11.4: Team Activity
- Page ID
- 4387
\( \newcommand{\vecs}[1]{\overset { \scriptstyle \rightharpoonup} {\mathbf{#1}} } \) \( \newcommand{\vecd}[1]{\overset{-\!-\!\rightharpoonup}{\vphantom{a}\smash {#1}}} \)\(\newcommand{\id}{\mathrm{id}}\) \( \newcommand{\Span}{\mathrm{span}}\) \( \newcommand{\kernel}{\mathrm{null}\,}\) \( \newcommand{\range}{\mathrm{range}\,}\) \( \newcommand{\RealPart}{\mathrm{Re}}\) \( \newcommand{\ImaginaryPart}{\mathrm{Im}}\) \( \newcommand{\Argument}{\mathrm{Arg}}\) \( \newcommand{\norm}[1]{\| #1 \|}\) \( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\) \( \newcommand{\Span}{\mathrm{span}}\) \(\newcommand{\id}{\mathrm{id}}\) \( \newcommand{\Span}{\mathrm{span}}\) \( \newcommand{\kernel}{\mathrm{null}\,}\) \( \newcommand{\range}{\mathrm{range}\,}\) \( \newcommand{\RealPart}{\mathrm{Re}}\) \( \newcommand{\ImaginaryPart}{\mathrm{Im}}\) \( \newcommand{\Argument}{\mathrm{Arg}}\) \( \newcommand{\norm}[1]{\| #1 \|}\) \( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\) \( \newcommand{\Span}{\mathrm{span}}\)\(\newcommand{\AA}{\unicode[.8,0]{x212B}}\)
Overview
Student teams organize the materials on their sector and their fictitious organization into a final presentation to be shared with the class.
Team Activity Objectives
- Select appropriate vulnerability assessment frameworks and tools as part of a risk assessment of a CI system.
- Identify and describe cybersecurity threats, risks, vulnerabilities, and attacks as they apply to CI systems.
- Identify an appropriate risk management strategy for CISR.
Assignment
Draw on the past work your team has done on your fictitious organization and its sector:
- Standards and the role of your sector-specific agency, Module 1 Team Activity
- Industrial control/SCADA and business IT systems used within the organization, Module 2 Team Activity
- Defense-In-Depth Strategies, Module 3 Hands-on Activity
- Network diagram, Module 3 Team Activity
- Risk management framework, Module 4 Team Activity
- Threat possibilities and risk assessment standards, Module 5 Team Activity
- Plans for using vulnerability scanning and/or penetration testing, Module 6 Team Activity
- CSET Risk Assessment, Module 7 Team Activity
- Security controls to be implemented, Module 8 Team Activity
- Incidence Response Plan, Module 9 Team Activity
- Relevant governance and policy issues, Module 10 Team Activity
Prepare a summary of your team’s case study project for the class. Be sure that your team’s presentation addresses the following:
- What you discovered about cybersecurity vulnerabilities as they relate to your particular sector
- What mitigation techniques can be used to alleviate these issues
- Suggestions you have for further strengthening your network’s security
- The role of government regulation in the functioning of your organization