Consultancy on Threats and Mitigation Steps for Huddersfield News

Assignment Aims

1. Assignment Aims 

The aim of this assignment is to provide consultancy to an end-user on the threats facing their organisation as well as what mitigate steps they should take.

Learning Outcomes

1. Conceptual understanding enables the learner to critically evaluate and engage in scholarship in the discipline, including proposing and testing both research and investigative hypotheses.

2. Deal with complex issues and make sound judgment in the absence of complete data. For example, in assessing a vulnerable/compromised security to determine security implications, including mitigation ations.

3. Continue to advance their cybersecurity and cybercrime knowledge and understanding, and to develop new skills to a high level.

2. Assessment Brief

Huddersfield News is a business selling both traditional printed newspapers as well as having an online news website. Their focus is to report of local news; however, they do also cover news of National interest to the local region. They have one physical office in Huddersfield where around 50 employees have office space. Employees are currently working remotely but are able to spend up to half of their time on premises. To facilitate this, employees are provided with a laptop and smart pone for business purposes. Huddersfield news also maintains physical infrastructure to support their business.

• A server and associated network infrastructure where organisations external website is hosted

• An intranet to store all organisation documents (news stories, employee records, etc.)

They also have WiFi connectivity provided throughout their premises. Huddersfield News are becoming increasingly concerned over the increase in cybercrime and as such are reviewing their IT systems and security. They have approached you as a consultant to provide them some advice on what improvements they could make. In this assignment you are to consider each of the topics covered in this module and
how they might relate to Huddersfield News. In addition to considering how they relate, you should also provide information on what advice you would give them. The topics to consider are:

• Trends in cybercrime and what kinds may be of most risk for Huddersfield Electronics

• Authentication security and potential for Biometric use

• Data Security

• Legal and Ethical implications

• Digital forensics from a Police and evidence perspective

• Email spoofing and its involvement with fishing

• Web vulnerabilities/Network security Getting Started It is strongly recommended that you create a new section in your report after each session. Each section should be approximately 500 words and should include:

• A brief description of the subsection’s content

• How this relates to Huddersfield News and the specific challenges that they face

• Recommendations and discussion

Recommended structure

Cyber crime is an increasing activity (crime statistics on uk gov website)

1 What kinds of crimes/threats are most common: economic motivated cybercrimes are the most common i.e., ransomware Find a couple of references on antivirus website  https://www.av- test.org/en/statistics/malware/

2. How this relates to Huddersfield News and the specific challenges that they face Physical IT infrastructure could be attacked. Potential to affect business operation. Maintaining secure data is challenging, considering large staff base.

3. Recommendations and discussion They should ensure all IT is running credible protection services. Users should be trained. Administrators set restrictive permissions Monitoring of systems to detect abnormal/damaging behaviour. Authentication security and potential for Biometric use.

1. A Brief Description

User authentication has a primary purpose to protect the system. Password systems are the common first-line of defence; however, there is a trade-off between usability and security. Users writing down passwords, password cracking, etc. Biometrics provide an alternative to passwords.