Analyse the various approaches for mitigating security risk
Specific issues that you need to address in the forum discussions are provided within the first 3 topics. These questions are posed for you to reflect on in the form of written Discussion Board (forum) posts. As this is a postgraduate course, it is expected that your written responses will provide you an opportunity to express your personal and professional views. There are no correct answers, however the way you justify your answers with validated evidence is key to this activity. Post your forum entries as you are prompted within the topics. Your Subject Co-ordinator will respond to your first forum post, and monitor and moderate as required the remaining 2 posts.
You must curate, collect and save your responses in a word document to be submitted on EASTs. This activity’s final mark will be provided prior to the final assessment item. Rationale As this is a graduate course, more is expected from students in the way of participation, and further as a graduate reading course, the opinions of students are actively sought to demonstrate that the reading material has been read, understood and provoked a response.
The readings on a given topic will in general not agree on all issues in the topic, such as the role and feasibility of cyber-insurance, and soliciting written responses from students gives an opportunity for expressing opinions from the professional experience of each student. Also being a distance course, regular posting on the forum promotes the cohesion of the cohort and a notion of group learning for this course.
This assignment is for students to meet parts of the following learning outcomes. Be able to critically analyse the various approaches for mitigating security risk, including when to use insurance to transfer IT risk; be able to critically evaluate IT security risks in terms of vulnerabilities targeted by hackers and the benefits of using intrusion detection systems, firewalls and vulnerability scanners to reduce risk.
1. Asgharpour, F., Liu, D., & Camp, L. J. (2007). Mental models of security risks. In Financial cryptography and data security : lecture notes in computer science (pp. 367-377). Berlin ; New York : Springer.
2. Day, K. (2003). Inside the security mind : making the tough decisions. (329 pages). Upper Saddle River, N. J : Pearson Education.
3. Perception of Risk
Author(s): Paul Slovic
Source: Science, New Series, Vol. 236, No. 4799 (Apr. 17, 1987), pp. 280-285
Published by: American Association for the Advancement of Science
Stable URL: http://www.jstor.org/stable/1698637.