MIS607 - Cybersecurity

Topic: Mitigation Plan for Threat Report

Student Name:
Student ID:
Contents
Introduction............................................................................................................................ 3

Setting Priorities for Threat.................................................................................................4

Threat’s category Identification...............................................................................................6

Strategies for Mitigation of Threats.....................................................................................8

Techniques for Resolution..................................................................................................9

Risk Management Process...............................................................................................11

Conclusion........................................................................................................................... 12

References........................................................................................................................... 13
Introduction
This Report is based on the B&C organization which had been established within 1965. The
organization received the ransom calls from the attacker & has claimed that overall client’s
data & plans for strategies of organization has been retrieved by the caller. Numerous kinds
of threats that have been used by the attacker for stealing the sensitive data of organization
that are such as viruses & worms, malware, spyware, hacking, etc. Thus, for reduction of
these risks there are different type of plan for mitigation of risk have been carried out by the
B&C organization. By making use of this plans & strategies the performance & efficiency of
the system would be enhanced. The organization is required to follow process & regulation
with overall trained employee based on these threats. This report is mainly aimed to present
overall steps which are needed to be followed for improving & reducing the risk & also
carried out the consequences which could be erupted because of the threats.
Setting Priorities for Threat
Threat: Insider Attack
Risk Level: High Likelihood & Consequences
Elaborated: The Organization consider that Elaborated: It is used for damaging the
the level of risk for the Insider Attack is organization data & the organization might
High. It could be used for harming or lose data permanently or temporary.
misusing the organization data.
Improvement:
 Performing wide enterprise risk assessment
 Cyber-security, physical & work environment are required to establish
 Difficult & strict password needed
 Proper knowledge & training for attacks need to be offered to the employees
 Appliances for security & software are required to be used in the organization.
Techniques for threat avoidance:
 Offering best training need for employees
 Making use of strong & complex passwords
 Maintaining security by smartphones
 Access for system offered to authorized & trusted employees

Threat: Viruses & Worms

Risk Level: Extreme Likelihood & Consequences
Elaborated: Level of Risk for such threat Elaborated: Consequences might erupt
extreme & erupts via the malicious code & because of such threat that are like data
data damage. damage or data crash, low performance of
system, data corruption & fraud.
Improvement:
 Threat needs to removed using the tool
 Strong password is recommended
 System needs to be updated
 Antivirus usage mandatory
 Employee need proper training
Techniques for threat avoidance:
 Installing Antivirus
 Unknown downloads need to be avoided
 Backup need to be carried out

Threat: Spyware

Risk Level: Extreme Likelihood & Consequences

Elaborated: Threat comprised with extreme Elaborated: It can erupt numerous
Risk level that is almost entire system is consequences such as deletion, theft,
affected. corruption, fraud and so on.
Improvement:
 Avoid visiting unknown website
 Antimalware is recommended within system
 Avoid unknown Emails
 Avoid suspicious links
Techniques for threat avoidance:
 Updated Anti-malware needed
 Anti-spyware protection needed
 Firewall on basis of hardware

Threat: Malware
Risk Level: Extreme Likelihood & Consequences
Elaborated: Level of Risk is extreme & Elaborated: File deletion, password
damages the client’s personal data. stealing, damage or harm files
Improvement:
 Scanning of system is required
 Backup the data
 System needs on time updating
 Strong Password
Techniques for threat avoidance:
 Firewall installation
 Antivirus required
 Buy apps from authentic sources
 Avoidance of suspicious links
Threat’s category Identification
As per the B&C organization that has facing the Phishing Attack & such attack make use of
the email in form of weapon. So, the Attacker could be able to transmit email within one of
device of the manager & also make them to believe that the email is authentic & beneficial
for the organization. The Attacker selects the top managers, that is because they are
comprised with overall rights for accessing the sensitive kind of data. Thus, whenever the
manager open or download the file attached with the mail then overall data which have been
retrieved by manager could be also accessed by the attacker (Gao, et al., 2020). Several
type of threats that have been faced by the B&C organization are like,

 Insider Threat – The Insider Threat is the malicious action against the firm or
organization which comes from the users comprised with legitimate accessibility to
the network of organization, databases or the applications. Thus, these users could
be the former or present employee or the third party that are such as contractors,
partners or the temporary workers with overall access to the companies digital or
physical access (Tuor, et al., 2017).
 Viruses & Worms – The worm within the computer is form of malware which
spreads the copies of self from one device to other. The worm has the tendency to
replicate itself without the interaction of human & it doesn’t require to be attached to
the program of software for causing the damage. It is such kind of malware that
whenever the employee clicks on any link then the malware would get within the
system of company & start replicating itself (Shin, et al., 2017).
 Spyware – This are the unwanted software which are capable to infiltrate the firms
computing device, stealing the organization important data or any other information
that is sensitive for the company. The Spyware have been categorised in form of the
malware that are the malicious type software which have been designed for gaining
the access to firms’ system or for damaging the firm’s system without any prior
knowledge (Preethi, et al., 2019).
 Threat with Advanced persistent – The APT (advanced persistent threat) is the
broader term which is used for describing the campaign attack within that the intruder
or the team of the intruders, are able to establish illicit, long-term presence within the
network for mining of very highly classified & sensitive data (Chen, et al., 2018).
 Malware – The Malware is the code or file which has been delivered over the
network, that able to infect, explore, steal or able to conduct virtual behaviour
attacker needs. Thus, this are various in capabilities & type. The malware usually
comprised with one of below shown objective (Lim, et al., 2017).
 o Offers remote controlling for the attacker for using the infected system
o Transmit span from the system that is infected for unsuspecting marks
o Investigating the local network of infected user
o Stealing the sensitive type data
 Phishing – It is the form of social engineering attack that often used for staling the
data of any firm or user, comprised with the credentials of login & numbers of credit
card. It erupts whenever the attacker, camouflaged in form of trusted entity or person,
dupes with victim within opening of the mails, messages (instant) or any type of text
messages. The receiver has been then tricked within clicking the malicious links that
could lead within installation of the malware, freezing the system as the part of
ransomware attack or revealing sensitive data (Qabajeh, et al., 2018).

Figure 1: Phishing Attack

 Hacking – This are the form of attack which always tries in gaining the access of the
system of company. Thus, by this the attacker could be simply install the malware, &
steals the data from the system that is highly classified & sensitive & also data which
is not properly secured (Buchanan, 2016).
Strategies for Mitigation of Threats
There are some of strategies for mitigation of threats which need to be used for mitigating
entire type of threats which have been faced or erupted within the organization. By making
use of such strategy, it would be simple to find the solution so that loss of data or financial
loss would be lowered by the organization. Thus, below shown are some of the strategies for
mitigation of risk & used within the organization (Gritzalis, et al., 2015).

 Avoid – Generally the risks requirement to be avoided which could able to involve the
higher probability effect for both the damage & financial loss of the organization.
 Transfer – The risks which might comprised with the lower probability for carrying out
place but need to have the huge financial effect that is required to be mitigated by
getting transferred or shared by the organisation. For e.g., by making purchase of
insurance, partnership forming or by outsourcing.
 Accept – With help of some risks within the B&C organization, the expenses have
been involved within mitigating of the risk that is more than risk tolerance cost. Within
such situation, risks requirement to be accepted & also monitored carefully.
 Limit – The most of basic strategy for the mitigation is limitation of risk. Thus, the
B&C organization need to carry out some form of action for addressing the perceived
risk & also regulating the companies exposure. The limitation of risk might usually
offer some acceptance risk & some avoidance risk.
Techniques for Resolution
 Reviewing the Privacy setting
It is the better plan to review the settings of privacy annually for entire accounts
which are online. Also, comprised with those which have been connected with social
media. The options & settings could change or modify with time whenever the
developers add new features. The Hackers pays closer attention for such form of
modification in order to exploit them potentially for gaining personally. The
organization is required to be the diligent type. For e.g., verification of what
information about company need to be share publicly within each service or
application which could be used & restricted by company for viewing by others. Even
most apparently mundane type information could be for the usage of hackers,
common questions for security questions (Raul, 2018).

 Drafting Response Plan Incident

As per this technique the person should not wait till the organization has the event on
cyber security for determining how to respond in better path. Thus, planning ahead
for ensuring that overall suitable inner resources need to be aligned. The process of
planning the incident response would help within identification of the proper external
& internal responders with their responsibilities & the roles. The final thing within the
organization needs is in losing the valuable time for responding to the incident that is
because of the confusion over these above explained factors. The goods plan for
incident responding need to comprised with the assessment of weather the company
has proper coverage of cyber insurance for meeting the evolving threats online
(Catota, et al., 2018).

 Staying “Secure”
The landscape of the digital security has been shifting every day & making it very
complex for the organization for navigating & planning in effective manner, let alone
been standing ahead of curve. The learning & researching about the threats,
defences & the trends would be helpful for making the company completely with
education decision. Keeping up with the trends of cyber by getting subscriber to
podcasts of cybersecurity & blogs focused on cyber that are such as Insight Blogs
digitally. Regularly, offering prospective clients & clients with the broader insight of
cybersecurity based on almost every topic from the professional team (Green, 2015).

 Updating Devices or Maintaining the Management patching program

 When the employee within company are busy then there is nothing more worse than
seeing the notification of update which the machine required for rebooting in order to
get the critical updates installed. At time of texting or tweeting that have been
repeated often hits “remind me later” & when the smartphone needs as to install the
patch of latest OS. So, these versions could often publicize & highlight the
vulnerabilities of known security that might create the opportunities for the hackers in
exploiting the unpatched device whenever the person hits the remind me later option.
Thus, keeping in mind that the machine which is being used is the portal for the
organization digital world. Adoption of security & updates enhancements as soon as
possible might be helpful for ensuring the digital transformation for staying private.
From the perspective of the organization, management of patch have been the
crucial aspect which is for the layered defence. So, ensuring about patches which are
updated within the timely manner would be capable in reducing availed vulnerabilities
to attackers (Deering, et al., 2018).
 Making up Data Register (Map)
The GDPR (Union of European protection of General data Regulation) & the CCPA
(Consumer privacy act California) both bestow on their residence with several rights
for privacy & these both are now the law. Other states of the U.S. have been
expected to enact with the same laws within upcoming yrs. Thus, before the
organization could be implemented properly the system of management for data
rights which complies with such kind of laws, it must be initially identified about the
residing the relevant data on its network (Internal). The creation of the map of data is
best path for stating the analyzation. It would also identify how data could be
internally processed, how it would be secured & how it could be deleted within
compliance with the retention of internal document policies & numerous laws of data
privacy. The mapping of data could also streamline the ability of company for
responding to & investigating the incidents for security of data which might arose
(Chen, et al., 2018).

 Deploying the Monitoring Endpoints

This have been the resolution of the organization; consideration need to be offered
for deploying the robust tool for monitoring endpoint. The encryption has become the
weaponized by sophisticated attacks of ransomware, one of strongest components of
the layered defence that is making use of the monitoring endpoint with analytics of
strong data used within the heuristic manner. The newer variants for the ransomware
have been deployed on daily basis with intention of locking the critical data for
extorting money form the businesses of victim. If the organization have not been
using the monitoring endpoint, it might worth to ask if something is being considered
(Buyukkayhan, et al., 2017).
Risk Management Process
 The CEO of the organization need to carry out initial step by identification entire risks
within the organization.
 Then, the analyzation is needed to be carried out for checking the possessions of risk
erupted within organization
 Plan of Action helps in offering the risk knowledge & also it prioritizes overall levels of
risks as per their quality
 Then, several techniques for prevention needed to take the avoid & control of risks
from organization
 The employees have ability for monitoring overall risk in proper manner, they could
protect information that is personal from such threats (Kure, et al., 2018).

Likelihood & Consequences

Consequences
Likelihood Insider Worms and Spyware Malware
attack viruses
Almost Convinced Extreme Extreme High High
Probable Extreme High High High
Likely High High Medium High
Unlikely High Low Low Medium
Occasional Medium Low Low Low

Level of Risk:

Level of Risk Explanation

L (Low) Several threats may create level of risk to low & could be managed by
following process & policies of security.
H (High) Numerous risks with high level of risk & threats could harm entire
system of network of organization. Policies of security required within
organization.
E (Extreme) The management of organization need to carry out better decisions
for mitigation of risk from the firm. These threats are capable in
harming data of the organization.
M (Medium) Threats such as malware comprised with medium level of the risk.
Tools for monitoring is required for risk mitigation.
Conclusion
As shown above entire type of threats could be eased by making use of strategies referred
within the report. The training for employees to be stay aware about the attack in the
organisation is recommended highly. The B&C organisation faces numerous threats & all of
these threats are mentioned within this report. Level of Risk & their consequences which
would be erupted also carried out in this report.
References
Gao, Y., Xiaoyong, L. I., Hao, P. E. N. G., Fang, B., & Yu, P. (2020). HinCTI: A Cyber Threat
Intelligence Modeling and Identification System Based on Heterogeneous Information
Network. IEEE Transactions on Knowledge and Data Engineering.
Tuor, A., Kaplan, S., Hutchinson, B., Nichols, N., & Robinson, S. (2017). Deep learning for
unsupervised insider threat detection in structured cybersecurity data streams. arXiv preprint
arXiv:1710.00811.
Shin, J., Son, H., & Heo, G. (2017). Cyber security risk evaluation of a nuclear I&C using BN
and ET. Nuclear Engineering and Technology, 49(3), 517-524.
Mallikarajunan, K. N., Preethi, S. R., Selvalakshmi, S., & Nithish, N. (2019, April). Detection
of Spyware in Software Using Virtual Environment. In 2019 3rd International Conference on
Trends in Electronics and Informatics (ICOEI) (pp. 1138-1142). IEEE.
Chen, J., Su, C., Yeh, K. H., & Yung, M. (2018). Special issue on advanced persistent threat.
Lim, S. K., Muis, A. O., Lu, W., & Ong, C. H. (2017, July). Malwaretextdb: A database for
annotated malware articles. In Proceedings of the 55th Annual Meeting of the Association
for Computational Linguistics (Volume 1: Long Papers) (pp. 1557-1567).
Qabajeh, I., Thabtah, F., & Chiclana, F. (2018). A recent review of conventional vs.
automated cybersecurity anti-phishing techniques. Computer Science Review, 29, 44-55.
Buchanan, B. (2016). The cybersecurity dilemma: Hacking, trust, and fear between nations.
Oxford University Press.
Stergiopoulos, G., Kotzanikolaou, P., Theocharidou, M., & Gritzalis, D. (2015). Risk
mitigation strategies for critical infrastructures based on graph centrality analysis.
International Journal of Critical Infrastructure Protection, 10, 34-44.
Raul, A. C. (Ed.). (2018). The privacy, data protection and cybersecurity law review. Law
Business Research Limited.
Catota, F. E., Morgan, M. G., & Sicker, D. C. (2018). Cybersecurity incident response
capabilities in the Ecuadorian financial sector. Journal of Cybersecurity, 4(1), tyy002.
Green, J. (2015). Staying ahead of cyber-attacks. Network Security, 2015(2), 13-16.
Slotwiner, D. J., Deering, T. F., Fu, K., Russo, A. M., Walsh, M. N., & Van Hare, G. F.
(2018). Cybersecurity vulnerabilities of cardiac implantable electronic devices:
Communication strategies for clinicians—Proceedings of the Heart Rhythm Society's
Leadership Summit. Heart rhythm, 15(7), e61-e67.
Chen, S., Chen, S., Andrienko, N., Andrienko, G., Nguyen, P. H., Turkay, C., ... & Yuan, X.
(2018, October). User behavior map: Visual exploration for cyber security session data. In
2018 IEEE Symposium on Visualization for Cyber Security (VizSec) (pp. 1-4). IEEE.
Buyukkayhan, A. S., Oprea, A., Li, Z., & Robertson, W. (2017, September). Lens on the
endpoint: Hunting for malicious software through endpoint data analysis. In International
Symposium on Research in Attacks, Intrusions, and Defenses (pp. 73-97). Springer, Cham.
Kure, H. I., Islam, S., & Razzaque, M. A. (2018). An integrated cyber security risk
management approach for a cyber-physical system. Applied Sciences, 8(6), 898.