A utility company’s website is attacked by a botnet, a program built specifically to replicate malicious software on the Web. It was spreading rapidly online by injecting itself into vulnerable websites and then waiting for unsuspecting users to click on the site. When they did, the code copied itself on their computers. In a few months, 360,000 sites had been infected. The botnet was diabolically engineered to sniff out the Achilles heel in SQL. The botnet co-opted an application on the company Website and injected itself directly into a company database. The fear was that in the process, it could get past the utility’s larger security perimeter and have its way with the company’s software portfolio of applications, database tools and other code. It also had the potential to install itself on the computers of anyone who visited the utility’s website. The attack was a legitimate risk to the utility company.
The utility knew it wanted (needed) a new culture for how it engineered, developed and tested its software. It also knew it wanted that culture grounded in widely accepted standards. That way, coders could learn from one another, and the company would not be re-inventing its cultural wheel to make its software more secure. The catch was, no one on staff knew much about how to make applications safer.
The design phase of the cyber security development lifecycle (CSDL) requires developers to create something called a cyber threat model. That is, a sense of the cyber attacks an application might face. What kind of exploits might a cyber attacker use? How would hackers gain access to an application running on a computer network? What older, existing pieces of code associated with the new application might be vulnerable? This overall feel for the risks an application might come under allows coders to anticipate risks. Threat models need not be complex: Even high-quality ones can be done on the back of cocktail napkins.
Once the standard was set, critical areas were addressed and basic training was completed, next up was spreading the new cyber security culture inside the utility. Two basic lines of work emerged: remediation on the existing code where needed, and maximizing the cyber security of all new code created from that point on. The company-wide remediation was a copy of the early, high-level work on the website: carefully anticipating threats identified by the utility‘s version of CSDL, analyzing each threat and then refactoring code where necessary. This strategic work was buttressed by scanning tools that helped identify high, medium and low risks. But, despite this automatic assistance, it was immediately clear the work ahead would not be easy.
Time was something the utility’s coders had little of. Its IT department was designed to be an internal resource for the coding needs of various departments: providing the company’s energy traders with a new way to manage their inventory, helping human resources manage employee benefits, and planning how utilities route their electricity or gas. But, under a mandate from the top, they found a way. And, slowly, cyber software security at the utility moved from afterthought to top-of-mind. Under CSDL, the utility now started with cyber security. Step one in the process was identifying a well-thought-out set of cyber threats that showed where a piece of software might be weak. How would the code be used? What was at risk? Then, using its new test tools and protocols, the entire development team became responsible for keeping the code within the standard. The utility had even gone so far as to install a last step — a human review to triple check that all new code cleared the cyber security bar before it went live.
1.What does the design phase of the cyber security development lifecycle (CSDL) require developers to create?
2. Once the standard was set (critical areas were addressed and basic training was completed; next up was spreading the new cyber security culture inside the utility), what were the two basic lines of work that emerged?
3.Why is cyber security not an absolute?
Topic: Cyber Security Development Lifecycle
Link to Presentation: http://booksite.elsevier.com/9780123918550/casestudies/Chapter_04.html
Name 3 Ways
Paper Organization (300pts)
Use Times New Roman 12 font and double spaced. Ensure you are familiar with current APA guidelines as it relates to writing research paper.
PPT Presentation (About 30 minutes Long; 200pts)
Why Choose Us
At Myhomeworkwriters.com, we always aim at 100% customer satisfaction. As such, we never compromise the quality of our essay services. Our essay helpers ensure that they craft each paper carefully to match the requirements in the instruction form.
Professional Academic Writers
With Myhomeworkwriters.com, every student is guaranteed high-quality, professionally written papers. We ensure that we hire individuals with high academic qualifications who can maintain our quality policy. These writers undergo further training to sharpen their writing skills, making them more competent in writing academic papers.
Our company maintains a fair pricing system for all paper writing services to ensure affordability. Our pricing system generates quotations based on the properties of individual papers.
MyHomeworkWriters guarantees all students of swift delivery of papers. We understand that time is an essential factor in the academic world. Therefore, we ensure that we deliver the paper on or before the agreed date to give students ample time for reviewing.
Myhomeworkwriters.com maintains a zero-plagiarism policy. As such, MyHomeworkWriters ensure that they use the students’ instructions to deliver plagiarism-free papers. We are very keen on avoiding any chance of similarities with previous papers.
Customer Support 24/7
Our customer support works around the clock to provide students with assistance or guidance at any time of the day. Students can always communicate with us through our live chat system or our email and receive instant responses. Feel free to contact us via the Chat window or support email: firstname.lastname@example.org.
Try it now!
How it works?
Follow these simple steps to get your paper done
Place your order
Fill in the order form and provide all details of your assignment.
Proceed with the payment
Choose the payment system that suits you most.
Receive the final file
Once your paper is ready, we will email it to you.
Our writers complete papers strictly according to your instructions and needs, no matter what university, college, or high school you study in.
Our Essay Writing Services
MyHomeworkWriters holds a reputation for being a platform that provides high-quality academic services. All you need to do is provide us with all the necessary requirements and wait for quality results.
At MyHomeworkWriters, we have highly qualified academic gurus who will offer great assistance towards completing your essays. Our essay help service providers are well-versed with all the aspects of developing high-quality and relevant essays.
Admission and Business Papers
With Myhomeworkwriters.com, we will help you secure a position at your desired institution. Our essay writing services include the crafting of admissions papers. We will still help you climb your career ladder by helping you write the official papers that will help you secure a job. We will guide you on how to write an outstanding portfolio or resume.
Editing and Proofreading
Myhomeworkwriters.com has a professional editorial team that will help you organize your paper, paraphrase it, and eliminate any possible mistakes. Also, we will help you check on plagiarism to ensure that your final paper posses quality and originality.
My Homework Writers harbors professional academic writers from diverse academic disciplines. As such, we can develop essay help services in all academic areas. The simplicity or complexity of the paper does not affect the quality of essay writing services.