Project Paper Instructions:
Purpose
This project provides you an opportunity to analyze risks, threats, and vulnerabilities and apply
countermeasures in the information systems environment.
Introduction
Contemporary organizations collect, store, and transmit a tremendous amount of highly sensitive
data. Despite the many benefits that information technology offers, these systems are not
completely secure. Proper controls must be put in place to mitigate security risks and protect vital
business information.
Scenario
Fullsoft, Inc. is a software development company based in New York City. Fullsoft’s software
product development code is kept confidential in an effort to safeguard the company’s
competitive advantage in the marketplace. Fullsoft recently experienced a malware attack; as
a result, proprietary information seems to have been leaked. The company is now in the
process of recovering from this breach.
You are a security professional who reports to Fullsoft’s infrastructure operations team. The Chief
Technology Officer asks you and your colleagues to participate in a team meeting to discuss
the incident and its potential impact on the company.
Tasks
Prepare for the meeting by deliberating on the following questions:
• How would you assess the risks, threats, and/or vulnerabilities that may have allowed this
incident to occur, or could allow a similar incident to occur in the future?
• What insights about risks, threats, and/or vulnerabilities can you glean from reports of
similar incidents that have occurred in other organizations?
• What potential outcomes should the company anticipate as a result of the malware attack
and possible exposure of intellectual property?
• Which countermeasures would you recommend the company implement to detect current
vulnerabilities, respond to the effects of this and other successful attacks, and prevent
future incidents?
Write an outline of key points (related the questions above) that the team should discuss at the
meeting.
As a reminder, you may use the book for this course and the Internet to conduct research. You
are encouraged to respond creatively, but you must cite credible sources to support your
work.
Your Project should be submitted in the following format and style:
Format: Microsoft Word
Font: Arial, Size 12, Double-Space
Citation Style: APA format, see link https://owl.english.purdue.edu/owl/resource/560/02/
Length: 5–6 pages double space.
Self-Assessment Checklist
I have created an outline that describes key points the team should discuss at the
meeting. My outline explains how to assess potential risks, threats, and/or vulnerabilities;
describes potential outcomes of a malware attack and exposure of confidential
information; and recommends countermeasures the company should implement.
I have conducted adequate independent research for this part of the project.