored the Oracle database server back online, its lost confidentiality damaged the company reputations. CMI ended up paying its customers a large sum of settlement for their loss of customer data confidentiality. Another security attack was carried out by a malicious virus that infected the entire network for several days. While infected, the Oracle and e-mail servers had to be shut down to quarantine these servers. In the meantime, the company lost $1.2 Million in revenue and intangible customer confidence.
CMI Network Diagram
You are responsible for a corporate WAN spanning 10 remote facilities and interconnecting those facilities to the central data processing environment. Data is transmitted from a remote site through a VPN appliance situated in the border layer of the routing topology; the remote VPN connects to the internal Oracle database to update the customer data tables. Data transaction from the remote access to the corporate internal databases is not encrypted.
A bulk of the data processing for your company is handled by Oracle database on a high-end supercomputer. The trusted computing based (TCB) internal network is situated in a physically separated subnet. This is where all corporate data processing is completed and the internal support team has its own intranet web server, a SUS server, an internal DNS, an e-mail system, and other support personnel workstations. Each corporate department is segregated physically on a different subnet and shares the corporate data in the TCB network.
Additional Information
In addition to the context provided above, you will find some other considerations regarding the CMI case study below:
Recently, your network engineers report that they’ve noted a significant spike in network traffic crossing into the internal networks. They report that they cannot be certain what or who is generating this traffic, but the volume and frequency of traffic are certainly abnormal. The management is very concerned about securing the corporate confidential data and customer information.
Increasingly, CMI’s CEO Thompson attempts to outsource IT competency. In fact, you’ve been told of a plan from COO Willy to outsource network management and security functions away from your department and to a service integrator. COO Willy warns you that the political environment will only become more contentious over time; you must make a compelling case as to what value your department can bring over an integrator that can provide secure services at 40% less annual cost than you.
The interrelationship between data and operations concerns you. Increasingly, some of the 10 remote sites have been reporting significant problems with network latency, slow performance, and application time-outs against the Oracle database. The company’s business model is driving higher and higher demand for data, but your capability to respond to these problems are drastically limited.
Mobility is important for the organization to interact with the customers and other co-workers in near real-time. However, the CEO is concerned with the mobility security and would like to research for the best practice for mobile computing. The CEO is willing to implement a BYOD policy if security can be addressed.
Employees enjoy the flexibility of getting access to the corporate network using a WiFi network. However, the CEO is concerned over the security ramifications over the wireless network that is widely open to the company and nearby residents.
The company plans to offer its products and services online and requested its IT department to design a Cloud Computing based e-commerce platform. However, the CEO is particularly concerned over the cloud computing security in case the customer database was breached.