11.4: Team Activity
Overview
Student teams organize the materials on their sector and their fictitious organization into a final presentation to be shared with the class.
Team Activity Objectives
- Select appropriate vulnerability assessment frameworks and tools as part of a risk assessment of a CI system.
- Identify and describe cybersecurity threats, risks, vulnerabilities, and attacks as they apply to CI systems.
- Identify an appropriate risk management strategy for CISR.
Assignment
Draw on the past work your team has done on your fictitious organization and its sector:
- Standards and the role of your sector-specific agency, Module 1 Team Activity
- Industrial control/SCADA and business IT systems used within the organization, Module 2 Team Activity
- Defense-In-Depth Strategies, Module 3 Hands-on Activity
- Network diagram, Module 3 Team Activity
- Risk management framework, Module 4 Team Activity
- Threat possibilities and risk assessment standards, Module 5 Team Activity
- Plans for using vulnerability scanning and/or penetration testing, Module 6 Team Activity
- CSET Risk Assessment, Module 7 Team Activity
- Security controls to be implemented, Module 8 Team Activity
- Incidence Response Plan, Module 9 Team Activity
- Relevant governance and policy issues, Module 10 Team Activity
Prepare a summary of your team’s case study project for the class. Be sure that your team’s presentation addresses the following:
- What you discovered about cybersecurity vulnerabilities as they relate to your particular sector
- What mitigation techniques can be used to alleviate these issues
- Suggestions you have for further strengthening your network’s security
- The role of government regulation in the functioning of your organization