SIMTRAY Report – one page report

Malicious Cyber Technology Review – brief description on the discussion board of the technology

International Cybersecurity Threat Review – matrix

Compilation of International Cybersecurity Environmental Scan Findings – two page summary

Regional Fact Sheet – 1page

Evaluation of Botnets – 2 page

Botnet Discussion – In a two-page document

Botnet Conclusion – one page document

Global Cybersecurity Environment Report

62020

SIMTRAY Report – one page report

Malicious Cyber Technology Review – brief description on the discussion board of the technology

International Cybersecurity Threat Review – matrix

Compilation of International Cybersecurity Environmental Scan Findings – two page summary

Regional Fact Sheet – 1page

Evaluation of Botnets – 2 page

Botnet Discussion – In a two-page document

Botnet Conclusion – one page document

Global Cybersecurity Environment Report

As a cybersecurity professional, it is important for you to not only understand the organizational and national human and technical factors, but because you will encounter international threats and concerns, it’s also important to be able to recognize threats from other countries.

In this project, you are tasked with creating a chart that depicts your recommendations regarding the assessment and evaluation of the cybersecurity threats and policies that can be linked to origins in the Middle East, Europe, Africa, and other regions, including the relevant cultural differences in global security outlooks across these regions. You will base your findings from the view of a consultant to an international company looking to expand in those geographical areas. Generally, what kind of cybersecurity climate will the company encounter?

In your research, focus on a malicious cyber technology or capability (malware) that is specific to the global environment, i.e., Trojans, rootkits, worms, spyware, keystroke loggers, or advanced persistent threats (do not select botnets, as they will be studied separately in this project). Along with your country threat assessments, you must also assess and evaluate the evolution of this malware and recommend how global cybersecurity policies might be used to counter the effects. 

You will review the characteristics of your chosen malware by discussing six specific characteristics (purpose, size, attack method, attribution, etc.) and describe how these characteristics have emerged, changed, or evolved over the past five to 10 years. Also discuss what contributing factors may cause these characteristics to change, and how these characteristics may change over the next 10 years. How might these technologies be countered by global cybersecurity policy controls (do not describe technology controls) in the future? Support your position with policy, security practice, theories, principles, and recommendations based on your own thoughts, examples, and cited references.

Finally, you will study botnets, which are a specific and particularly pervasive type of malware. You will learn about the global nature of botnets and the emerging security issues associated with botnets, to include their impact on the formulation of global cybersecurity policies.

This is the last of six sequential projects. There are 13 steps in this project. Begin with the information below to review your project scenario.

Scenario
GlobalOutreach is an international company that specializes in risk mitigation, with particular emphasis on cyber risk. You are a consultant to GlobalOutreach, which is looking to expand into the geographical areas of the Middle East, Europe, Africa, and other regions. The company has asked you to provide your thoughts (based on research) on what kind of cybersecurity climate can be expected when expanding to these areas. Your assessment of the global environment will include the identification of specific cyberthreats pervasive in selected regions as well as the identification and characterization of malware in these regions.

You decide to also focus on networked computing systems, which are important to businesses, commerce, and education worldwide, but may be controlled by the global governments that vary from country to country. Botnets, which leverage networks of computers, are a particular global concern, and GlobalOutreach has dedicated research funds to better understanding the propagation of botnets and also how to eradicate them. Networked computing systems are particularly vulnerable to botnets, which can be used in distributed denial-of-service attacks and other malicious purposes. 

Your report will highlight cybersecurity policies in three international regions as well as in NATO and the United Nations, representing global alliances, and will then document the impact of your selected malware in the three geographic areas. It will feature the types of malicious activities most widely observed and what they are used for, and will also consider the role of international cybersecurity policies in eradicating the malware. 

A comprehensive report will show Global Outreach that you are in the best position to advise about global affairs, laying the groundwork for future consulting with the company.

Step 1: Project Practice – SIMTRAY Cyber Policy for a Small World: Day 1

As a consultant to a global risk mitigation company, you will need an overview of global cybersecurity issues and related policies. The global connections that characterize modern cyberspace and catalyze near-instantaneous communication and productivity are also the Achilles’ heel of governments. Cybernetworks, like their physical counterparts, are prone to being used as instruments of sabotage, espionage, disruption, and war. In order to familiarize yourself with these types of global issues and relevant terminology and concepts, open the SIMTRAY titled “

Cyber Policy for a Small World

.” 

SIMTRAY is a simulation that will give you a sense of the need for cybersecurity personnel to maintain a global perspective. There are no local incidents in cyberspace, but more importantly, you will reflect on US policy on cybercrime and cyberwarfare. Some of the issues and topics addressed in this exercise include EMP Attack, the role of state actors, and attacks using technologies such as botnets.

The SIMTRAY will provide you with scores to give you a sense on how well you are grasping the concepts. The sections are timed for 30 minutes; however, you can run the SIMTRAY as many times as you need. Record your best score and at least one lesson learned from the exercise to include in your report at the end of the three-day simulation.

Step 2: Project Practice – SIMTRAY Cyber Policy for a Small World: Day 2

In the previous step, you started to examine the SIMTRAY, “

Cyber Policy for a Small World.

. In this step, continue to focus on SIMTRAY, but document the specific technologies and policies that you believe could be better addressed in the global scene. You may encounter the following topics in this exercise: EMP Attack, the role of state actors, and attacks using technologies such as botnets.

The SIMTRAY will provide you with scores to give you a sense on how well you are grasping the concepts. The sections are timed for 30 minutes; however, you can run the SIMTRAY as many times as you need. Record your best score and at least one lesson learned from the exercise to include in your report at the end of the three-day simulation.

Step 3: Project Practice – SIMTRAY Cyber Policy for a Small World: Day 3

In this step, you should continue to explore the scenarios within SIMTRAY, “Cyber Policy for a Small World.” If you have not already, you will most likely encounter the following topics in this exercise: EMP Attack, the role of state actors, and attacks using technologies such as botnets.

Document events that you experience in the exercise that might affect the global cybersecurity policy. Think about threats brought about by new technologies and how these threats are or could be handled by global policy. 

The SIMTRAY will provide you with scores to give you a sense on how well you are grasping the concepts. The sections are timed for 30 minutes; however, you can run the SIMTRAY as many times as you need in order to have a firm grasp of the concepts. Compile your recorded scores, lessons learned and documented technologies and policies into a one-page report. 

Submit your report for feedback.

Step 4: Malicious Cyber Technology Review

Now that you have practiced the SIMTRAY to familiarize yourself with global issues, you will focus on a specific malicious cyber technology or capability (malware) that is specific to the global environment. Select one technology or capability and post a brief description on the discussion board of the technology, its intended use, and how it is being used maliciously. Include a brief discussion of how your selected technology has evolved and how global cybersecurity policies might be used to counter its effects.

Step 5: International Cybersecurity Threat Review

Due to the vast differences in culture, leadership, laws, and policies of countries around the globe, cybersecurity threats are handled differently. These differences result in various approaches to cybersecurity economic issues, different tolerances for cybersecurity cultural issues, and different responses to cyberterrorism. Ultimately, global perspectives on international cybersecurity legal issues have broad impact as different nations attempt to both thrive in the global economic environment and survive in light of global cyberthreats. Organizations that desire to expand into foreign nations must consider these differences, particularly when they are not relevant when operating in the United States. 

For this step, you will evaluate global cybersecurity threats coming from a minimum of three different regions; for example, the Middle East, Europe, Africa, Russia, or other regions. More specifically, think about networked computing systems being critical to businesses, commerce, education, and governments. Keeping them secure is no longer solely the concern of corporate entities and the relevant regulatory environments. Global governments must also work to ensure the security of their networks. Also consider your selected technology from the previous step. 

Complete the

 International Cybersecurity Threat Matrix 

for at least three international countries or regions.

Step 6: NATO and United Nations Review

Complete the 

Andrew Bowers NATO Intern eLearning Module

 for an overview of the NATO cybersecurity stance. Evaluate its effectiveness as well as the effectiveness of the United Nations cybersecurity stance in helping to contribute to cybersecurity international policy over the next decade. For more information, read about international cybersecurity approaches.

Update the International Cybersecurity Threat Matrix from the previous step, based on your findings in this step. Submit your matrix for feedback. This matrix will be included in your final report.

Step 7: Compilation of International Cybersecurity Environmental Scan Findings

Compile all of the information you found in the previous two steps and write a two-page summary. Use the 

International Cybersecurity Environmental Scan Template

 to guide your summary, which should include descriptions of the regions and of the cybersecurity threats prevalent in the regions selected. Address the role of international bodies (NATO and United Nations) in influencing and contributing to international cybersecurity policies. 

Submit your summary for feedback. This summary will be included in your final report.

Step 8: Regional Fact Sheet on Identification and Implication of Cybersecurity Threats

To illustrate the impact of cybersecurity threats, develop a one-page fact sheet using one of the regions from your matrix. Explain the cybersecurity threat experienced in one region, the evolution of the associated malware, the implications (e.g., economic, political, national security, etc.) of it to that region and how global cybersecurity policies might be used to counter the effects. You will discuss six specific characteristics (purpose, size, attack method, attribution, etc.) of the malware and describe how these characteristics have emerged, changed, or evolved over the past five to 10 years. Also discuss what contributing factors may cause these characteristics to change, and how these characteristics may change over the next 10 years. How might these technologies be countered by global cybersecurity policy controls (do not describe technology controls) in the future? Support your position with policy, security practice, theories, principles, and recommendations based on your own thoughts, examples, and cited references.

Submit your regional fact sheet for feedback.

Step 9: Global Cybersecurity Threats: Deep Dive on Botnets

A botnet is a particular type of cyberthreat wherein a network of computers are infected with malware and then co-opted and controlled by one entity. Botnets are globally pervasive and used in many modern-day cyber intrusions. It’s important to understand how they operate and their impact to global security. 

Review the learning content modules listed below and create notes using the 

Botnet Research Template

. 
Learning Content Modules:

1.

Botnets Creating Profit

2.

Global Botnets and Emerging Issues

3.

Botnet Attack at Westwood Mutual

These notes will be used for your evaluation of the international concerns of botnets in the next step.

Step 10: Evaluation of Botnets

Evaluate the issues associated with botnets and with formulating global cybersecurity policy. Identify the characteristics of botnets, and how they have evolved over the past 5-10 years. Research the key technical features of botnets and determine the factors that contribute to botnet characteristics to change. Your Botnet Evaluation should be one and a half to two pages in length.

Submit your Botnet Evaluation for feedback.

Step 11: Botnet Discussion

In a two-page document, 

1. Discuss six specific characteristics of the global nature of botnets (such as purpose, size, attack method, attribution, etc.). 

2. Describe how these characteristics have emerged, changed, or evolved over the past five to 10 years.

3. Describe the key technical features of six example botnets.

4. Discuss what contributing factors may cause botnet characteristics to change, and how these characteristics may change over the next 10 years. 

Submit your Botnet Discussion for feedback.

Step 12: Botnet Conclusion 

Create a one-page document that answers the following questions, taking into consideration your country research and botnet reviews. 

Step 13: Global Cybersecurity Environment Report

Throughout this project, you have researched and considered global cybersecurity issues, technologies, and related policies. You have evaluated various countries and international organizations. It is now time to compose your consultant’s report to GlobalOutreach documenting your findings. Refer to the 

instruction for the Global Cybersecurity Environment Report

 for additional guidelines.

Submit your completed report.

Check Your Evaluation Criteria

Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them. To view the complete grading rubric, click My Tools, select Assignments from the drop-down menu, and then click the project title.

2.1: Identify and clearly explain the issue, question, or problem under critical consideration.

7.2: Evaluate international cybersecurity policy.

8.2: Evaluate specific cybersecurity threats and the combination of technologies and policies that can counter them.

How might future botnets be countered by global cybersecurity policy controls (do not describe technology controls) in the future?

What impact could global cybersecurity policies have on the eradication of botnets?

Submit your Botnet Conclusion for feedback.

Possible choices include, but are not limited to: Trojans, rootkits, worms, spyware, keystroke loggers, or advanced persistent threats (APTs). Do not select botnets.

Botnet Research Template

Learning Content

Key Botnet Notes

International Concerns

1. Botnets Creating Profit

2. Global Botnets and Emerging Issues

3. Botnet Attack at Westwood Mutual

Global Approaches to Cybersecurity

Instructions for Final Report

Review the work you have done throughout the project. If necessary, review the eLearning modules in steps 6 and 9 and your Simtray Report completed in Step 3 along with the feedback from your instructor.

Be sure to address the following items at some point in your report.

· Analyze critical issues in global cybersecurity management and policy.

· Analyze critical issues in global cybersecurity technology policy.

· Analyze the principles of warfare that underpin cyberwarfare theory and application.

· Assess cybersecurity policies and procedures for transnational legal compliance.

· Compare and contrast international cybersecurity standards bodies.

· Identify key initiatives in international cybersecurity policy.

· Assess the cross-cutting effects of policy, budget, and technological capabilities upon the ability to address cyberthreats at the enterprise, national, and international levels.

· Assess policy and technology trade-offs that must be considered and made when addressing cyberthreats at the enterprise, national, and international levels.

· Assess and critique cybersecurity programs.

· Assess emerging cybersecurity issues, risks, and vulnerabilities.

· Assess key cyberattack technologies.

· Assess how the theories and principles of war apply to cyberwarfare, and apply those theories to understand cyberoffense and cyberdefense challenges.

Report Sections

· Title Page

· Table of Contents

· Introduction

· International Cybersecurity Threat Matrix

· International Environmental Scan

· Regional Cybersecurity Threat Fact Sheet

· Botnet Evaluation

· Botnet Discussion

· Botnet Conclusion

· Conclusion

· Reference Page

International Cybersecurity Environmental Scan Template

Country: _________________________

A. What are some unique characteristics of the country’s culture that make cyberspace issues more challenging?

B. If you projected forward into the next decade, what things do you think will change?

C. What could be the catalyst(s) for change?

D. From an economic perspective, is there a possibility that the country will take a different approach with regard to cyberspace than it has in the past?

E. From the criminality perspective, does the country do enough in the cyberspace area?

F. What changes would you suggest if you were the US ambassador to these countries?

G. Describe and discuss the potential impact of your recommendations.

International Cybersecurity Threat Matrix

Country:

Cyber Culture

(i.e., How does the country view cyber threats? Is this consistent with the general country culture?)

Cybersecurity Threats

Cyber Legal Perspective/Cyber Economic Perspective

Response to Cyberterrorism/Recruiting

Country:

Cyber Culture

(i.e., How does the country view cyber threats? Is this consistent with the general country culture?)

Cybersecurity Threats

Cyber Legal Perspective/Cyber Economic Perspective

Response to Cyberterrorism/Recruiting

Country:

Cyber Culture

(i.e., How does the country view cyber threats? Is this consistent with the general country culture?)

Cybersecurity Threats

Cyber Legal Perspective/Cyber Economic Perspective

Response to Cyberterrorism/Recruiting