CYBERSECURITY

1
 Table of Contents
Introduction ................................................................................................................................ 3

Task 1: The importance of risk assessment ........................................................................... 3

Task 2: Critical asset identification........................................................................................ 4

Task 3: Threat identification .................................................................................................. 6

Task 4: Threat assessment ..................................................................................................... 8

Conclusion ................................................................................................................................. 9

References ................................................................................................................................ 10

2
Introduction
Cybersecurity or information technology security is the exercise of preventing the networks
and systems from theft, damage, or information disclosure (Sun et. al. 2018). This is
significant in various types of business enterprises, government organisations, and
universities. It protects the data and information from damage and theft, and Information theft
is emerging as the fastest-growing segment of cybercrime. The impact of cybercrimes can be
seen as the economic costs, reputational costs, and regulatory costs.

The present writing is based on the analysis of cybersecurity components of the Southern
Cross University. It further elaborates the risk assessment significance and procedure in the
University. The study also signifies the critical information assets of the organisation and the
cyber risks and threats associated with these information assets.

Task 1: The importance of risk assessment

Risk assessment is the process of examining the overall method to identify the hazards and
risk elements that can cause damage or harm (Stevens, 2016). The risk assessment involves
some essential parts. These are asset identification, risk likelihood and impact, risk analysis,
and cost of the solutions. It can be defined as the combined efforts to analyse future events
that may occur and create judgments based on risk analysis. Risk assessment is very critical
in developing and managing cybersecurity at Southern Cross University.

Concerning the cybersecurity risk assessment, it can be said that it helps the organisation
understand, control, and mitigate all types of cyber risk. This is the most critical aspect of risk
management strategy and data protection.

Cyber risk can refer to the likelihood of harmful disruptions to business operations, finances,
and sensitive data (Schatz et. al. 2017). Some examples of cyber risks are data leaks,
phishing, insider threats, cyberattacks, and malware.

Cybersecurity risk assessment can be defined by evaluating the risks used to identify risks
associated with assets, operations, and other organisations resulting from information systems
(Graham et. al. 2016). The primary purpose of this risk assessment is to support the decision-
makers and proper risk response. Conducting and performing a cybersecurity risk assessment
is significant because it reduces the long-term costs and avoids data breaches. Further, the
most crucial benefit of risk assessment is that it prevents data loss. In the context of Southern

3
Cross University, this assessment will help in preventing data losses. For example: theft of
confidential information and other codes and data.

Moreover, performing the risk assessment steps determines information value, identifying
assets, identifying the cyber threats and vulnerabilities, and analysing and implementing
controls. The most difficult part of the risk assessment process is developing adequate
knowledge to identify potential hazards (Almeshekah and Spafford, 2016). Further, some of
the significant limitations of the current risk assessment methods are lack of comprehensive
data and insufficient time.

The results of risk assessment are further used to manage the cybersecurity of the University.
This is done by preparing a cybersecurity strategy. The ascertained risks are carefully
eliminated and dealt with to prevent the cybersecurity of the University (Sun et. al. 2018). In
this regard, the strategy steps are laying down a base for a sound security strategy, knowing
the threat landscape, building a strategic security plan, and evaluating the ability of the
organisation to execute the plan.

The assessment results and cybersecurity plan affect the business's decision-making process
(Apruzzese et. al. 2018). This is because the purpose of the risk assessment procedure of the
University is to help the decision-makers and supporting them in proper risk responses. Other
than this, the results are then communicated to decision-makers with the help of an executive
summary to make informed decisions regarding security. These are related to the critical IT
assets of the University, relevant threats and the sources of hazards, and the internal and
external vulnerabilities. Thus, it can be explained that the risk assessment process and its
outcomes are relevant for the decision-makers of the University.

Task 2: Critical asset identification

Information assets can be of different types, including database, paper document, password,
digital file, or any encryption key (Thames and Schaefer, 2017). Information assets are stored
on any carrier, such as hard drive, laptop, cloud, backup tape, server, and USB.

An asset can be said as anything that possesses value to the organisation, and as this is
valuable for the organisation, it requires protection. Information is the supporting asset of the
company. Information asset can be defined as the data or information that includes the
records of the student's, intellectual property, or any other confidential information. This can
be either in electronic or physical form (von Solms and von Solms, 2018). An information

4
asset container is the storage place where the information assets are stored and kept.
Information assets are very critical for Southern Cross University.

Irrespective of the size of the organisation, protecting information is crucial (Leuprecht et. al.
2016). Thus, it becomes vital to protect it from threats and risks entirely. The website of the
Southern Cross University can be said as the biggest information asset as it includes various
information associated with the University. It involves admission FAQs, brochures, courses,
and educational details (Southern Cross University, 2021). The website also includes the
documents required for the admission processor. In a nutshell, the university website is its
greatest information asset, and any cyber-crime or theft at its asset can impact the overall
image of the University.

The University also maintains an information asset register to include the information that the
University holds and processes. It is a catalogue that where the information regarding the
information asset is stored (Stevens, 2018). In addition to this, it is also described in the
register how information moves in and out of University and to whom it is to be shared. This
is done to ensure the value and facilitate that it is properly protected. Apart from this, contract
details and financial statements are also a significant asset of the University.

With a view to identifying the most critical information asset of the Southern Cross
University, a questionnaire can be prepared.

Which information assets add value to the University, and are these useful? If yes, then
what are the most critical information assets?
• University website
• Contracts
• Finance
• Human resource data
• Information management
• Library building and maintenance
Which information asset is associated with the significant risks?
Are the risks can damage the reputation of the University?
Are the information assets available to everyone?
Is appropriate protection and confidentiality has been provided to every information asset?

5
WFA Template:

Task 3: Threat identification

Threat: Threat refers to the potential of violating an organisation's security (Berman et. al.
2019). It can be defined as any condition or event that causes loss of asset and undesirable
consequences. Irrespective of any countermeasures, the threat always exists in the system.
However, it can be said that these countermeasures can minimise the probability of
information disclosure, Denial of service, tempering with data, or spoofing identity.

Hazard: This can be referred to as a potential source of harm. It can be any situation,
behaviour, an object that can cause damage or injury. Hazard is not always an object that can
be seen physically.

Attack: Attack targets the cyberspace of an organisation with the motive of destroying,
disrupting, and disabling a computing environment or infrastructure (Kent, 2016). It is the act
of damaging the integrity of the data. Generally, a cyber attacker steals any confidential or
beneficial information from the victim’s network. It is a malicious activity that targets the IT
systems to attain financial gain. Malware, phishing, and crypto-jacking are some of the
common cyber-attack methods.

Incident: Incident is termed as any event or anything that provides unauthorised access to a
security incident, attempted unauthorised use, disclosure, access for the destruction of
information (Rashid et. al. 2018). Examples of security incidents are computer system
breaches.

Sophos Group plc is a British hardware and security software company founded in 1985. As
per the Sophos 2021 threat report, the biggest threat is Ransomware (Sophos, 2021). This is a

6
scary prospect and a significant problem that can attack companies, government agencies, or
individuals. Ransomware can be said as a type of malware that prevents the users from
accessing the files and system. It demands payment to gain access. The types of Ransomware
are scareware, screen lockers, and encrypting Ransomware.

The top threats that can damage the information assets of the Southern Cross University are
phishing attacks, cloud jacking, Denial of service, SQL injections, and man in the middle.

A phishing attack is an engineering attack used to steal the user's data (Gratian et. al. 2018).
It can be non-email phishing attacks, direct interaction phishing, and malicious links inside
shared files. Its delivery method includes using legitimate links, URL shortness, and
confusing the filter with excess noise. The working mechanism of phishing is based on email
phishing scams and spear phishing.

Cloud jacking is the also known as cloud hijacking, is a threat when the hacker takes over a
company’s cloud account (Ganin et. al. 2020). The threat agents are malicious service agents,
trusted attackers, and anonymous attackers. This is one of the most dangerous and evolving
cybersecurity threats. Misconfiguration is the factor driving the majority of the incidents.
This generally occurs when the cloud of an organisation is stolen.

Denial of service is another type of attack on a service that affects normal functioning. The
target of this cyber-attack is online services, including websites. In order to understand the
working mechanism of Denial of service, there are different methods through which it can be
carried out. This can cost in terms of the money and time to the University while the
resources and services are inaccessible.

SQL injection is the technique utilised to attack data-driven applications (Anbar et. al. 2020).
This enables the attacker to gain unauthorised access and using sensitive data of the
organisation. Cyber attackers use this to find the credentials of others and altering them. The
types of SQL injection attacks are blind SQL, out-of-band, SQL, and in-band SQL.

Man in the middle attack is when criminal places himself in between the user and application.
The purpose of this attack is to steal information such as account details and login credentials.
It has two stages; interception and decryption.

7
Task 4: Threat assessment
Considering the university website as a critical information asset, the weaknesses of the asset
can be analysed based on the primary information security components. The components are
confidentiality, integrity, and availability (Deibert, 2016). The University website contains
crucial information of the student details, staff members, and other employees. It
encompasses the banking details and additional personal data of the stakeholders of the
University. Thus, it is the responsibility of the University to keep this confidential and
protecting from threats. This is the reason the weakness of the asset can be explained with the
help of a confidential security component.

On the other hand, integrity is another significant component as the asset of the University
must be aligned with the moral and ethical values. Ethics are the University's core values, and
hence, maintaining the same is a challenge (Deibert, 2016). Further, the availability of the
information should be only for the trustworthy and responsible people who are in actual need
of the details. This should not be available for everyone.

The ranking of the threats can be done as a phishing attack, Cloud jacking, SQL injections,
man-in-the-middle, and Denial of services. This threat cannot affect the information assets by
appropriately preventing the assets. The University can understand the working mechanism
of these threats to identify their potential impact and prevent the same. For example, to
prevent phishing attacks, the University can take several steps such as not clicking unknown
links get free anti-phishing add-ons, and rotating the passwords regularly.

Different tactics to prevent Denial of service attacks are developing a denial-of-service

response plan, securing network infrastructure, and understanding the warning signs. With a
view to formulating a response plan, a system checklist can be drafted. After that, a response
team can be formed that is responsible for defining notifications and the escalation process.
The University’s cloud jacking can be secured by managing user access to improve Cloud
Computing security and considering cloud-to-cloud backup solutions.

The man in the middle technique also affects the system and information assets badly. Hence,
the impact can be minimised by building strong login credentials and having a virtual private
network. The University can use VPN to ensure that sensitive data is safe. Apart from this,
public key pair-based authentication can be used in various layers to safeguard
communication.

8
Moreover, the organisations also have the opportunity to prevent the assets from SQL
injection attacks. The influence and chances of such attacks can be reduced by following
proper strategies and actions. For instance, the organisation can train and maintain awareness,
regular scanning, and adopting the latest technologies.

Conclusion
From the above analysis, it can be articulated that the importance of cybersecurity is also
growing with the increasing cyber-crimes. Organisations and Universities are adopting the
cybersecurity risk assessment to identify the significant threats and dealing the same.
Moreover, the report reveals the University's information assets that are valuable for the
organisation and needs to be protected from threats.

9
References
Almeshekah, M.H. and Spafford, E.H., (2016). Cyber security deception. In Cyber
deception (pp. 23-50). Springer, Cham.

Anbar, M., Abdullah, N. and Manickam, S., (2020). Advances in Cyber Security. Springer
Singapore.

Apruzzese, G., Colajanni, M., Ferretti, L., Guido, A. and Marchetti, M., (2018, May). On the
effectiveness of machine and deep learning for cyber security. In 2018 10th international
conference on cyber Conflict (CyCon) (pp. 371-390). IEEE.

Berman, D.S., Buczak, A.L., Chavis, J.S. and Corbett, C.L., (2019). A survey of deep
learning methods for cyber security. Information, 10(4), p.122.

Deibert, R., (2016). Cyber-security. In Routledge handbook of security studies (pp. 186-196).
Routledge.

Ganin, A.A., Quach, P., Panwar, M., Collier, Z.A., Keisler, J.M., Marchese, D. and Linkov,
I., (2020). Multicriteria decision framework for cybersecurity risk assessment and
management. Risk Analysis, 40(1), pp.183-199.

Graham, J., Olson, R. and Howard, R. eds., (2016). Cyber security essentials. CRC Press.

Gratian, M., Bandi, S., Cukier, M., Dykstra, J. and Ginther, A., (2018). Correlating human
traits and cyber security behavior intentions. computers & security, 73, pp.345-358.

Kent, A.D., (2016). Cyber security data sources for dynamic network research. In Dynamic
Networks and Cyber-Security (pp. 37-65).

Leuprecht, C., Skillicorn, D.B. and Tait, V.E., (2016). Beyond the Castle Model of cyber-risk
and cyber-security. Government Information Quarterly, 33(2), pp.250-257.

Rashid, A., Danezis, G., Chivers, H., Lupu, E., Martin, A., Lewis, M. and Peersman, C.,
(2018). Scoping the cyber security body of knowledge. IEEE Security & Privacy, 16(3),
pp.96-102.

Schatz, D., Bashroush, R. and Wall, J., (2017). Towards a more representative definition of
cyber security. Journal of Digital Forensics, Security and Law, 12(2), p.8.

10
Sophos, (2021). Sophos 2021 threat report. [Online]. Accessed through:
<https://www.sophos.com/en-us/medialibrary/pdfs/technical-papers/sophos-2021-threat-
report.pdf>. Accessed on: 30th July, 2021.

Southern Cross University, (2021). Overview. [Online]. Accessed through:

https://studyabroad.shiksha.com/australia/universities/southern-cross-university/admissions.
Accessed on: 30th July, 2021.

Stevens, T., (2016). Cyber security and the politics of time. Cambridge University Press.

Stevens, T., (2018). Global cybersecurity: New directions in theory and methods. Politics and
Governance, 6(2), pp.1-4.

Sun, C.C., Hahn, A. and Liu, C.C., (2018). Cyber security of a power grid: State-of-the-
art. International Journal of Electrical Power & Energy Systems, 99, pp.45-56.

Thames, L. and Schaefer, D., (2017). Cybersecurity for industry 4.0. Heidelberg: Springer.

von Solms, B. and von Solms, R., (2018). Cybersecurity and information security–what goes
where?. Information & Computer Security.

11