Professional Documents
Culture Documents
Cybersecurity Assessemnt 3.edited
Cybersecurity Assessemnt 3.edited
The report explores different risks that can affect PEP and develop a mitigation plan to help the
company handle these risks. All risks are categorized in the STRIDE model and listed in decreasing risk
impacts. The Spoofing attack is the major attack identified in the analysis. To mitigate spoofing, PEP is
recommended to use packet filters to prevent malicious and unwanted internet protocols from entering
the network. PEP's security personnel should define applicable rules that can block all unwanted IPs and
allow only known and trusted IPs. PEP should also implement robust encryption/authentication protocol
to ensure data integrity between communicating nodes and safeguard against spoofing. The threat
analysis based on the likelihood and consequences is also provided to understand risks that should be
prioritized. Analyzing threats is vital in establishing the impact of risk and the appropriate measures to
mitigate those threats. PEP should prioritize all threats that have levels that are above the tolerance
level and treat them to be in the range of the organization's level.
Table of Contents
Executive Summary.....................................................................................................................................1
Introduction.................................................................................................................................................1
Discussion of APP and GDPR........................................................................................................................2
Threat list and STRIDE categorization summary..........................................................................................2
Threat Analysis............................................................................................................................................7
Risk Matrix...............................................................................................................................................8
Threats and Controls...................................................................................................................................9
Mitigation scheme.....................................................................................................................................12
Need for ongoing cybersecurity............................................................................................................12
Conclusion.................................................................................................................................................13
References.................................................................................................................................................13
Introduction
A ransomware attack against JBS Food prompts renewed calls for other agricultural and food sectors
such as Peters Excellent Packers (PEP) to implement new cybersecurity protections to protect the data
and information systems. The fact that JBS Food paid the ransom signifies to perpetrators that it can
work, and hence food sector companies should expect more attacks. The food sector is a critical part of
the economy, making it a likely target for cyber-attacks. PEP wants its IT system to be reviewed to figure
out how vulnerable they are to cyber-attacks. PEP does not have system-wide intrusion detection and
prevention, which puts it at high risk of a cyber-attack. A risk mitigation plan is a vital element that
ensures that an organization plans for disasters and lessens the negative impact. Proper risk mitigation
evaluates the impact of different risks and prioritizes planning based on the impact. Proper risk
mitigation entails first pinpointing potential risks and then implementing strategies to help lessen or
stop the risk. Some of the strategies employed in risk mitigation planning and monitoring are accepting
the risk, avoiding the risk, controlling risk, transferring the risk, and monitoring the risk. In today's world,
ignoring data privacy issues can have detrimental impacts on the organization. Breaching GDPR and
Australian Privacy Policies (APP) comes with hefty fines and reputation damage. This report explores
different risks that can affect PEP and develop a mitigation plan to help the company handle these risks.
Collect anonymous information instead of personal information and delete or correct personally
identifiable information
Obtaining consent for new uses of sharing of user data with a third party. PEP should also check
whether the third party has appropriate privacy practices.
Notifying users when their personal information is collected
Protecting the personal information it holds by having policies and measures to mitigate various
threats that cause security breaches.
GDPR
Based on GDPR, an organization should provide individuals with privacy notice that is accurate,
transparent, and easily accessible (Goddard, 2017, p. 703). The notice should also be written in clear and
plain language and delivered in a timely manner. The GDPR also specifies the type of information that a
company needs to share in the privacy notice. The user must be explained the right to withdraw consent
at any time, the right to lodge complaints, the right to erasure, the right to data portability, and the
rights related to automated data decision making and profiling.
Threat list and STRIDE categorization summary
STRIDE model is a powerful model that helps an organization identify all threats it is exposed to
(Abomhara et al., 2015, p. 89). The STRIDE model prioritizes threats and figures outs their consequences
and likelihood. The risks below are listed in decreasing risk impacts.
Malicious actors erasing and truncating log files to hide their tracks
1. Spoofing
Spoofing occurs when a malicious cyber actor tricks the user in order to access the
system, distribute malware, or steal personal information (Jiang et al., 2020, p. 1).
Risk Level: High 4C
2. Information disclosure
This occurs when a user accesses unauthorized and personal information
Risk Level: Medium Likelihood and Consequences Rating: 3C
4. Tampering
Tampering is maliciously altering or changing the data in a network, in transit, or a
database.
Risk Level: Low Likelihood and Consequences Rating: 2D
6. Repudiation
This is an explicit denial of performing a task when there is no proof that a specific
user performed a certain task.
As a security consultant, I talked to employees and other experts to understand the impact and
likelihood of an attack in PEP systems. Some of the questions asked include
Risk Matrix
A risk matrix is helpful in risk assessment by visualizing the likelihood and impact of potential risks in an
organization. The risk matrix provides a visual representation of risks associated with an organization.
Consequence scale
PEP should prioritize all threats that have levels that are above the tolerance level and treat them to be
in the range of the organization's level. Risks that have negligible consequences and are very unlikely
should be accepted. Repudiation threats should be accepted since they have negligible consequences
and a very unlikely probability.
Mitigation scheme
In this section, a suitable mitigation plan is provided that will help PEP keep its network secure. The
handling techniques that PEP can embrace to protect the organization network are avoiding the risk,
controlling the risk, monitoring the risk, and accepting the risks.
The following are some of the threats that PEP should avoid:
Phishing (spoofing)
Injection attack (tampering)
Modification of data (tampering)
Information disclosure (information disclosure)
Eavesdropping in a clear text (information disclosure)
Gaining root-level privileges using buffer overflow (elevation of privileges)
SYN flood attack (Denial of services)
Threats that should be accepted
Link: https://www.provendatarecovery.com/blog/cyber-security-cost-expenses-fees/
Conclusion
The report performs the risk analysis and identifies controls that PEP should employ to protect its
system against a data breach like the one that JBS Food experienced. The food sector is a critical part of
the economy, making it a likely target for cyber-attacks. A risk mitigation plan is a vital element that
ensures that an organization plans for threats and lessens the negative impact. Proper risk mitigation
evaluates the impact of different risks and prioritizes planning based on the impact. PEP should comply
with Australian Privacy policies and GDPR to prevent facing regulatory action and penalties. STRIDE
model help to prioritize threats and pinpoints the consequences and likelihood of a threat. Spoofing is
the most likely threat with major consequences that PEP is likely to experience. Spoofing occurs when a
malicious cyber actor tricks the user in order to access the system, distribute malware, or steal personal
information. The threat analysis is based on the probability of occurring and the negative consequences
if it does. Analyzing threats is vital in establishing the impact of risk and the appropriate measures to
mitigate those threats. PEP should prioritize all threats that have levels that are above the tolerance
level and treat them to be in the range of the organization’s level. To protect against spoofing threats,
PEP should implement packet filters and strong encryption protocols. The recommended mitigation
scheme should be aimed to prevent phishing, injection attack, modification of data, information
disclosure, and SYN flood attack.
References
Abomhara, M., Gerdes, M., & Køien, G. M. (2015). A stride-based threat model for telehealth systems.
Norsk informasjonssikkerhetskonferanse (NISK), 8(1), 82-96.
https://www.researchgate.net/profile/Mohamed-Abomhara/publication/291766457_A_STRIDE-
Based_Threat_Model_for_Telehealth_Systems/links/56a5de3208ae1b6511345e4a/A-STRIDE-
Based-Threat-Model-for-Telehealth-Systems.pdf *
Diekmann, C., Michaelis, J., Haslbeck, M., & Carle, G. (2016). Verified iptables firewall analysis. 2016 IFIP
Networking Conference (IFIP Networking) and Workshops,
https://ieeexplore.ieee.org/abstract/document/7497196/
Dinesha, H., & Agrawal, V. K. (2012). Multi-level authentication technique for accessing cloud services.
2012 International Conference on Computing, Communication, and Applications,
https://ieeexplore.ieee.org/abstract/document/6179130/
Goddard, M. (2017). The EU General Data Protection Regulation (GDPR): European regulation that has a
global impact. International Journal of Market Research, 59(6), 703-705.
https://journals.sagepub.com/doi/pdf/10.2501/IJMR-2017-050 *
Harini, C., & Fancy, C. (2021). A Study on the Prevention Mechanisms for Kernel Attacks. In Artificial
Intelligence Techniques for Advanced Computing Applications (pp. 11-17). Springer.
https://link.springer.com/chapter/10.1007/978-981-15-5329-5_2 *
Jiang, Z., Zhao, K., Li, R., Zhao, J., & Du, J. (2020). PHYAlert: identity spoofing attack detection and
prevention for a wireless edge network. Journal of Cloud Computing, 9(1), 1-13.
https://journalofcloudcomputing.springeropen.com/articles/10.1186/s13677-020-0154-7 *
Kitchen, J. T., Coogan, D. R., & Christian, K. H. (2021). The Evolution of Legal Risks Pertaining to Patch
Management and Vulnerability Management. Duq. L. Rev., 59, 269. https://heinonline.org/hol-
cgi-bin/get_pdf.cgi?handle=hein.journals/duqu59§ion=15
Mäurer, N., & Schmitt, C. (2019). Towards Successful Realization of the LDACS Cybersecurity
Architecture: An Updated Datalink Security Threat-and Risk Analysis. 2019 Integrated
Communications, Navigation, and Surveillance Conference (ICNS),
https://ieeexplore.ieee.org/abstract/document/8735139/
Prem, S. P., & Reddy, B. I. (2019). Phishing and Anti-Phishing Techniques. International Research Journal
of Engineering and Technology, 6(7), 1446-1452.
https://www.academia.edu/download/60473049/IRJET-V6I718420190903-94123-1p7iedv.pdf *
Selvadurai, N. (2013). Protecting online information privacy in a converged digital environment–the
merits of the new Australian privacy principles. Information & Communications Technology Law,
22(3), 299-314. https://www.tandfonline.com/doi/abs/10.1080/13600834.2013.856125 *
Sun, J., Yao, X., Wang, S., & Wu, Y. (2020). Non-repudiation storage and access control scheme of
insurance data based on blockchain in IPFS. IEEE Access, 8, 155145-155155.
https://ieeexplore.ieee.org/abstract/document/9174837/
Yu, Z., Zhang, W., & Dai, H. (2017). A trusted architecture for virtual machines on cloud servers with a
trusted platform module and certificate authority. Journal of Signal Processing Systems, 86(2-3),
327-336. https://link.springer.com/content/pdf/10.1007/s11265-016-1130-9.pdf *