Assignment
Congratulations! Your boss, Judy "Mac" McNamara, thought you did a great job on your Vulnerability Management Process recommendation and analysis of the OpenVAS vulnerability report. However, the boss doesn't think the free OpenVAS tool will provide the high-level presentation reporting and support needed by Mercury USA. Now, Judy would like you to evaluate the leading commercial vulnerability scanner, Nessus. Fortunately, Judy had asked someone in the IT department to install and configure a 30-day evaluation copy of Nessus. She hands you a recent Nessus report from IT that has a few more systems added, and with a wry smile adds, "It looks like there's some really bad stuff in there!"
Judy would like you to provide an analysis of the report. You decide to highlight what you think the company should address first and how you would mitigate some of the top threats. In addition, Judy wants to know your thoughts on Nessus, since it's expensive. You now realize that you need to ensure due diligence has been performed before making a purchase recommendation to executive management.
You will submit the second project, VM Scanner Background Report, based on the Nessus Report. As you are writing your report, you may want to refer back to the CEO's video in Week 1 to make sure your analysis and recommendations align with the CEO's priorities and concerns.
You should link your analysis to the kinds of organizational functions and data associated with a transportation company (e.g., protecting order data, customer lists, sales leads, Payment Card Industry (PCI) compliance for processing credit, proprietary software, etc.) and provide your recommendation if Mercury USA should purchase the Nessus tool. This report should be four to six pages in length and include a title/cover page. Include in-text citations and a reference page with three quality sources in a citation style of your choice.
Delete the instructional text from the template before you submit.
Project Overview:
Mercury USA is a small- and medium-sized business (SMB) in the transportation sector with 400 employees.
You've just been hired by Mercury USA as the first cyber threat analyst on the team and will work within the existing Information Technology department. Mercury USA has an urgent interest in addressing security vulnerabilities.
Judy "Mac" McNamara, the manager of IT services, said the chief executive officer (CEO) recently learned via a mandatory breach disclosure that a competitor was a victim of ransomware. The firm in question lost a significant amount of intellectual property and customer data and is facing expensive litigation, government fines, and loss of customer confidence. These issues are likely to result in bankruptcy.
Thus, executive management would like to prevent Mercury USA's critical data (e.g., order data, customer lists, sales leads, Payment Card Industry (PCI) compliance for processing credit, proprietary software) from falling into the wrong hands and threatening the survival of the business.
Format your assignment according to the following formatting requirements:
(1) The answer should be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
(2) The response also includes a cover page containing the title of the assignment, the student's name, the course title, and the date. The cover page is not included in the required page length.
(3) Also include a reference page. The Citations and references should follow APA format. The reference page is not included in the required page length.