Cybersecurity Capstone Tr4 Analysis Report - Avisitel Telecommunications Round
Autor: remiaderele • April 21, 2017 • Research Paper • 2,353 Words (10 Pages) • 1,053 Views
Cybersecurity Capstone TR4 Analysis Report -
Avisitel Telecommunications Round #3
Yomphana Adams, Aderemi Aderele, Jamal Al Taher Taha
Timothy Asbacher, Levar Barner
UMUC
CSEC 670 9044 Cybersecurity Capstone (2172)
Professor Douglas DePeppe, Esq.
April 16, 2017
Table of Contents
Introduction 3
Round 4 Important Security Controls 3
Insider Access Attack 4
Rootkit Attack 4
Patriot Act 4
Values for the Most Important Security Controls 5
Effect of the Controls on Avisitel’s Budget 7
Avisitel Index Results 8
Lessons Learned and Team Strategy Considerations 9
Observations from Round Four 9
Conclusion 9
References 10
Appendix 1 – Avisitel Round 4 Results 11
Appendix 2 – Avisitel Round 4 Reports Summary 12
Appendix 3 – Avisitel Round 4 Cross Team Impact 13
Introduction
Avisitel successfully mitigated cyber threats this final round. The two new threats the company faced were insider access attack and the Mintalos rootkit packet attack. Avisitel’s early implementation of strict security controls that reflected corporate policies to protect our systems and data resulted in a triumphant security campaign. Our decisions aided in an overall increase for the company’s security, disaster readiness, compliance and resiliency. However, Avisitel still experienced negative results affecting downtime, profitability, customer satisfaction and popular sentiment.
Round 4 Important Security Controls
The Avisitel team faced two new threats in this round, again it appears that our controls prevented our systems from being impacted directly by our team decisions. The two threats introduced in this round were an insider access attack and a rootkit. In this round, we also made the decision to comply with the Patriot Act information request from the previous round when required to do so in response to a National Security Letter. As in the previous rounds, we maintained our initial strategy of having strict policies and strong defenses from the beginning. The team made some minor adjustments to the controls not to increase cybersecurity, but in attempt to raise some of the other indices that were lagging such as profitability, downtime, employee morale, popular sentiment, and productivity. These adjustments did not work so well if the results that the simulator reflect are correct. Some of the indices actually indicate that Avisitel may have been impacted by the insider access attack even though the results state otherwise. The more important controls for this round are described below.
...