The problem description defines the issue you are trying to address with your project. gives the overall description of the client’s business contextidentifies the assets that need to be protectedanalyzes the cybersecurity threats that the client needs to address (threats’ likelihood and impact are addressed).includes a detailed description of the current security posture of the clientIt should clear and sufficiently precise:Week 2 Homework (due 03/5/2020):I uploaded a Sample Problem Description II file on Blackboard.Please use it as an example of what I am expecting.Other remarks:The document should contain a threat analysis. A threat analysis is NOT a vulnerability analysis.A vulnerability is an actual weakness or flaw in an information system that can be exploited. Example: “OpenJPEG through 2.3.1 has a heap-based buffer overflow”.A threat is a potential negative event that can lead to damage or loss of an asset. Example: “Patient records are accessed by an unauthorized individual”.As a reminder, a threat actor is a person, organization, or an entity that will exploit an existing vulnerability. Common threat actors include: hacktivists, cybercriminals, disgruntled insiders, nation states, careless employees, nature.The list of identified threats should be exhaustive.Don’t worry: You will NOT have to provide countermeasures to each of the identified threats.Workloads: Each team member could be responsible for analyzing the threats against a specific asset.Each threat should be rated (impact and likelihood).Usually, cybersecurity professionals provide a qualitative assessment (Low/Medium/High) based on their personal experience.Most advanced techniques use quantitative methods.To help you identify your threats, I uploaded on Blackboard a few whitepapers about current threats. But keep in mind that the threats for your project depend on your business context and assets.Use your knowledge from previous cybersecurity classes when you brainstorm.Team #1: Nelly Delessy-Gassant, …
Secure OpenEMR
Problem Description II
CIS 4891
Spring 2020
Threat Analysis
The following table shows an exhaustive list of applicable threats for each identified asset:
Asset
#
A1
A2
A3
Asset
Scheduling
data
Billing data
Patient
records
Threat
#
T1
Threat
Impact
Likelihood
Risk
Rating
Disclosure:
Eavesdropping of the
data in transit
Medium
Medium
Medium
T2
Disclosure: Social
Engineering
Medium
High
Medium
T3
Disclosure: SQL
injection attack
Medium
Medium
Medium
T4
Modification/Deletion:
Medium
SQL injection attack
Medium
Medium
T5
Disclosure: Memory
disclosure attacks
Medium
Rare
Very
Low
T6
Modification/Deletion:
Medium
Unintentional error
Rare
Low
T7
Disclosure:
Eavesdropping of the
data in transit
Very High
High
Very
High
T8
Disclosure: Social
Engineering
Very High
High
Very
High
T9
Disclosure: SQL
injection attack
Very High
High
Very
High
T10
Modification/Deletion:
Very High
SQL injection attack
High
Very
High
T11
Disclosure: Memory
disclosure attacks
Very High
Rare
Low
T12
Modification/Deletion:
Very High
Unintentional error
Rare
High
T13
Disclosure:
Eavesdropping of the
data in transit
Very High
High
Very
High
Disclosure: Social
Engineering
Very High
High
Very
High
T14
1
A4
A5
Linux Virtual
machine
OS, web
server and
platform
configuration
T15
Disclosure: SQL
injection attack
Very High
High
Very
High
T16
Modification/Deletion:
Very High
SQL injection attack
High
Very
High
T17
Disclosure: Memory
disclosure attacks
Very High
Rare
Low
T18
Modification/Deletion:
Very High
Unintentional error
Rare
High
T19
Disruption: DoS, DDoS
High
Medium
T20
Modification/Deletion:
High
Unintentional error
Rare
Medium
T21
Disclosure /
Modification /
Deletion /
Unauthorized use:
buffer overflow
Rare
Low
A7
OpenEMR
script files
Very High
T22
Modification/Deletion:
Very High
Ransomware
Medium
High
T23
Disclosure /
Modification /
Deletion: Other
malware
High
Medium
High
Disclosure /
Modification /
Deletion /
Unauthorized use:
Password cracking
Very High
High
High
T25
Modification: XSS
injection attack
Very High
High
High
T26
Disclosure /
Modification /
Deletion /
Unauthorized use:
Password cracking
Very High
High
High
T24
A6
Medium
T27
Modification/Deletion:
Very High
Ransomware
Medium
High
T28
Modification/Deletion:
Very High
Ransomware
Medium
High
2
A8
A9
OpenEMR
configuration
files
T29
OpenEMR
authenticated
sessions
T30
OpenEMR
static assets
T31
Disclosure /
Modification /
Deletion /
Unauthorized use:
Password cracking
Very High
High
High
Disclosure /
Modification /
Deletion /
Unauthorized use:
Cross-site request
forgery
Very High
Medium
High
Modification /
Deletion: Website
defacement
Low
Medium
Low
After consulting with GoodDoctors, Inc., it was decided that the following strategies would be used to
address the identified threats.
Risk Management
Strategy
Threats
Avoid
None
Transfer
None
Accept
T5, T6, T11, T17, T21, T31
Mitigate
T1-T4, T7-T10, T12-T16, T18-T20, T22-T30
Team #1 will provide guidance to select, implement and test appropriate security controls to address
the threats in the Mitigate category. Note that the operation and maintenance of the security controls is
out of scope.
Current Security Posture
GoodDoctors, Inc. has just moved their paper health records to cloud-based electronic records. To this
end, they had to update their network and to develop a cloud-based web application. The current
security posture of the company relies on the skills of the local IT company, and on the cloud provider.
The multi-tenant public cloud company has implemented the following security measures:
•
•
•
Firmware of all components is up to date
Facilities:
o Physical access to the could data centers is controlled
o Appropriate environmental controls are present
Perimeter security for the cloud:
3
•
•
o DDoS protection is in place
o The infrastructure is constantly monitored for intrusion (IDS, IPS)
Managed services (Database):
o Patch management is in place
o Configuration management is in place
Awareness and training of the cloud staff
The local IT company has implemented the following security measures:
•
•
•
•
Workstations:
o Hardening of the Operating System
o Protection of the workstations against malware
o Protection against unauthorized access using Active Directory from the cloud.
o Password policies from the company are enforced.
Isolation of the network into VLANs
Physical security of the routers/switches/APs
Use of WPA Personal to protect the wireless network.
In addition, the medical devices’ vendors ensure the security of the medical images located on the SAN.
4
Weekly Report #2
Group 9
CIS 4891
Spring 2020
Professor Nelly Delessy
January 28, 2020
Threat Analysis
The following shows an exhaustive list of potential threats
#
Asset
Threat #
Threat
Impact
Likelihood Risk
rating
1
Digital Signage
T1
Theft/ Vandalism
High
Medium
Medium
Player
T2
USB port access
Medium Medium
medium
T3
File tampering
Very
Very
High
High
T4
Unencrypted file
Very
transfers
high
Single broadcast
Very
domain (without
High
High
High
High
High
Very
High
segmentation)
Cleartext local login
Very
High
Very
and remote server
High
High
Medium Medium
High
credentials
Non-essential services
and applications
Out-of-date versions of
Very
OS/BIOS/ other
High
High
Very
High
applications
Environmental
High
Low
Medium
High
Very High
High
High
Low
Medium
High
Low
Medium
Incidents / disaster
Physical Security:
Accidental damage and
vandalism
2
Content
Management
System
3
Scheduling Data
4
Windows Machine
Environmental
incidents / disaster
5
Environmental
incidents / disaster
OS, Web Server,
Ransomware
and platform
configuration
Very
Medium
High
High
Other Malware
High
Medium
High
Password Cracking
Very
High
High
High
Non-essential services
Medium Medium
High
High
Very
and applications
Unnecessary open TCP
Very High
ports
High
Out-of-date versions of
Very
OS/BIOS/ other
High
High
Very
High
applications
6
DisplayMonkey
Cross-Site Scripting
Very
script files
attack
High
Directory Traversal
Very
High
High
High
High
Medium
High
High
High
Medium
High
High
Ransomware
Very
High
7
DisplayMonkey
Directory Traversal
configuration files
Very
High
Ransomware
Very
High
8
DisplayMonkey
Cross-site request
Very
authenticated
forgery
High
Medium
High
sessions
Strategies for avoiding security threats
Since there are so many invasions of threats in the computer systems, companies have
come up with different ways they are trying to prevent, minimize or abolish security threats. The
above listed threats have been analyzed and therefore the remedies have been found and methods
have been put in place to abolish the security threats. The above threats affect the computer or
the computer technology. The strategies for computer threats have been put in position to
enhance the operation of technology in major places and offices. The table below shows various
strategies that have been put in place to prevent security threats in the computer system.
The following strategies would be used to avoid the threats
Risk Management Strategy
Threats
Avoid
None
Transfer
None
Accept
T1
Mitigate
T2-T11
Group#9 will give direction to choose, execute and test suitable security controls to address the
dangers in the Mitigate class.
Current Security posture
Texto wants to take part in the benefits the digital signage trend has to offer in promoting
their brand and has requested the IT company to implement their digital signage network. Texto
is also aware of recent attacks pertaining to digital signage and security is a priority to
successfully execute their operations without worrying over any potential breach. The current
security posture of the company relies on the skills of the local IT company, and on the cloud
provider.
The multi-tenant public cloud company has implemented the following security measures:
●
Physical Security
○ Accidental damage
○ Vandalism
○ Environmental Disasters
○ Authentication Methods
●
Virtual Data Center Security
○ DDOS Protection
○ General Disaster Recovery
○ Protection Against Intrusion Attacks
○ Logging and Records
○ Data Storage
●
Administrative Security
○ Information Assets
○ Employee Policies
○ Data Handling
○ Operating Procedures
○ Privacy Policy
○ Third Parties
●
Applications and Communications Security
○ Devices
○ DisplayMonkey API
○ DisplayMonkey Management & Presentation Software
●
Awareness and training of the cloud staff
The local IT company has implemented the following security measures:
●
Workstations:
○
Hardening of the Operating System
○
Protection of the workstations against malware
○
Protection against unauthorized access using Active Directory from the cloud.
○
Password policies from the company are enforced.
●
Isolation of the network into VLANs
●
Physical security of the routers/switches/APs/local server
●
Use of WPA Personal to protect the wireless network.
There are various implementation plans for the establishment of a security posture. The
organizations have implemented new metrics. Cyber security is a platform that ensures there is
proper control and coordination of the networking system. The securities are mostly
implemented on networking devices. In this platform, the services are deployed and are left to
flood to the target devices via networking media (Luckey, et al., 2019).
Reference
Rider, E. A., Comeau, M., Truog, R. D., Boyer, K., & Meyer, E. C. (2019). Identifying
intangible assets in interprofessional healthcare organizations: feasibility of an asset
inventory. Journal of interprofessional care, 33(5), 583-586.
Luckey, D., Stebbins, D., Orrie, R., Rebhan, E., Bhatt, S. D., & Beaghley, S. (2019). Assessing
Continuous Evaluation Approaches for Insider Threats: How Can the Security Posture of
the US Departments and Agencies Be Improved. RAND Corporation Santa Monica
United States.
Purchase answer to see full
attachment
Why Choose Us
- 100% non-plagiarized Papers
- 24/7 /365 Service Available
- Affordable Prices
- Any Paper, Urgency, and Subject
- Will complete your papers in 6 hours
- On-time Delivery
- Money-back and Privacy guarantees
- Unlimited Amendments upon request
- Satisfaction guarantee
How it Works
- Click on the “Place Order” tab at the top menu or “Order Now” icon at the bottom and a new page will appear with an order form to be filled.
- Fill in your paper’s requirements in the "PAPER DETAILS" section.
- Fill in your paper’s academic level, deadline, and the required number of pages from the drop-down menus.
- Click “CREATE ACCOUNT & SIGN IN” to enter your registration details and get an account with us for record-keeping and then, click on “PROCEED TO CHECKOUT” at the bottom of the page.
- From there, the payment sections will show, follow the guided payment process and your order will be available for our writing team to work on it.