You can download the solution Decision Types – Assignment Collaboration With Google Drive for free. For further assistance in Information Technology Assignments please check our offerings in Information Technology assignment solutions. Our subject-matter experts provide online assignment help to Information Technology students from across the world and deliver plagiarism free solution with free Turnitin report with every solution.

(ExpertAssignmentHelp does not recommend anyone to use this sample as their own work.)

Task Description 

You are interviewed by Southern Cross University for a position of cybersecurity  consultant to work in a university’s cybersecurity program. As part of the interview, you  are required to complete the following tasks: 

Task 1: discuss why risk assessment is the most critical step in developing and  managing cyber security in the university and identify the limitations of the current  

risk assessment methods. 

Task 2: develop five questions that allow you to identify the most critical  information assets of the university. Create a WFA template to rank the assets. 

Task 3: identify the top five threats to the university information assets. Support  you finding by quoting reputable sources of information. 

Task 4: let’s assume that the university website is one of the most critical  information asset of the university. Discuss how the top five threats could/could  

not impact the asset. Rank the threats based on their levels of impact on the asset.  Support your discussion by quoting reputable sources of information.

Task 1 – The importance of risk assessment

Cyber security Risk assessment

Business organizations face risks every day and these risks, if not analyzed and evaluated early, may result in loss of important company information. The frequency and scope of cyber security risks has expanded with an increase in the usage of ICT and internet in the organizational processes. The most common cyber risks faced by organizations nowadays include misuse of their information by some unauthorized users, unauthorized access to the company's private information (accidental or malicious), loss of data, disruption of productivity and service and unintentional exposure of information or leakage of confidential company data. The cyber security risk assessment can be defined as the process of identification, analysis and evaluation of the risks for managing them and making sure that the organization is not exposed to outside threats. Cyber security risk assessment is critical for an organization to understand and eliminate the operational risks such as organizational functions, image, reputation, and mission (Chabinsky, 2015).

Steps of cyber security risk assessment

As per the cyber security risk assessment framework suggested by NIST, the risk assessment process includes six major steps:

1. Identification of the information assets handled primarily by the organization (function, process or application)

2. Location of the information assets and finding out where they reside within the company.

3. Classification of the information assets in discrete categories such as regulated information or public information.

4. Conducting a threat modeling exercise which will result in ranking  the threats to the company's cyber security on the basis of their priority; it will help in labeling the risks as high, medium or low and determining  a likelihood rating. 

5. Calculation of the risk rating through a simple equation:

Risk Rating = Impact (if exploited) * Likelihood (of exploit in the assessed control environment)

6. Finalizing the data and making an effective plan for sensible security (TechTarget, 2018).

The most important step in the process of risk assessment is adequate preparation. It includes understanding the purpose and scope of risk assessment, setting out the ground rules, analyzing the information sources, constraints and assumptions and using an analytical approach accordingly. 

(Some parts of the solution has been blurred due to privacy protection policy)