Skip to content
Snippets Groups Projects
Commit 1a269edf authored by James D'Alton's avatar James D'Alton
Browse files

removed filler text from other sections

parent e8cee6e2
No related branches found
No related tags found
1 merge request!1Final report
Expand all Show whitespace changes
Inline Side-by-side
report/10_ProjectManagement.tex
+ 2
30
View file @ 1a269edf
......@@ -3,33 +3,5 @@
%% ----------------------------------------------------------------
\chapter{PROJECT MANAGEMENT}
\section{Compliance}
Compliance is an important, expensive, and complex problem to deal with. \cite{ComplianceGovernance} It relates to the conformance to a set of laws, regulations, policies or best practices. \cite{ComplianceGovernance} These sets of rules are known as standards. Organisations can be required to take steps to put policies and controls in place that ensure conformity with the regulations outlined in their given compliance standard(s), the purpose of which is to safeguard the organisation against security threats.
\subsection{Compliance in Cyber Security}
Cyber security is the body of technologies, processes, and practices designed to protect networks, computers, programs, and data from attack, damage, or unauthorized access. \cite{CSCRM} Cyber security standards have existed for a long time, affecting the necessary policies and practices of individuals and organisations over the last several decades. \cite{StanfordConsortium} Various regulations and legislation often struggle to keep up with the latest cyber threats due to the rapid evolution of the field. \cite{GDPR} As a result of the expanding pool of available tools, there is an ever-increasing number of people able to access the world of cyber crime. This makes it all the more crucial that conforming to the latest standards becomes an imperative for every company, regardless of the size of the enterprise. The hope for this project is that it will help to enable organisations to achieve compliance with any given standard in a cost effective manner.
\subsection{Cyber Essentials}
The UK Government worked with the a number of other institutions to develop Cyber Essentials, a set of basic standards to help organisations defend themselves from common security threats online. \cite{CyberEssentials} The scheme is designed to prevent unskilled individuals from being able to find basic vulnerabilities in an organisation by providing advice, and two different levels of certification; \textquotedblleft Cyber Essentials\textquotedblright\ and \textquotedblleft Cyber Essentials Plus\textquotedblright. The former is a self-assessment designed to be light-weight and easy to follow, while in the latter, a certification body carries out the verification of the organisation\textquoteright s cyber security, instead of it being done by the company in question.
\section{Crime}
There has been a significant increase in cyber criminal activity in recent years. \cite{GDPR} The methods used by criminals are currently changing as businesses begin to be targeted more frequently than individuals. \cite{GDPR} Cyber crime is growing at a rapid rate, making it increasingly troublesome for regulations and legislation to keep pace, resulting in outdated laws that are often unfit for purpose. \cite{GDPR}
\section{Supply Chains}
Supply chain management is an integrating function with primary responsibility for linking major business functions and business processes within and across companies into a cohesive and high-performing business model. \cite{CSCRM} It includes all logistics management activities as well as manufacturing operations, and it drives coordination of processes and activities within and across marketing, sales, product design, finance, and information technology. \cite{CSCRM}
\subsection{Supply Chain Security}
Supply chain security focuses on the potential threats associated with an organisation\textquoteright s suppliers of goods and services, many of which may have extensive access to resources and assets within the enterprise environment or to an organisation\textquoteright s customer environments - some of which may be sensitive in nature. \cite{CombattingCyberRisks}
\section{Impacts}
Cyber attacks are financially devastating and disrupting to people and businesses. Successful attacks have the potential to expose personal information, leaving the victims of these security breaches vulnerable to fraud. \cite{CyberCrime} Victims are also left vulnerable to further attacks, using the information previously gathered by attackers.
\subsection{The Effect on Business and Loss of Confidence}
According to a survey by Ping Identity (a company that sells a number of cloud and software identity security solutions), 75\% of people stop engaging with a brand online following a data breach, as well as 59\% saying they were not willing to sign up to use an online service or application that had recently experienced a data breach. \cite{ITGovernance} In spite of this, 56\% said they are not willing to pay anything to application or online service providers for added security to protect their personal information. \cite{ITGovernance}
\subsection{Legal consequences}
GDPR requires proper management of all the personal information held by an organisation. \cite{BusinessInfo} If this information is compromised, and that organisation has neglected to deploy basic security measures, it is possible they will face fines and regulatory sanctions. \cite{BusinessInfo}
\section{Case Study: Pouring Pounds Ltd}
Two cashback sites owned by Pouring Pounds Ltd were found to have leaked two terabytes worth of personally identifiable information and account data. This was made possible because of an unprotected database, which could be accessed through an exposed port on the company's server. The leak occured in October 2019 and has affected approximately 3.5 million individuals. \cite{z6mag}
\ No newline at end of file
\section{...}
TODO
\ No newline at end of file
report/11_Conclusions.tex
+ 3
0
View file @ 1a269edf
......@@ -2,3 +2,6 @@
%% Conclusions.tex
%% ----------------------------------------------------------------
\chapter{CONCLUSIONS} \label{Chapter: Conclusions}
\section{...}
TODO
\ No newline at end of file
report/12_FutureWork.tex
+ 3
0
View file @ 1a269edf
......@@ -2,3 +2,6 @@
%% Conclusions.tex
%% ----------------------------------------------------------------
\chapter{FUTURE WORK} \label{Chapter: Future Work}
\section{...}
TODO
\ No newline at end of file
report/2_ProjectGoals.tex
+ 3
4
View file @ 1a269edf
......@@ -4,13 +4,12 @@
\chapter{PROJECT GOALS}
\section{Objectives}
The objectives for this project are outlined below. Ultimately, the goal of the project is to enable organisations to maintain and improve their cyber security by adhering to various compliance standards such as the guidelines set out by the UK government's Cyber Essentials scheme. The scheme aims to protect organisations from a range of attacks that could be carried out by relatively unskilled individuals - the most common cyber threat to businesses. \cite{CyberEssentials}
\subsection{Outline and Design of Web Application System}
\subsection{Implementation and Validation of Web Application}
\subsection{Results, Analysis and Evaluation of Project Work}
\subsection{Implementation and Validation of Web Application}
\subsection{}
\subsection{Results, Analysis and Evaluation of Project Work}
report/5_Design.tex
+ 2
30
View file @ 1a269edf
......@@ -3,33 +3,5 @@
%% ----------------------------------------------------------------
\chapter{DESIGN}
\section{Compliance}
Compliance is an important, expensive, and complex problem to deal with. \cite{ComplianceGovernance} It relates to the conformance to a set of laws, regulations, policies or best practices. \cite{ComplianceGovernance} These sets of rules are known as standards. Organisations can be required to take steps to put policies and controls in place that ensure conformity with the regulations outlined in their given compliance standard(s), the purpose of which is to safeguard the organisation against security threats.
\subsection{Compliance in Cyber Security}
Cyber security is the body of technologies, processes, and practices designed to protect networks, computers, programs, and data from attack, damage, or unauthorized access. \cite{CSCRM} Cyber security standards have existed for a long time, affecting the necessary policies and practices of individuals and organisations over the last several decades. \cite{StanfordConsortium} Various regulations and legislation often struggle to keep up with the latest cyber threats due to the rapid evolution of the field. \cite{GDPR} As a result of the expanding pool of available tools, there is an ever-increasing number of people able to access the world of cyber crime. This makes it all the more crucial that conforming to the latest standards becomes an imperative for every company, regardless of the size of the enterprise. The hope for this project is that it will help to enable organisations to achieve compliance with any given standard in a cost effective manner.
\subsection{Cyber Essentials}
The UK Government worked with the a number of other institutions to develop Cyber Essentials, a set of basic standards to help organisations defend themselves from common security threats online. \cite{CyberEssentials} The scheme is designed to prevent unskilled individuals from being able to find basic vulnerabilities in an organisation by providing advice, and two different levels of certification; \textquotedblleft Cyber Essentials\textquotedblright\ and \textquotedblleft Cyber Essentials Plus\textquotedblright. The former is a self-assessment designed to be light-weight and easy to follow, while in the latter, a certification body carries out the verification of the organisation\textquoteright s cyber security, instead of it being done by the company in question.
\section{Crime}
There has been a significant increase in cyber criminal activity in recent years. \cite{GDPR} The methods used by criminals are currently changing as businesses begin to be targeted more frequently than individuals. \cite{GDPR} Cyber crime is growing at a rapid rate, making it increasingly troublesome for regulations and legislation to keep pace, resulting in outdated laws that are often unfit for purpose. \cite{GDPR}
\section{Supply Chains}
Supply chain management is an integrating function with primary responsibility for linking major business functions and business processes within and across companies into a cohesive and high-performing business model. \cite{CSCRM} It includes all logistics management activities as well as manufacturing operations, and it drives coordination of processes and activities within and across marketing, sales, product design, finance, and information technology. \cite{CSCRM}
\subsection{Supply Chain Security}
Supply chain security focuses on the potential threats associated with an organisation\textquoteright s suppliers of goods and services, many of which may have extensive access to resources and assets within the enterprise environment or to an organisation\textquoteright s customer environments - some of which may be sensitive in nature. \cite{CombattingCyberRisks}
\section{Impacts}
Cyber attacks are financially devastating and disrupting to people and businesses. Successful attacks have the potential to expose personal information, leaving the victims of these security breaches vulnerable to fraud. \cite{CyberCrime} Victims are also left vulnerable to further attacks, using the information previously gathered by attackers.
\subsection{The Effect on Business and Loss of Confidence}
According to a survey by Ping Identity (a company that sells a number of cloud and software identity security solutions), 75\% of people stop engaging with a brand online following a data breach, as well as 59\% saying they were not willing to sign up to use an online service or application that had recently experienced a data breach. \cite{ITGovernance} In spite of this, 56\% said they are not willing to pay anything to application or online service providers for added security to protect their personal information. \cite{ITGovernance}
\subsection{Legal consequences}
GDPR requires proper management of all the personal information held by an organisation. \cite{BusinessInfo} If this information is compromised, and that organisation has neglected to deploy basic security measures, it is possible they will face fines and regulatory sanctions. \cite{BusinessInfo}
\section{Case Study: Pouring Pounds Ltd}
Two cashback sites owned by Pouring Pounds Ltd were found to have leaked two terabytes worth of personally identifiable information and account data. This was made possible because of an unprotected database, which could be accessed through an exposed port on the company's server. The leak occured in October 2019 and has affected approximately 3.5 million individuals. \cite{z6mag}
\ No newline at end of file
\section{...}
TODO
\ No newline at end of file
report/7_TestingAndSoftwareValidation.tex
+ 2
30
View file @ 1a269edf
......@@ -3,33 +3,5 @@
%% ----------------------------------------------------------------
\chapter{TESTING AND SOFTWARE VALIDATION}
\section{Compliance}
Compliance is an important, expensive, and complex problem to deal with. \cite{ComplianceGovernance} It relates to the conformance to a set of laws, regulations, policies or best practices. \cite{ComplianceGovernance} These sets of rules are known as standards. Organisations can be required to take steps to put policies and controls in place that ensure conformity with the regulations outlined in their given compliance standard(s), the purpose of which is to safeguard the organisation against security threats.
\subsection{Compliance in Cyber Security}
Cyber security is the body of technologies, processes, and practices designed to protect networks, computers, programs, and data from attack, damage, or unauthorized access. \cite{CSCRM} Cyber security standards have existed for a long time, affecting the necessary policies and practices of individuals and organisations over the last several decades. \cite{StanfordConsortium} Various regulations and legislation often struggle to keep up with the latest cyber threats due to the rapid evolution of the field. \cite{GDPR} As a result of the expanding pool of available tools, there is an ever-increasing number of people able to access the world of cyber crime. This makes it all the more crucial that conforming to the latest standards becomes an imperative for every company, regardless of the size of the enterprise. The hope for this project is that it will help to enable organisations to achieve compliance with any given standard in a cost effective manner.
\subsection{Cyber Essentials}
The UK Government worked with the a number of other institutions to develop Cyber Essentials, a set of basic standards to help organisations defend themselves from common security threats online. \cite{CyberEssentials} The scheme is designed to prevent unskilled individuals from being able to find basic vulnerabilities in an organisation by providing advice, and two different levels of certification; \textquotedblleft Cyber Essentials\textquotedblright\ and \textquotedblleft Cyber Essentials Plus\textquotedblright. The former is a self-assessment designed to be light-weight and easy to follow, while in the latter, a certification body carries out the verification of the organisation\textquoteright s cyber security, instead of it being done by the company in question.
\section{Crime}
There has been a significant increase in cyber criminal activity in recent years. \cite{GDPR} The methods used by criminals are currently changing as businesses begin to be targeted more frequently than individuals. \cite{GDPR} Cyber crime is growing at a rapid rate, making it increasingly troublesome for regulations and legislation to keep pace, resulting in outdated laws that are often unfit for purpose. \cite{GDPR}
\section{Supply Chains}
Supply chain management is an integrating function with primary responsibility for linking major business functions and business processes within and across companies into a cohesive and high-performing business model. \cite{CSCRM} It includes all logistics management activities as well as manufacturing operations, and it drives coordination of processes and activities within and across marketing, sales, product design, finance, and information technology. \cite{CSCRM}
\subsection{Supply Chain Security}
Supply chain security focuses on the potential threats associated with an organisation\textquoteright s suppliers of goods and services, many of which may have extensive access to resources and assets within the enterprise environment or to an organisation\textquoteright s customer environments - some of which may be sensitive in nature. \cite{CombattingCyberRisks}
\section{Impacts}
Cyber attacks are financially devastating and disrupting to people and businesses. Successful attacks have the potential to expose personal information, leaving the victims of these security breaches vulnerable to fraud. \cite{CyberCrime} Victims are also left vulnerable to further attacks, using the information previously gathered by attackers.
\subsection{The Effect on Business and Loss of Confidence}
According to a survey by Ping Identity (a company that sells a number of cloud and software identity security solutions), 75\% of people stop engaging with a brand online following a data breach, as well as 59\% saying they were not willing to sign up to use an online service or application that had recently experienced a data breach. \cite{ITGovernance} In spite of this, 56\% said they are not willing to pay anything to application or online service providers for added security to protect their personal information. \cite{ITGovernance}
\subsection{Legal consequences}
GDPR requires proper management of all the personal information held by an organisation. \cite{BusinessInfo} If this information is compromised, and that organisation has neglected to deploy basic security measures, it is possible they will face fines and regulatory sanctions. \cite{BusinessInfo}
\section{Case Study: Pouring Pounds Ltd}
Two cashback sites owned by Pouring Pounds Ltd were found to have leaked two terabytes worth of personally identifiable information and account data. This was made possible because of an unprotected database, which could be accessed through an exposed port on the company's server. The leak occured in October 2019 and has affected approximately 3.5 million individuals. \cite{z6mag}
\ No newline at end of file
\section{...}
TODO
\ No newline at end of file
report/8_ResultsAndAnalysis.tex
+ 2
30
View file @ 1a269edf
......@@ -3,33 +3,5 @@
%% ----------------------------------------------------------------
\chapter{RESULTS AND ANALYSIS}
\section{Compliance}
Compliance is an important, expensive, and complex problem to deal with. \cite{ComplianceGovernance} It relates to the conformance to a set of laws, regulations, policies or best practices. \cite{ComplianceGovernance} These sets of rules are known as standards. Organisations can be required to take steps to put policies and controls in place that ensure conformity with the regulations outlined in their given compliance standard(s), the purpose of which is to safeguard the organisation against security threats.
\subsection{Compliance in Cyber Security}
Cyber security is the body of technologies, processes, and practices designed to protect networks, computers, programs, and data from attack, damage, or unauthorized access. \cite{CSCRM} Cyber security standards have existed for a long time, affecting the necessary policies and practices of individuals and organisations over the last several decades. \cite{StanfordConsortium} Various regulations and legislation often struggle to keep up with the latest cyber threats due to the rapid evolution of the field. \cite{GDPR} As a result of the expanding pool of available tools, there is an ever-increasing number of people able to access the world of cyber crime. This makes it all the more crucial that conforming to the latest standards becomes an imperative for every company, regardless of the size of the enterprise. The hope for this project is that it will help to enable organisations to achieve compliance with any given standard in a cost effective manner.
\subsection{Cyber Essentials}
The UK Government worked with the a number of other institutions to develop Cyber Essentials, a set of basic standards to help organisations defend themselves from common security threats online. \cite{CyberEssentials} The scheme is designed to prevent unskilled individuals from being able to find basic vulnerabilities in an organisation by providing advice, and two different levels of certification; \textquotedblleft Cyber Essentials\textquotedblright\ and \textquotedblleft Cyber Essentials Plus\textquotedblright. The former is a self-assessment designed to be light-weight and easy to follow, while in the latter, a certification body carries out the verification of the organisation\textquoteright s cyber security, instead of it being done by the company in question.
\section{Crime}
There has been a significant increase in cyber criminal activity in recent years. \cite{GDPR} The methods used by criminals are currently changing as businesses begin to be targeted more frequently than individuals. \cite{GDPR} Cyber crime is growing at a rapid rate, making it increasingly troublesome for regulations and legislation to keep pace, resulting in outdated laws that are often unfit for purpose. \cite{GDPR}
\section{Supply Chains}
Supply chain management is an integrating function with primary responsibility for linking major business functions and business processes within and across companies into a cohesive and high-performing business model. \cite{CSCRM} It includes all logistics management activities as well as manufacturing operations, and it drives coordination of processes and activities within and across marketing, sales, product design, finance, and information technology. \cite{CSCRM}
\subsection{Supply Chain Security}
Supply chain security focuses on the potential threats associated with an organisation\textquoteright s suppliers of goods and services, many of which may have extensive access to resources and assets within the enterprise environment or to an organisation\textquoteright s customer environments - some of which may be sensitive in nature. \cite{CombattingCyberRisks}
\section{Impacts}
Cyber attacks are financially devastating and disrupting to people and businesses. Successful attacks have the potential to expose personal information, leaving the victims of these security breaches vulnerable to fraud. \cite{CyberCrime} Victims are also left vulnerable to further attacks, using the information previously gathered by attackers.
\subsection{The Effect on Business and Loss of Confidence}
According to a survey by Ping Identity (a company that sells a number of cloud and software identity security solutions), 75\% of people stop engaging with a brand online following a data breach, as well as 59\% saying they were not willing to sign up to use an online service or application that had recently experienced a data breach. \cite{ITGovernance} In spite of this, 56\% said they are not willing to pay anything to application or online service providers for added security to protect their personal information. \cite{ITGovernance}
\subsection{Legal consequences}
GDPR requires proper management of all the personal information held by an organisation. \cite{BusinessInfo} If this information is compromised, and that organisation has neglected to deploy basic security measures, it is possible they will face fines and regulatory sanctions. \cite{BusinessInfo}
\section{Case Study: Pouring Pounds Ltd}
Two cashback sites owned by Pouring Pounds Ltd were found to have leaked two terabytes worth of personally identifiable information and account data. This was made possible because of an unprotected database, which could be accessed through an exposed port on the company's server. The leak occured in October 2019 and has affected approximately 3.5 million individuals. \cite{z6mag}
\ No newline at end of file
\section{...}
TODO
\ No newline at end of file
report/master.pdf
+ 3195
5595
View file @ 1a269edf
This diff is collapsed.
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment