2019 ALIBABA DATA BREACH ANALYSIS

2019 ALIBABA DATA BREACH ANALYSIS

Cybersecurity skills needed

GENERAL ASSIGNMENT GUIDELINES

Students are to submit a spreadsheet assessing the controls via NIST, AND also provide an assessment report in Powerpoint of their analysis (20 slides) as if presenting to the board/senior management.

You will be asked to perform a cybersecurity risk assessment for a company that was breached in the past two years. Your simulated assessment is done prior to the breach. Therefore, all breach information and reasoning provided through your research will be used as part of your assessment process. You will select a company (a maximum of 5 students can select the same company) and develop a risk assessment report that reflects the risks uncovered as a result of your assessment. You need to use the NIST CSF framework (pages 23-44) for this assessment. Your reasoning must be consistent with publicly available information about the company and the breach, but you may draw additional conclusions based on this information.

Please use the spreadsheet to assess the controls and then develop the assessment report. The FINAL SUBMISSIOn should include both the

A. spreadsheet and

B. the report deck (PowerPoint).

The steps required to complete the assignment are as follows:

1. You are to select a company (not attack type) of a major breach publicly announced within the last couple of years.

2. You are to conduct research about the breach at this company.

3. Based on the information that you obtained from your research using the NIST CSF framework’s 5 major control areas (identify, protect, detect, respond, recover), your assessment will identify at least 2 risks per major control area that you believe were missing and contributed to the breach.

4. There needs to exist a logical connection between the breach and missing controls (subcategories) for a specific company. This connection can be established in two ways:

1. The missing control was specifically mentioned in the publicly available research. If this is the case, you can just reference the information that you found.

2. You were able to make a case that this control was missing based on other information uncovered in the course of your assessment.

CLIENT’S SPECIFICATIONS

I am going to write ALIBABA (DATA BREACH 2019). Alibaba is the company and the event could be its data breach that happened in 2019. Please do more research for this data breach incident. The spreadsheet should base on NIST CSF framework (pages 23-44) (Attached)

The content of PowerPoint is summarized NIST framework from the spreadsheet and also come up with recommendation. I have attached sample report. Do not exactly copy. You can customize the content by yourself.

Submit two things: Spreadsheet and PPT

This work is very important. You need to be good at IT analysis.
GENERAL ASSIGNMENT GUIDELINES

Students are to submit a spreadsheet assessing the controls via NIST, AND also provide an assessment report in Powerpoint of their analysis (20 slides) as if presenting to the board/senior management.

You will be asked to perform a cybersecurity risk assessment for a company that was breached in the past two years. Your simulated assessment is done prior to the breach. Therefore, all breach information and reasoning provided through your research will be used as part of your assessment process. You will select a company (a maximum of 5 students can select the same company) and develop a risk assessment report that reflects the risks uncovered as a result of your assessment. You need to use the NIST CSF framework (pages 23-44) for this assessment. Your reasoning must be consistent with publicly available information about the company and the breach, but you may draw additional conclusions based on this information.
Please use the spreadsheet to assess the controls and then develop the assessment report. The FINAL SUBMISSIOn should include both the
A. spreadsheet and
B. the report deck (PowerPoint).
The steps required to complete the assignment are as follows:
1. You are to select a company (not attack type) of a major breach publicly announced within the last couple of years.
2. You are to conduct research about the breach at this company.
3. Based on the information that you obtained from your research using the NIST CSF framework’s 5 major control areas (identify, protect, detect, respond, recover), your assessment will identify at least 2 risks per major control area that you believe were missing and contributed to the breach.
4. There needs to exist a logical connection between the breach and missing controls (subcategories) for a specific company. This connection can be established in two ways:
1. The missing control was specifically mentioned in the publicly available research. If this is the case, you can just reference the information that you found.
2. You were able to make a case that this control was missing based on other information uncovered in the course of your assessment.
CLIENT’S SPECIFICATIONS
I am going to write ALIBABA (DATA BREACH 2019). Alibaba is the company and the event could be its data breach that happened in 2019. Please do more research for this data breach incident. The spreadsheet should base on NIST CSF framework (pages 23-44) (Attached)

The content of PowerPoint is summarized NIST framework from the spreadsheet and also come up with recommendation. I have attached sample report. Do not exactly copy. You can customize the content by yourself.

Submit two things: Spreadsheet and PPT

This work is very important. You need to be good at IT analysis.