Advanced persistent threats (APTs) have been thrust into the spotlight due to their advanced tactics, techniques, procedures, and tools. These APTs are resourced unlike other types of cyber threat actors.
Your chief technology officer (CTO) has formed teams to each develop a detailed analysis and presentation of a specific APT, which she will assign to the team.
This is a team assignment, and the team members that were selected by the instructor in the previous assignment will work together. It is up to the team members to decide who is responsible for contributing to the sections of the paper. Remember, if a member fails to complete his or her part of the work, the team is still responsible for all sections.
Note that you are required to complete a peer review for yourself and for each member of the team. The peer review template is provided in the Activities folder.
Your team’s report should use the The Cybersecurity Threat Landscape Team Assignment Resources to cover the following five areas:
Part 1: Threat Landscape Analysis
•
o Provide a detailed analysis of the threat landscape.
o What has changed over the past year?
o Describe common tactics, techniques, and procedures to include threat actor types.
o What are the exploit vectors and vulnerabilities threat actors are predicted to take advantage of?
Part 2: APT Analysis
•
o Provide a detailed analysis and description of the APT your group was assigned. Describe the specific tactics used to gain access to the target(s).
o Describe the tools used. Describe what the objective of the APT was/is. Was it successful?
Part 3: Cybersecurity Tools, Tactics, and Procedures
•
o Describe current hardware- and software-based cybersecurity tools, tactics, and procedures.
o Consider the hardware and software solutions deployed today in the context of defense-in-depth.
o Elaborate on why these devices are not successful against the APTs.
Part 4: Machine Learning and Data Analytics
•
o Describe the concepts of machine learning and data analytics and how applying them to cybersecurity will evolve the field.
o Are there companies providing innovative defensive cybersecurity measures based on these technologies? If so, what are they? Would you recommend any of these to the CTO?
Part 5: Using Machine Learning and Data Analytics to Prevent APT
•
o Describe how machine learning and data analytics could have detected and/or prevented the APT you analyzed had the victim organization deployed these technologies at the time of the event. Be specific.
Notes
• Use additional sources of information but also describe the concept in layman’s terms.
• Use visuals where appropriate.
• While quality is valued over quantity, it is expected that a quality paper will result in a minimum length of 10–15 pages.
• You will be assigned an individual grade for this assignment based on your contribution to the overall project.