CMIT 495 Project 4: The Cybersecurity Threat Landscape Team Assignment

Advanced persistent threats (APTs) have been thrust into the spotlight due to their advanced tactics, techniques, procedures, and tools. These APTs are resourced unlike other types of cyber threat actors.

Your chief technology officer (CTO) has formed teams to each develop a detailed analysis and presentation of a specific APT, which she will assign to the team.

This is a team assignment, and the team members that were selected by the instructor in the previous assignment will work together. It is up to the team members to decide who is responsible for contributing to the sections of the paper. Remember, if a member fails to complete his or her part of the work, the team is still responsible for all sections.

Note that you are required to complete a peer review for yourself and for each member of the team. The peer review template is provided in the Activities folder.

Your team’s report should use the The Cybersecurity Threat Landscape Team Assignment Resources to cover the following five areas:

Part 1: Threat Landscape Analysis

- Provide a detailed analysis of the threat landscape.
- What has changed over the past year?
- Describe common tactics, techniques, and procedures to include threat actor types.
- What are the exploit vectors and vulnerabilities threat actors are predicted to take advantage of?

Part 2: APT Analysis

- Provide a detailed analysis and description of the APT your group was assigned. Describe the specific tactics used to gain access to the target(s).
- Describe the tools used. Describe what the objective of the APT was/is. Was it successful?

Part 3: Cybersecurity Tools, Tactics, and Procedures

- Describe current hardware- and software-based cybersecurity tools, tactics, and procedures.
- Consider the hardware and software solutions deployed today in the context of defense-in-depth.
- Elaborate on why these devices are not successful against the APTs.

Part 4: Machine Learning and Data Analytics

- Describe the concepts of machine learning and data analytics and how applying them to cybersecurity will evolve the field.
- Are there companies providing innovative defensive cybersecurity measures based on these technologies? If so, what are they? Would you recommend any of these to the CTO?

Part 5: Using Machine Learning and Data Analytics to Prevent APT

- Describe how machine learning and data analytics could have detected and/or prevented the APT you analyzed had the victim organization deployed these technologies at the time of the event. Be specific

Part 6: Ethics in Cybersecurity

Do you think the vulnerability(ies) exploited by the APT constitute an ethical failure by the defender? Why or why not?
For the APT your group studied, were there identifiable harms to privacy or property? How are these harms linked to C-I-A? If not, what ethically significant harms could result from the scenario your group researched?
For the APT your group studied, when the targeted organization identified the breach, was the disclosure made with transparency? Do you feel the organization acted ethically? Why or why not?

Notes

Use additional sources of information but also describe the concept in layman’s terms.
Use visuals where appropriate.
While quality is valued over quantity, it is expected that a quality paper will result in a minimum length of 10–15 pages.
You will be assigned an individual grade for this assignment based on your contribution to the overall project.

How Will My Work Be Evaluated?

The following evaluation criteria aligned to the competencies will be used to grade your assignment:

1.1.3: Present ideas in a clear, logical order appropriate to the task.
2.1.3: Explain the significance of the issue or problem.
4.1.1: Establish a collaborative approach for working together as a team.
4.2.4: Prepare a finished teamwork product.
10.1.1: Identify the problem to be solved.
12.6.1: Identify the controls needed for confidentiality.
12.6.2: Identify the controls needed for integrity.
12.6.3: Identify the controls needed for availability.
12.7.2: Explain the process of analyzing IT incidents.
14.1.1: Explain how ethical principles used in the information technology industry apply to the welfare and safety of stakeholders and society.

Submitting Your Work

When complete, export your file as a PDF and upload to the LEO Assignments Folder (e.g., Week 5 & 6 – The Cybersecurity Threat Landscape Group Assignment).
- Note: Only one group member is required to submit the team assignment, but all team members must submit their own peer review.

Download the Week 5 & 6 – Peer Review Template from the The Cybersecurity Threat Landscape Team Assignment Resources page.
Answer the questions and rate your teammates appropriately.
Export to a PDF and email to your instructor.

Due Date

Sep 26, 2023 11:59 PM

Rubric Name: Project 4: The Cybersecurity Threat Landscape Team Assignment

Evaluation Criteria	Exceeds 10 points	Meets 8.5 points	Approaches 7.5 points	Does not Meet 0 points	Criterion Score
1.1.3: Present ideas in a clear, logical order appropriate to the task.	Presents a logical flow of ideas that is easily identifiable and completely appropriate to the task.	Presents ideas in a clear, logical order appropriate to the task.	Attempts to present ideas, but the logic is not clear and/or not appropriate to the task.	Does not present ideas in a clear, logical order appropriate to the task.	Score of 1.1.3: Present ideas in a clear, logical order appropriate to the task., / 10
2.1.3: Explain the significance of the issue or problem.	Explains the significance of the issue or problem succinctly and thoroughly.	Explains the significance of the issue or problem.	Attempts to explain the significance of the issue or problem, but the explanation is not clear or is not appropriate for the context.	Does not explain the significance of the issue or problem.	Score of 2.1.3: Explain the significance of the issue or problem., / 10
4.1.1: Establish a collaborative approach for working together as a team.	Establishes an inclusive and highly collaborative approach for working together as a team.	Establishes a collaborative approach for working together as a team.	Attempts to establish an approach for working together as a team, but it is not fully collaborative and/or inclusive.	Does not establish a collaborative approach for working together as a team.	Score of 4.1.1: Establish a collaborative approach for working together as a team., / 10
4.2.4: Prepare a finished teamwork product.	Prepares a polished and thorough finished team work product.	Prepares a finished team work product.	Attempts to prepare a team work product but it is not fully finished or polished.	Does not prepare a finished team work product.	Score of 4.2.4: Prepare a finished teamwork product., / 10
10.1.1: Identify the problem to be solved.	Presents a relevant IT problem clearly and specifically.	Presents an IT problem that requires a solution.	Identifies an IT problem but may lack clarity and/or specificity regarding the need to be addressed.	Does not identify an IT problem to be solved.	Score of 10.1.1: Identify the problem to be solved., / 10
12.6.1: Identify the controls needed for confidentiality.	Thoroughly explains in detail the controls needed for confidentiality.	Identifies the controls needed for confidentiality.	Identifies some controls for confidentiality, but there are gaps in the explanation, and/or the explanation may not be completely accurate.	Does not identify the controls needed for confidentiality.	Score of 12.6.1: Identify the controls needed for confidentiality., / 10
12.6.2: Identify the controls needed for integrity.	Thoroughly explains in detail the controls needed for integrity.	Identifies the controls needed for integrity.	Identifies some controls for integrity, but there are gaps in the explanation, and/or the explanation may not be completely accurate.	Does not identify the controls needed for integrity.	Score of 12.6.2: Identify the controls needed for integrity., / 10
12.6.3: Identify the controls needed for availability.	Thoroughly explains in detail the controls needed for availability.	Identifies the controls needed for availability.	Identifies some controls for availability, but there are gaps in the explanation, and/or the explanation may not be completely accurate.	Does not identify the controls needed for availability.	Score of 12.6.3: Identify the controls needed for availability., / 10
12.7.2: Explain the process of analyzing IT incidents.	Provides detailed and comprehensive explanations about the process of analyzing IT incidents.	Explains the process of analyzing IT incidents.	Attempts to explain the process of analyzing IT incidents, but some analysis is incomplete or inaccurate, or detail is lacking.	Does not explain the process of analyzing IT incidents.	Score of 12.7.2: Explain the process of analyzing IT incidents., / 10
14.1.1: Explain how ethical principles used in the information technology industry apply to the welfare and safety of stakeholders and society.	Provides detailed explanations about how ethical principles used in the information technology industry apply to the welfare and safety of stakeholders and society.	Explains how ethical principles used in the information technology industry apply to the welfare and safety of stakeholders and society.	Attempts to explain how ethical principles used in the information technology industry apply to the welfare and safety of stakeholders and society but does not articulate the issues clearly or thoroughly.	Does not explain how ethical principles used in the information technology industry apply to the welfare and safety of stakeholders and society.	Score of 14.1.1: Explain how ethical principles used in the information technology industry apply to the welfare and safety of stakeholders and society., / 10

Total

Score of Project 4: The Cybersecurity Threat Landscape Team Assignment,

/ 100

Overall Score

Exceeds

90 points minimum

Meets

80 points minimum

Approaches

70 points minimum

Does not Meet

0 points minimum


Associated Learning Objectives
	1.1.3: Present ideas in a clear, logical order appropriate to the task.
	Assessment Method: Score on Criteria – 1.1.3: Present ideas in a clear, logical order appropriate to the task.
	Required Performance: Meets

	10.1.1: Identify the problem to be solved.
	Assessment Method: Score on Criteria – 10.1.1: Identify the problem to be solved.
	Required Performance: Meets

	12.6.1: Identify the controls needed for confidentiality.
	Assessment Method: Score on Criteria – 12.6.1: Identify the controls needed for confidentiality.
	Required Performance: Meets

	12.6.2: Identify the controls needed for integrity.
	Assessment Method: Score on Criteria – 12.6.2: Identify the controls needed for integrity.
	Required Performance: Meets

	12.6.3: Identify the controls needed for availability.
	Assessment Method: Score on Criteria – 12.6.3: Identify the controls needed for availability.
	Required Performance: Meets

	12.7.2: Explain the process of analyzing IT incidents.
	Assessment Method: Score on Criteria – 12.7.2: Explain the process of analyzing IT incidents.
	Required Performance: Meets

	14.1.1: Explain how ethical principles used in the information technology industry apply to the welfare and safety of stakeholders and society.
	Assessment Method: Score on Criteria – 14.1.1: Explain how ethical principles used in the information technology industry apply to the welfare and safety of stakeholders and society.
	Required Performance: Meets

	2.1.3: Explain the significance of the issue or problem.
	Assessment Method: Score on Criteria – 2.1.3: Explain the significance of the issue or problem.
	Required Performance: Meets

	4.1.1: Establish a collaborative approach for working together as a team.
	Assessment Method: Score on Criteria – 4.1.1: Establish a collaborative approach for working together as a team.
	Required Performance: Meets

	4.2.4: Prepare a finished team work product.
	Assessment Method: Score on Criteria – 4.2.4: Prepare a finished teamwork product.
	Required Performance: Meets

Answer Preview: The Cybersecurity Threat Landscape Team Assignment

The Cybersecurity Threat Landscape Team Assignment

$19.00