In a 3-5 page paper, answer the following questions regarding the GlobalUbid case study. Provide citations within the text and references at the end of the essay in APA format for every cited information source (at least one outside source required).
Identify GlobalUbid?s critical business processes and any dependencies such as suppliers and customers (146). Identify the systems/functional areas that support the process. Some of these processes may be inferred.
Identify the audience for the security assessment.
How will you prevent a lack of cooperation?
Evaluate GlobalUbid?s technology. This does NOT require a 3-5 page paper. Only a table with a brief explanation of the areas highlighted. The purpose is to identify the technology issues that need to be addressed.
a. Specifically look at the technologies in place or should be in place to support the business requirements and where it fits in the system architecture. What are the key dependencies? What CIA requirements are missing? What are specific hardware and software issues that must be addressed? If you were to test GlobalUbids?s system what do you think you would find? Here you can infer your ideas from the case study.
b. Then, construct a table that depicts your findings. A suggestion might be to list the broader IT categories across the top such as firewalls, IDS, access etc., and then list the areas that need to be addressed on the left column for each category. It is your choice on how you want to depict your findings.
c. Here we are interested only in the problem/concern, not the recommended technology solution. That is addressed in the final phase.
To date we have examined both the business and technology processes based on Kairab?s model. From this analysis we have extrapolated enough detailed information to begin prioritizing key technology requirements that GlobalUbid must address if they are to avoid another DOS or other attack(s). To complete this exercise you will have to read ROSI by Sonnenreich. From your previous work complete the following exercises.
1. Calculate the Return on Security Investments (ROSI) by identifying and prioritizing what you believe are the top 3 technology requirements that GlobalUbid needs to consider as part of their security improvements.
a. Explain why you selected the recommended solution.
b. How and why you selected the values.
c. What assumptions did you have to make about the solution with reference to other possible scenarios?
2. Based on the case study, calculate a risk exposure or Annual Loss Expectancy (ALE) for GlobalUbid using the Single Loss Expectancy (SLE) and Annual Rate of Occurrence (ARO). Use the Sonnenreich article as reference.
The project is a summary of the GlobalUBid Case Study as it applies to Figure 3.9. . The point of putting it all together is to make sure students understand how each phase of the assessment methodology supports and contributes the following phases.
For each of the primary phases (Planning, Information Gathering, Business Process Evaluation, Technology Evaluation, Risk Analysis and Final Presentation), elaborate on those subjects (and their subcomponents to a lesser degree) as it corresponds to the Case Study.
Total length should be approximately 3000 words. Provide citations within the text and references at the end of the essay in APA format for every cited information source (minimum of three outside sources required).