Your scenario will involve deploying a complete solution to solve a significant issue for the organization you have chosen.
• Building a Security Operations Center (SOC)
• Rearchitecting a flat, single domain intranet to segment access based on role and need to know (this could focus on BYOD or data protection)
• Design of a data loss prevention solution that spans endpoint, applications (i.e. email), network and cloud
• Transition from on-prem solution to multi-tenant SaaS solution (i.e. Microsoft Office 365) where classified data is involved
You should choose a research project that will be broad enough so you can demonstrate your knowledge of the major areas covered in your M.S. program. The above examples can all touch on these topics to varying degrees. I encourage you to develop your own scenario, so you can bring your unique experiences to bear on the project!
The major subject areas that should be addressed include:
• Organizational Aspects
• Project Management
• Risk Analysis
• Communications Security
• Assessments and Pen Testing
• Incident Response, Investigations, and Forensics
• Ethical, Legal and Compliance Issues
You will need to first build a scenario and decide what project you will take on. You will then ensure that your project will be able to touch on the major subject areas (some in depth, others less so). You will then develop a project plan or outline, as you would on the job. While you will not develop a detailed budget, you will need to make assumptions about cost and resources as a part of your project. It is likely that most organizations will not foot the bill for a 10 million dollar SOC, unless it is to mitigate a more expensive risk they may have experienced in the past. Another important aspect of your plan will be to assess the risk. You will be asked to list the risk items, score the impact and likelihood for these risks and plot them on a color-coded heat map. High risks will require a mitigation strategy.
For the SOC example, you will assess the risk of not having a SOC (perhaps not having SIEM or analysts looking at security events), and you will show how the SOC will reduce high risks and make certain threats less likely to happen, or make their detection occur sooner to limit impact on the organization.
Background and Significance: This section provides further justification of the need for your project.
◦Business Case: Provide details about the organization you have chosen for your scenario and relevant information about their organizational structure, key initiatives and current state of security that motivates your project (if your project is in response to new risk introduced by another initiative in the organization, then explain the business case that is motivating your project in response). This section will be supplemented by your risk assessment in M4. If your project is because of gaps that introduce risk in your current environment, provide a business case for why there are gaps and how your project is needed to address those gaps. It is likely that something happened over time to get to the state you have today (it could be evolving technology, increased business demands, etc.).
◦ IT Architecture: Provide an overview of the IT network and systems involved in the proposed solution (on-prem or cloud, depending on your scenario).
◦ Data Concerns: Explain what sensitive information is being projected, how it is classified and if it is regulated.
◦ Regulations: If any data involved is regulated, or if there are other legal and compliance concerns, state them in this section.
◦ Users and Roles: Provide an overview of the users and roles who will be involved in the proposed solution.
◦ Risk Assessment (before mitigation): Provide a list of risk items you identify and score and represent them graphically on a risk heat map, based on the current state.
◦ Revised Risk Assessment (after mitigation): Provide a revised risk heat map showing the future risk landscape after your project is complete.
◦ Project Plan: Develop your plan of action to mitigate high risks, with details related to staffing and (estimated) budget.
◦ In your project plan, explain how your project will touch on the various topics you have covered in your M.S. program:
- Among other benefits, we guarantee:
Essays written from scratch – 100% original,
Competitive prices and excellent quality,
24/7 customer support,
Priority on customer’s privacy,
Unlimited free revisions upon request, and
Plagiarism free work.
Providing Quality University Papers , written from scratch,
delivered on time, at affordable rates!