When you have completed the risk threat matrix, a designated team

 

At the start of this course, you were divided into teams, and each team was assigned to a nation in the Five Eyes intelligence alliance. As a nation team, you collaborated to represent and defend the cybersecurity policy and posture of the nation assigned to you.

Your team was also assigned to a critical infrastructure sector, which you will also represent in Project 4. Research for Project 4 is designed to span the entire term, and your team is expected to complete it in parallel with Projects 1 through 3.

You will work with your team to prepare for and then complete the Executive Leadership In Tabletop Exercises (ELITE) activity, and then write a report that identifies risks to cyber networks within the critical infrastructure industry segment assigned to your team and proposes recommendations to mitigate risks and make the networks more secure. This project will span across the entire course, but should take about 24 days to complete. After reading the scenario below, proceed to Step 1 where you will establish your team agreement plan.

This is what I will need help on:

1. Much like a real battle against cyber criminals, the pace of ELITE is rapid, automated, and completely unforgiving of missed deadlines. As a team, you will review the security defense strategies you have determined for your sector. Conduct independent research on your assigned sector and share your findings with your team. After studying the supporting information of your sector, your team will determine and report the noted risks to your sector and your organization in the form of a two-page Risk Profile.

As a team, think about security controls for your sector and use the team’s group Discussion area to confer with your team regarding control selection. Your team should support your strategy by providing risk management techniques through the selection of security controls. These security controls will inform your risk profile and might also be used in ELITE.

From previous projects that dealt in the international domain, include nation state actors that have been deemed threats to your team sector. You can use different sources of threat intelligence to gain deeper understanding of your sector and its methods for critical infrastructure protection. Many sectors are remotely monitored using industrial control systems (SCADA) and if this is found to be true in your team sector, this description should be included in the risk profile. Also, include an analysis of possible sources and situations of insider threats and if at any time your sector was exploited by an insider threat. Include how this was detected and what means were used to recover from that type of exploitation. These measures and countermeasures could be part of a security plan and may be incorporated in your selection of security controls in ELITE.

When you have completed the Risk Profile, a designated team member should submit it for feedback.

Much like a real battle against cyber criminals, the pace of ELITE is rapid, automated, and completely unforgiving of missed deadlines. As a team, you will review the security defense strategies you have determined for your sector. Conduct independent research on your assigned sector and share your findings with your team. After studying the supporting information of your sector, your team will determine and report the noted risks to your sector and your organization in the form of a two-page Risk Profile.

As a team, think about security controls for your sector and use the team’s group Discussion area to confer with your team regarding control selection. Your team should support your strategy by providing risk management techniques through the selection of security controls. These security controls will inform your risk profile and might also be used in ELITE.

From previous projects that dealt in the international domain, include nation state actors that have been deemed threats to your team sector. You can use different sources of threat intelligence to gain deeper understanding of your sector and its methods for critical infrastructure protection. Many sectors are remotely monitored using industrial control systems (SCADA) and if this is found to be true in your team sector, this description should be included in the risk profile. Also, include an analysis of possible sources and situations of insider threats and if at any time your sector was exploited by an insider threat. Include how this was detected and what means were used to recover from that type of exploitation. These measures and countermeasures could be part of a security plan and may be incorporated in your selection of security controls in ELITE.

When you have completed the Risk Profile, a designated team member should submit it for feedback.

(2) You are familiar with the cybersecurity standards organizations and understand policy objectives of your sector and the resulting cyber defense strategy that provides the security of communications while meeting sector goals and objectives. As leadership representatives for your sector, work as a team to create a Risk Threat Matrix that incorporates what was learned from the security risk profile with the cyber defense strategy of the sector, and uses that to select security controls to be implemented for the sector.

When you have completed the Risk Threat Matrix, a designated team member should submit it for feedback.

It supposed to be two questions