Professional Documents
Culture Documents
Communications Transcript
[MUSIC PLAYING]
You have been appointed the Deputy Chief Information Security Officer at one of the subsidiaries of
the media company you work for. As the company continues to expand geographically, the CEO
wants to manage travel costs by using realtime low cost commercial video conferencing systems for
meetings and collaboration. However, such systems come with security issues.
There have been disturbing reports of malicious actors stealing emails, videos, and sensitive data
from other media companies. The company's Chief Information Officer, or CIO, and Chief
Technology Officer, or CTO, say that video conferencing systems will integrate with the current
enterprise networks. But they did not assess system options.
They, along with the Chief Information Security Officer, or CISO, have asked you to recommend a
modernization strategy for the company's video conferencing while maintaining the security of the
sensitive information discussed by the users. Business communications between subject matter
experts, engineers, and executive leaders must be protected. Your task is to provide a proposal for a
secure video conferencing system.
You need to analyze the features of three videoconferencing systems and provide an overview of
each system. After you complete the overview of the systems, you'll recommend a system which
best meets the business functionality and security requirements. You will also prepare a set of high
level executive briefing slides to give the CEO and CIO an overview of your study. Your study and
recommendation will be critical to the company's success.
[MUSIC PLAYING]
Cybersecurity professionals are frequently required to assess the security, risk applications, and
systems for business communications before they can be added to an organization's network.
CISOs need to assess risks posed to the organization and develop new security measures or adjust
current measures to address these risks appropriately. These evaluations involve comparing
competing applications or systems against the organization's baseline to determine the best balance
between business needs and the security and risk appetite of the organization.
Videoconferencing and collaboration systems vary in cost, configuration, functionality, use, and
collaboration capability. These systems are trusted to facilitate sensitive and proprietary discussions
through their use of encrypted communication channels. Yet these systems have vulnerabilities and
are prone to threats and attacks ranging from phishing, credential compromise, and even malware
insertion. Therefore, analysis of possible threats, attacks, and vulnerabilities inherent in these
systems is critical in developing defense and protection strategies for voice and video data at all
endpoints and during transit.
In this project, you will create a proposal for a secure videoconferencing system, which will include
an executive summary..
Deliverables
Proposal for Secure Videoconferencing and Executive Briefing.
When you submit your project, your work will be evaluated using the competencies listed below. You
can use the list below to selfcheck your work before submission.
1.1: Organize document or presentation in a manner that promotes understanding and
meets the requirements of the assignment.
1.2: Develop coherent paragraphs or points to be internally unified and function as part of the
whole document or presentation.
1.3: Provide sufficient, correctly cited support that substantiates the writer’s ideas.
1.4: Tailor communications to the audience.
1.5: Use sentence structure appropriate to the task, message and audience.
1.6: Follow conventions of Standard Written English.
1.7: Create neat and professional looking documents appropriate for the project.
1.8: Create clear oral messages.
2.1: Identify and clearly explain the issue, question, or problem under critical consideration.
2.2: Locate and access sufficient information to investigate the issue or problem.
2.3: Evaluate the information in a logical and organized manner to determine its value and
relevance to the problem.
2.4: Consider and analyze information in context to the issue or problem.
2.5: Develop wellreasoned ideas, conclusions or decisions, checking them against relevant
criteria and benchmarks.
5.6: Explore and address cybersecurity concerns, promote awareness, best practice, and
emerging technology.
5.7: Apply proven methods to secure telecommunications media, transmission, and protocol.
6.3: Specify security solutions based on knowledge of principles, procedures, & tools of data
mgmt, such as modeling techniques, data backup, data recovery, data directories, data
warehousing, data mining, data disposal, & data standardization processes.
7.3: Knowledge of methods and tools used for risk management and mitigation of risk.
7.4: Knowledge of policies, processes, & technologies used to create a balanced approach
to identifying and assessing risks to information assets, personnel, facilities, & equipment,
and to manage affordable mitigation strategies that meet security needs.
8.6: Provides professional preparation for computer digital forensics, investigation of crime,
and preservation of digital evidence in criminal and civil investigations and information
security incident response.
9.4: Manages and supports the acquisition life cycle and cybersecurity products used in the
organization’s design, development, and maintenance of its infrastructure to minimize
potential risks and vulnerabilities.