Advanced Cybersecurity Threat Analysis and Mitigation

.docx

School

Royal Melbourne Institute of Technology *

*We aren’t endorsed by this school

Course

1002

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

5

Uploaded by jamieteh

Report
INTE1002 Digital Risk Management Information Security Assessment Task 1 Advanced Cybersecurity Threat Analysis and Mitigation Word Count: 952
In an era where the education sector integrates the use of technology and digital platforms in learning, educational institutions may be an appealing target to cybercriminals. This is due to the stores of sensitive data, intellectual property and personal data on staff, parents and students (Gurinaviciute 2024). The table below shows potential threats and vulnerabilities, its advanced mitigation strategies, impact analysis and future-proofing cybersecurity for Eastern Suburbs Primary School while considering the budget constraints for a relatively small K-6 school. Threat Identification MITRE ATT&CK Tactic Vulnerability Assessment Advanced Mitigation Strategies Impact Analysis Future-proofing Cybersecurity Cyberbullying - The use of digital media by an individual to harass, intimidate or humiliate to inflict harm onto others (Tokunaga 2010) Impact - Unmonitored student Internet access - Lack of control over student activities on school-issued tablets - Use web filtering software to restrict access to social media platforms and other inappropriate online content during school hours (Vicks 2013) - Implement AI-driven content filtering and monitoring to detect, flag and block inappropriate content in real-time - Utilize AI to intercept and block harassment and bullying content (Ige and Adewale 2022) - Emotional and psychological impact on victims of cyberbullying - Impacts well- being and academic performance of victims - Tarnish school’s reputation and loss of trust from parents and community - Disrupts school operations - Potential legal liabilities - Students, parents and staff are vulnerable to emotional, physical or financial harm if sensitive data is used - Compromised records can lead to identity theft, financial fraud and privacy violations - Compromised integrity of school’s online presence - Could result in - Educate students on responsible internet usage - Establish clear guidelines and consequences of cyberbullying - Encourage open communications among students, teachers and parents regarding cyberbullying incidents Data Breach - When sensitive information held by school is accessed and used by an unauthorized party Initial Access - Outdated PHP and SQL within outdated website - Security patches not up to date - Unsecured WiFi - Update website’s backend technologies by leveraging open- source alternatives to proprietary software - Use AI to detect anomalies and respond to suspicious access patterns - Implement free web application firewalls (WAFs) to monitor and filter HTTP traffic for potential threats (F5 n.d.) - Implement Zero Trust architecture to enforce strict access to student records like - Periodic maintenance and updates for website - Regular security audits to assess existing security controls and identify potential weaknesses in the WiFi network
multi-factor authentication (MFA) for parent portal access - Use latest security protocol, WPA3, to encrypt and secure WiFi network legal repercussions - The most urgent vulnerabilities that are essential to address are the unsecured WiFi network, the outdated website and the unsecured parent portal Phishing - Attempts by cybercriminals to trick users to obtain sensitive information Initial Access - Lack of education of cyberthreats among students, parents and staff members - Inadequate email security measures - Security TLS encryption between email servers - Use AI-driven email filtering to scan and flag suspicious emails before they reach recipients (Sennovate n.d.) - Encourage students, parents and staff to participate in cybersecurity awareness sessions to learn to recognize phishing attacks Internet of Things (IoT) Device Exploitation - Vulnerabilities within school devices can be used to compromise IT infrastructure and the data it contains Initial Access and Execution - School- issued tablets that are taken home, lab computers and laptops could be exploited due to lack of security controls - Ensure security updates and patches on these devices are constantly installed - Use open-source endpoint security solutions for essential security features - Implement Zero Trust architecture like multi-factor authentication (MFA) for access to school devices - Implement over- the-air (OTA) updates to streamline update process - Use basic Mobile Device Management (MDM) practices to enhance device security in the long term Ransomware Attack - Encrypting school’s data and demanding payment in exchange for decryption key Initial Access and Execution - Unsecured WiFi - Unmonitored school-issued tablets and devices - Lack of advanced threat detection - Unsecured endpoints - Outdated software - Use latest security protocol, WPA3, to encrypt and secure WiFi network - Utilize free ransomware detection tools - Network segmentation using low-cost router and firewall configurations to isolate critical systems (Alshaikh et al. 2020) - Back up data on a regular basis to the cloud or an external drive that is disconnected when not in use - Provide training for employees to recognize common attack vectors used to deliver malware or initiate ransomware attack - Incident response planning for future attacks Malware Infections - Infiltration of Execution and Persistence - Deploy free antimalware software and endpoint detection - Implement free web
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help