Assessment Task
Write a 500-word (+/- 10%) report about the human factor in a company’s cybersecurity environment. The report will explore the influence of the human factor in cybersecurity and the legal or other regulatory requirements that apply to cybersecurity practices. The content of the report must be supported by relevant diagrams.
Please refer to the instructions section below for details of how to complete this task.
Context
Cybersecurity is a broad field that includes many different areas of expertise. Anyone working in cybersecurity must possess a basic knowledge of field related terminology and general procedures. This includes knowledge of key technical and organisational methods that can be used to implement security measures, how the human factor influences key decisions regarding which security methods to implement and why the human factor needs to be addressed when setting up a cybersecurity project. In this assessment you will need to write a report which addresses specific questions around
that knowledge in order to prepare you for your future studies and work in cybersecurity related roles.
Instructions
To complete this assessment task, you must write a 500-word (+/- 10%) report discussing the importance of the human factor in a company’s cybersecurity environment. Please review all learning resources for Modules 1-3 prior to writing the report.
The content of the report should:
o provide a definition of cybersecurity
o explain why addressing cybersecurity is an ongoing task for an organisation o discuss recent cybersecurity threats and attacks and how they are exploited by hackers
o evaluate attack vectors that are not user-specific (e.g., brute-force password attack) o evaluate successful attack vectors which are specific to human activities (user specific)
o discuss the role of governance, which is based on cybersecurity frameworks and determines the regulations and/or laws that are required for effective cybersecurity practices
o include a list of applicable local (Australian) and international laws and branch specific regulations that have been created by business organisations. (Please ensure that you include indirect regulations that require cyber security measures), and;
o include relevant diagrams which demonstrate the relationships between human activity, cybersecurity threats and cybersecurity attack vectors.
The report should be written for people with very limited technical knowledge.
In addition to the recommended readings from Modules 1-3 you must support your report with further information obtained by reviewing peer reviewed articles and textbooks. Search specifically using the terms “cybersecurity governance” and “human factors in cybersecurity”.
Please review the Academic Skills page for further support with formatting your report: Report Writing – Academic Skills – Assessment Preparation – Library at Torrens
Referencing
It is essential that you use current APA style for citing and referencing the sources that you use. Please see more information on citing and referencing guidelines on the Academic Skills webpage.
Submission Instructions
Submit this task via the Assessment 1 link in the main navigation menu in CPO442 Cybersecurity Principles and Organisational Practice. The Learning Facilitator will provide feedback via the Grade Centre in the LMS portal. Feedback can be viewed in My Grades.
Academic Integrity
All students are responsible for ensuring that all work submitted is their own, is academically written and appropriately referenced following the Academic Writing Guide. Students also need to have read and be aware of Torrens University Australia Academic integrity policy and procedures and subsequent penalties for academic misconduct. These are available online.
Students must also keep a copy of all submitted material and any assessment drafts.
Special Consideration
To apply for special consideration for a modification to an assessment task or exam due to unexpected or extenuating circumstances, please consult the Assessment Policy for Higher Education Coursework and ELICOS and, if applicable to your circumstance, submit a completed Application for Assessment Special Consideration Form to your Learning Facilitator.
Assessment Rubric
|
Assessment
Attributes
|
Fail
(Yet to achieve
minimum standard)
0-49%
|
Pass
(Functional)
50-64%
|
Credit
(Proficient)
65-74%
|
Distinction
(Advanced)
75-84%
|
High Distinction
(Exceptional)
85-100%
|
|
Importance of
cybersecurity explained; explanation supported with diagrams.
Total Percentage for this Assessment
Attribute = 20%
|
No or only rudimentary explanation of the
importance of
cybersecurity for an
organisation.
No supporting diagrams.
|
General explanation of
the importance of
cybersecurity for an
organisation; no
justification of its
importance provided.
No supporting diagrams.
|
Clear explanation of
the importance of
cybersecurity for an
organisation; some
justification of the
implementation of
cybersecurity
projects.
At least one diagram
showing increases in
attacks or amount of
damage caused.
|
Comprehensive
explanation of the
importance of
cybersecurity for an
organisation; solid
justification of the
implementation of
cybersecurity
projects.
At least two diagrams
showing increases in
attacks or amount of
damage caused.
|
Expert explanation of
the importance of
cybersecurity for an
organisation; solid
and detailed
justification of the
implementation of
cybersecurity
projects.
More than two diagrams showing increases in
attacks and amount of
damage caused.
|
|
Explanation and
justification of why
cybersecurity is an
ongoing task; points supported with sourced diagrams.
|
No explanation or
justification of why
cybersecurity is an
ongoing task.
No explanation of the concept of threat
evolution and the ensuing
|
Brief explanation and
justification of why
cybersecurity is an ongoing task.
Brief explanation of the
concept ofthreat evolution and the ensuing change of
|
Some explanation and
justification of why
cybersecurity is an ongoing task.
Clear explanation of the concept ofthreat evolution and the ensuing change of
|
Comprehensive explanation and justification of why cybersecurity is an ongoing task.
Comprehensive explanation of the concept of threat evolution and the ensuing
|
Expert explanation and justification of why
cybersecurity is an ongoing task.
Expert explanation of the concept ofthreat evolution and the ensuing change of
|
|
Total Percentage for this Assessment
Attribute = 10%
|
change ofservices.
No supporting diagrams.
|
services.
No supporting diagrams.
|
services.
One diagram thatsupports a particular concept or
topic included and
referenced.
|
change ofservices.
Two diagramsthatsupport particular concepts or
topics included and
referenced.
|
services.
More than two diagrams that support particular concepts ortopicsincluded and referenced.
|
|
Role of governance, local and international legislation and
regulations in
cybersecurity.
Total Percentage for this Assessment
Attribute = 30%
|
No awareness of the role of governance, local
and/or international
legislation and regulations around cybersecurity or data privacy
demonstrated.
|
A limited list of applicable laws provided demonstrates a basic awareness of the role of governance, local and/or international cybersecurity regulations and data privacy legislation.
|
A partial list of applicable laws provided and
identification of regulations for business areas
demonstrate a competent understanding of the role of governance, local and/or international cybersecurity regulations and data privacy legislation.
|
An almost complete list of applicable laws provided, with brief discussion of indirect laws included
demonstrate a detailed understanding of the role of governance, local and/or international cybersecurity regulations and data privacy legislation.
|
A complete list of applicable laws provided, with
sufficient discussion of indirect laws included
demonstrate an exemplary and comprehensive
understanding of the role of governance, local and/or international cybersecurity regulations and data privacy legislation.
|
|
Identification and
evaluation of generic attack vectors
Total Percentage for this Assessment
Attribute = 15%
|
No attack vectors
identified.
|
Two attack vectors identified.
|
Three attack vectors
identified and evaluated.
|
Four attack vectors
identified and evaluated.
|
Five or more attack vectors identified and evaluated.
|
|
Identification and
evaluation of user
centric attack vectors
|
No user centric attack
identified.
|
One user centric attack vector identified.
|
Two user centric attack vectors identified and
evaluated.
|
Three user centric attack vectors identified and
evaluated.
|
Four or more user centric attack vectorsidentified and evaluated.
|
|
Total Percentage for this Assessment
Attribute = 15%
|
|
|
|
|
|
|
Report conformsto
academic writing
conventions
Total Percentage for this Assessment
Attribute = 4%
|
Poor level of appropriate language. Punctuation, spelling, style, tone and grammar are often
inadequately expressed or used incorrectly.
|
Adequate level of
appropriate language.
Punctuation, spelling, style, tone and grammar are
adequately expressed but are often incorrect.
|
Good level of appropriate language. Punctuation, spelling, style, tone and grammar are sometimes incorrect.
|
Excellent use of language Punctuation,spelling,style, tone and grammar are well expressed and correct.
Report is understandable and coherently phrased.
|
Highly sophisticated use of language. Punctuation, spelling, style, tone and grammar are very well
expressed and correct.
.
|
|
Consistent use of
reliable resources
Total Percentage for this Assessment
Attribute = 3%
|
Demonstratesinconsistent use of sources to support and develop ideas.
|
Demonstrates use of sources to support and develop some ideas.
|
Demonstrates use of
sourcesto support and
develop most ideas.
|
Demonstrates use of
sources to support and develop almost all ideas.
|
Demonstrates use ofsources to support and develop all ideas.
|
|
Referencing/Correct
citation of resources
Total Percentage for this Assessment
Attribute = 3%
|
Citations follow no
discernible referencing format or pattern of
frequent citation errors.
|
Citations follow APA style format with several citation errors.
|
Most citations are correctly cited following APA style with no more than two citation errors.
|
Nearly all citations are
correctly cited following APA style with no more than one citation error.
|
All citations are correctly cited following APA style.
|
