SYSTEM INTEGRITY FOR CYBERSECURITY
Research Paper
Assignment:
Your Assignment is to choose a real world IT security breach, and perform a case study. Within this study, analyze the method the attackers used to gain access, and the actions the attackers took once the network was penetrated. You should also identify the correct security procedures that should have been in place to prevent this breach. The choice of incident is completely up to you, but please keep in mind that it should reflect an actual breach and require research on your part. Please keep in mind that in many situations, details of the attack may not have been revealed due to our culture of corporate secrecy and/or pending litigation, so please choose a case wisely.
Requirements:
Within this case study, please include the attacking methods, the security failures, and a review of the corporate response. Additionally, please indicate a suggested correction to both the security that would have prevented this breach, and indicate any improvements that the company could have made with its corporate response.
The paper should be 7-10 pages in length (minimum 7 page), double spaced, standard font with default margins.
All citations should be made using APA 6th edition guidelines, and please include a minimum of 5 valid citations, although you should remember that any statement of fact that is not common knowledge or "assumed" should be backed up with a citation.
APA 6th edition guidelines
Choosing Research Sources
As this is a cybersecurity course, it is not a requirement that all sources be academic journals or peer- reviewed, as this industry advances far faster than academia. While it isn't a requirement for peer-reviewed work, the quality of the source matters. Here are some simple guidelines, but it is up to each person to evaluate the quality of a source and verify if the data is relevant and accurate.
- Wikipedia is NOT a citable source, but it has excellent data. (HINT: Wikipedia isn't citable, but Wikipedia itself cites its sources, and often those sources are valid).
- Security researcher blogs often are an excellent source, known respected security researches such as Brian Krebs (krebsonsecurity.com) often post incredibly useful information. This doesn't mean all blogs are valid, so I highly recommend confirming any data you obtain from a blog by attempting to find an additional source.
- Security patches and postings by corporations such as Microsoft, Apple, Norton, Mcafee, SANS, etc., are all considered valid and can be used as citations.