SIT284/SIT763 Cyber Security Management

Assessment 1: Critical Thinking task 1, T1-2022

Brief description of assessment task

This task requires students to demonstrate their ability to plan for assessment (identify) of cyber security risks in a corporate setting. Students will be required to evaluate approaches to cyber security management with emphasis on planning. Students will need to decide and justify the elements to be included in a plan for a given (hypothetical) organisation and present the plan to high level management for approval. Students will be assessed on their ability to investigate, compare, and justify suitable elements to include in the plan and effectively communicate this to high level management. This task will cover ULO1 and ULO2.

Assignment Extensions

To seek an extension for this assignment, you will need to apply via the online Assignment Extension Tool in the SIT763 unit site via DeakinSync. https://www.deakin.edu.au/students/faculties/sebe/assignment-extensions

Penalties for Late Submission

Referencing, plagiarism, and collusion

Total Marks: 50

COVID-19 has changed the way people work. At a rapid pace, both in Australia and overseas, many businesses have shifted to a work-from-home workforce. This has created new risks and during these unprecedented times, cyber criminals are seeking to exploit uncertainty surrounding COVID-19. Furthermore, this has presented numerous challenges for employers in terms of cyber security, data protection and compliance with privacy laws.

Therefore, it is vital to inform policy and guidance around cyber security for future pandemics/outbreaks and play a role in how Australian businesses can factor this into cyber resilience planning to better protect themselves.

2. Prioritise the assets identified (above) based on their level of criticality to the organisation-draw a table to illustrate the reasoning behind this prioritization (top, medium, low). 5 marks

3. Identify two potential threats (against Case A or Case B) and their likelihood of occurrence in 2-3 lines. 5 marks

3. From a cyber-security context, what are the gravest five cyber challenges for these contact tracing apps? Explain each in 2-3 lines. 5 marks

Please clarify the confusion, from data ownership, trust, and control perspective. This confusion also comes about in regards to the value of such apps when the following questions are pose:

• https://www.ag.gov.au/rights-and-protections/privacy/covidsafe-legislation

• https://covidsafe.gov.au/privacy-policy.html