Cybersecurity Research Paper (1 @ 15 points; 15 percent overall)
Select a research topic from the list below. After selecting your topic, research the incident using news articles, magazine articles (trade press), journal articles, and/or technical reports from government and industry.
- For a grade of A, a minimum of five authoritative sources (not including course modules and the course textbook) are required.
- For a grade of B, a minimum of four authoritative sources (not including course modules and the course textbook) are required.
- For a grade of C, a minimum of three authoritative sources (not including course modules and the course textbook) are required.
Your research is to be incorporated into the students’ 3- to 5-page written analysis of the attack or incident. Your report is to be prepared using basic APA formatting (see below) and submitted as an MS Word attachment to the Cybersecurity Research Paper entry in your Web Tycho assignments folder.
Pre-approved topics include
- Stuxnet virus
- ChoicePoint data breach
- T.J. Maxx data breach
- Operation Aurora
- Operation Shady RAT
- RSA SecurID breach
- China-related attack(s) against Google’s corporate infrastructure
- Operation High Roller
- FinFisher attacks on activists (suppression of political dissent)
You may propose an alternate topic for your instructor’s approval. Approval is NOT guaranteed. Your request for approval (posted as a reply to the message in the Week 2 conference) must contain the following information:
- Short Topic Name
- URL for news article about the security incident or attack that you will research for your paper
- URL for a second authoritative Internet resource that you will use to provide information about your chosen security incident or attack.
Ideas for additional topics can be found on various security-related websites, including
- Bruce Schneier on Security http://www.schneier.com/blog/
- Carnegie-Mellon CERT: http://www.cert.org/insider_threat/study.html
- CSO Online: http://www.csoonline.com/
- SC Magazine: http://www.scmagazine.com/
- Symantec: http://www.symantec.com/threatreport/
- US-CERT: http://www.us-cert.gov/security-publications/#reports
After you have performed your research, use your sources to analyze the major characteristics of the cybersecurity incident. Your analysis must include:
- identifying the type of breach
- identifying and explaining how the breach occurred (or suspicions by authorities as to how it may have occurred)
- identifying and discussing known or suspected losses of confidentiality, integrity, and availability for information and/or information systems
- identifying and discussing technological improvements that would help prevent recurrence
Organization and presentation of content: 40%
Analysis and critical thinking: 20%
Selection (appropriateness) and citing of sources: 20%
Professionalism (writing style and grammar/spelling/punctuation): 20%