Purpose of the assignment is to demonstrate how to assess, analyze, and prioritize threats that an organization might face in real-world situations.
Instructions
The case is describled as follows:
Suppose you are a cybersecurity manager at a large hospital. The hospital has a series of assets such as hardware, software, and data. Each category of these assets is of different values ranging high/medium/low. For example, for hardware, the hospital has high-value MRI, CT, and sugery machines that may be connected to Internet, and also some medium or low value servers and computers for routine jobs. For data assets, the hospital has high-value and extremely sensitive patient medical records data, and also some medium or low value personnel or payroll data. Some typical hypothetical threats that you need to consider include: ransomeware, botnet, DDoS, information theft/fraud, phishing, social engineering, insider attack, etc.
Given this case study, pick three threats you feel most important, and use risk analysis to prioritize threats for mitigation.
Deliverable
Submit your analysis (Word or PDF format, 1000 words maximum) with your recommendations.
Please do Mim 900 words
Part 2:
Purpose
Purpose of the assignment is to identify red flags and provide recommendations as it relates to phishing attacks for an organization.
Instructions
Given the following 4 example phishing emails, identify red flags that should alert a user:
phishing examples
Deliverable
Submit your analysis with the red flags you were able to identify and provide an explanation of how cyber security industry best practices can be followed to mitigate exposure when it comes to phishing attacks.
