You are a cybersecurity professional employed in a research and development firm working on medical research related to identifying effective treatments for several diseases. It is known that a similar type of research organization was recently hacked by a foreign state agent through the use of malware, and many patents and other intellectual property were stolen. Your CEO and CIO want to be certain that their organization’s systems are protected against this type of attack. They have asked you to perform a high-level risk assessment and provide a risk management approach related to this type of malware attack. Assume the following for the assignment:
The organization has an outward facing website that provides information on the research in progress and presents general news of interest to its followers. The web server housing this website is in the organization’s demilitarized zone (DMZ). The DMZ uses a single firewall system. Users can request information by submitting a form.
Servers on the internal network houses several databases. One holds all current patent information for patents held by the organization. The second database holds the researchers’ notes and all research project information for projects that are in progress. The patent database is encrypted. There is also a collaboration area where researchers that work together can share notes and ideas. A third database houses employee information.
Also, on the internal network are an email server, print servers, and application servers.
The organization does not use any cloud computing. An incremental backup of the servers and databases is made daily and stored in the same building.
The organization has biometric identification to the external door and all internal lab rooms and server rooms. There are no security cameras.
Use the following risk management approach to determine where compromises may exist, what the consequences of those compromises are, and controls and methods to reduce the likelihood of or severity of the compromise. Identify at least two vulnerabilities, threats, and risks. Recommend what you think is the best control for each vulnerability, threat, and risk identified