Case Study on Information Security and Risk Management

Task:

The purpose of the assignment is for you to conduct an in-depth investigation into information security, security risks, security control, and the application of risk control and risk measures etc. From your research, you will produce a Case Study that includes any relevant recommendations of your findings as to how you see the cyber security threats and risk landscape evolving over the next few years.

Guidance

This case study allows you the opportunity to explore key concepts and theories relating to security and risk management whilst developing an appreciation of ‘real-life’ issues and situations.  You might compare, contrast, and evaluate the Internet Security Threat Report (ISTR), Volume 24, February 2019, and the ISTR, Volume 22, April 2017 to inform your case study as well as any current supporting information that you might find during your research.  You are free to speculate and offer your own opinions but there must be some reasonable grounding or justification to support them.  The case study should also discuss any relevant legal, ethical, and professional issues in security and risk management.

Learning Outcomes/Key Skills

1. Understand the issues with information security and security risks.
2. Identify the security risks and security control strategies in a particular context.
3. Evaluate various security technologies
4. Understand and apply business continuity planning for a given scenario.
5. Understand and apply security policy, standard, and practices.
6. Discuss issues related to legal, ethical, and professional issues in security management.

Work which demonstrates a sound and above average level of understanding of the concepts, methodology and content appropriate to the subject and which draws on a wide range of properly referenced sources.  There is clear evidence of critical judgment in selecting, ordering and analysing content.  Demonstrates some ability to synthesise material and to construct responses which reveal insight and may offer some occasional originality.

Work which contains most of the qualities of a B+ grade but where the critical judgment is less developed and there is less insight and originality.

Work derived from a solid basis of reading and which demonstrates a grasp of relevant material and key concepts; and an ability to structure and organise arguments.  The performance may be rather routine but the work will be accurate, clearly written and include some critical analysis and a modest degree of original insight.  There will be no serious omissions or irrelevancies.