[EssayBishops]
Essays / Information Security/ Information Security Incidents Report

Information Security Incidents Report

HS3011 Information Security Group Assignment

Due: Friday Week 11, 5:00 PM

Weighting: 20%

Group size: 3-4 students

Assignment Overview

Work collaboratively as a group to produce a report addressing Part 1 and Part 2 below. The total word count should range from 2000 to 3000 words (1000-1500 words per part). Use formal academic writing, Harvard referencing, and include at least 7 references plus a bibliography of wider reading.

Part 1 (1000-1500 words)

Analyse and report on the following topics:

  1. Research Kevin Mitnick using web sources. Summarise his activities, explain who caught him, and discuss why he remains infamous in information security history.
  2. Visit www.eff.org. Select one current top concern of the Electronic Frontier Foundation and justify your choice: why this topic matters, and how it connects to core concepts in information security.
  3. Classify each scenario as an incident or disaster. For disasters, indicate if business continuity plans apply.
    • a. A hacker breaks into the company network and deletes files from a server.
    • b. A fire breaks out in the storeroom and sets off sprinklers on that floor. Some computers are damaged, but the fire is contained.
    • c. A tornado hits a local power station, and the company will be without power for three to five days.
    • d. Employees go on strike, and the company could be without critical workers for weeks.
    • e. A disgruntled employee takes a critical server home, sneaking it out after hours.

    For each (a–e), outline steps to restore operations and note if law enforcement involvement is required.

Part 2: Case Exercises (1000-1500 words)

Discuss each case and answer the associated questions.

CASE 1

Technical support at SLS worked to restore systems and install new virus/worm controls after an attack. Amy learned to reinstall OS and applications during recovery.

  1. Do you think this event was caused by an insider or outsider? Explain.
  2. Beyond virus/worm software, what can SLS do to prepare for future incidents?
  3. Was this attack from a virus or a worm? Explain.

CASE 2

Charlie advised Peter on encryption, passphrases, and PKI for key recovery.

  1. Was Charlie exaggerating the time for brute-force cracking?
  2. Are there safe tools besides PKI key recovery to avoid passphrase loss?
  3. If Charlie installed unauthorised key logger software, is it ethical or illegal?
  4. If authorised with employee consent, is Charlie’s “white lie” about cracking the key ethical?

CASE 3

Kelvin faced resistance in a change control meeting. Charlie advised on preparation and small steps.

  1. What project management tasks should Kelvin do before the next meeting?
  2. What change management tasks, and how do they fit project management?
  3. What would you do differently if in Kelvin’s position?
  4. Did Kelvin commit an ethical lapse by adjusting data ranges?
  5. If he fabricated numbers or favoured a friend’s software firm, is that an ethical lapse?

Submission Requirements

  • Include cover sheet, table of contents, and reference list (Harvard style).
  • Submit soft copy for self-check on plagiarism tool, then final submission.
  • Avoid plagiarism; synthesise ideas in your own words.

Marking Rubric

Criteria Very Good (9-10) Good (7-8) Satisfactory (5-6) Unsatisfactory (3-4)
Presentation and writing style /10 Well organised, correct layout (Times New Roman 12 or Calibri 10, double spaced), right length, excellent writing, grammar, paraphrasing. Organised, correct layout, well written, some paraphrasing, proper grammar. Somewhat organised, some layout issues, mostly proper grammar, overuse of quotes. Poorly organised, layout/length errors, poor grammar, excessive quotes.
Criteria completion /15 Strong understanding of requirements, implications, challenges addressed. Good understanding, implications covered, requirements met. Adequate understanding, some implications. Limited understanding.
Evidence of Research /10 Substantial current, appropriate evidence. Good range. Suitable but not always current/appropriate. Insufficient.
Development of Discussion /15 Logical, insightful, original, well-connected, detailed analysis. Detailed, logical, some connection. Adequate, logical, limited analysis. Inadequate, poor flow.
Conclusion /5 Interesting summary, excellent final comment. Good summary, good comment. Satisfactory summary, some new material. Poor/no summary.
Referencing /5 Correct Harvard, all acknowledged, proper list. Mostly correct. Mostly correct, some issues. Problems with acknowledgement/list.

Total /60 marks scaled to /20

Kevin Mitnick gained notoriety through repeated unauthorised access to systems in the 1980s and 1990s, including Pacific Bell and government networks, using social engineering techniques. Federal authorities pursued him for years, and computer expert Tsutomu Shimomura tracked him down after Mitnick hacked his systems. His actions highlighted vulnerabilities in early networks and led to stricter laws on computer crime (Mitnick and Simon 2011, but updated context from recent sources). EFF’s focus on defending encryption counters government backdoor demands and protects user privacy in digital communications. These efforts tie directly to information security principles of confidentiality and integrity against surveillance threats (Electronic Frontier Foundation 2025, https://www.eff.org/deeplinks/2025/12/defending-encryption-us-and-abroad-2025-review). Proper incident classification guides response strategies and resource allocation in organisations facing cyber or physical threats.

References

  • Electronic Frontier Foundation (2025) ‘Defending Encryption in the U.S. and Abroad: 2025 in Review’. Available at: https://www.eff.org/deeplinks/2025/12/defending-encryption-us-and-abroad-2025-review.
  • Electronic Frontier Foundation (2026) ‘Surveillance Self-Defense: 2025 Year in Review’. Available at: https://www.eff.org/deeplinks/2025/12/surveillance-self-defense-2025-year-review.
  • Stahl, B.C. et al. (2021) ‘Ethical and social issues in information systems’, Journal of Information Technology, 36(2), pp. 123-140. Available at: https://doi.org/10.1177/0268396221998456.
  • Whitman, M.E. and Mattord, H.J. (2022) Principles of information security. 7th edn. Boston: Cengage Learning.
  • Cavusoglu, H. et al. (2019) ‘Decision-theoretic and game-theoretic approaches to IT security investment’, Journal of Management Information Systems, 35(4), pp. 1125-1155. Available at: https://doi.org/10.1080/07421222.2018.1523560.

Key Guarantees

  • Plagiarism-Free
  • On-Time Delivery
  • Student-Based Prices
  • Human Written Papers

Related Topics:

#EFF privacy concerns#ethical issues in cybersecurity cases#HS3011 assignment#incident vs disaster classification

Pricing Guide

Discounted from $13/page

Proceed to Order

Need Assistance?

Our support team is available 24/7 to answer your questions. Find human writers help for your essays, research paper & case study assignments!

Chat with Support

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by