Professional Documents
Culture Documents
Student Name
Institutional Affiliation
Course Name
Instructor Name
Date
2
Table of Content
Overview....................................................................................................................................3
Scope of Work............................................................................................................................4
Lesson Learned..........................................................................................................................9
References................................................................................................................................14
3
Overview
Credited as one of the largest manufacturers of hard disk drives, Western Digital has
presence in 10 countries and 28 locations worldwide. The corporation offers data storage
devices and network-attached storage solutions for enterprise applications. Founded in 1970
and headquartered in San Jose, California, the second-tier competitor in the electronics
industry designs, markets and distributes innovative storage products that are also used for
consumer applications, USB drives, and memory cards (Western Digital, 2018). Their
offerings include solid state drives, cloud storage solutions and data center systems. Initially,
Western Digital sourced most of its disks from Toshiba and Fujitsu, but has made recent
investments in fabricating its own NAND flash chips that are used to make SSDs.
As with any company, Western Digital is trying to ensure that there are no risks to
operations and that the company is as safe as possible from attack either from inside or
outside the company. In order to help protect themselves, Western Digital is going to evaluate
their protection system and engage in good security practices. The purpose of the
current processes and to determine the best mitigation measures to protect their information
systems and data used to conduct day-to-day operations. The critical aspects within Western
Network Security - Wide Area Network, Local Area Network, and Wireless
Infrastructure
Scope of Work
This assessment was completed on-site. The assessment team was granted physical
and logical access to specific systems under the supervision of a Western Digital employee.
Companies may choose to allow a third party to remotely assess their data systems and this
process is not uncommon. Risks were identified, classified and priority levels assigned. The
assessment team was given access on a need-to-know basis and was not privy to any
information from other systems or departments outside of their scope. Threats to security
architecture and configurations of the enterprise were determined. Due to external embargo,
some details related to system architecture could not be disclosed in this report. The
following are the tasks and assets under review: external and internal networks, applications,
The work breakdown structure required to conduct the vulnerability assessment is identified
Category Task
Internal: employee or contractor, compliance Test the internal network for penetration
and guidelines
training
External: technology, accessibility, network, Test the external network for penetration
database threats
activities
dangers
Test VOIP
Installed security: locks, access control Monitor physical security mechanisms for
information systems
management applications
requirements
agreements
6
7
Internal Threats
Category Threat Prioritization Explanation of Threat Vulnerability Risk (Probability)
Physical access monitored properly and there
Social Engineering 7 Naive people exploited High
are holes that could be exploited
Requirement for there to be software to
advise when unauthorized media is plugged
Low
Data is made available to into network or when large amount of data
Data Leakage 2
untrusted personnel leave the network
Personnel
Spectrum not monitored for unauthorized
High
wireless or Bluetooth connections
No software on network to look for illegal
Low
Illegal activities occurring activity and unauthorized activity
Illegal Activities 6
on the company network Bad/malicious/harmful/illegal sites not
Medium
blocked
Scans are not occurring frequently enough to
Low
look for this type of activities.
Disgruntled or malicious
Some administrators are given higher
Insider Threat 1 employees conducting High
privileges than required.
nefarious activities
Network Security Background checks may not be completed
Low
properly.
Users with escalated No segregation of activities High
Privilege Abuse 5 privileges doing nefarious Proper Controls are not in place to counter
High
acts this threat
Proper monitoring is not in place Low
Potential us of biometrics not in place to
Theft of material by
Physical Security Employee Theft 4 ensure control of material by monitoring
employees High
personnel and ensuring they are authorized to
conduct activities
Policy that is not up to
date for technology and
Outdated Policies and Outdated policy makes it difficult to ensure
Cybersecurity 3 procedures can make it High
procedures user adhere to policy
difficult to hold users
accountable
8
External Threats
Category Threat Prioritization Explanation of Threat Vulnerability Risk (Probability)
Gaining sensitive
Phishing 6 information by appearing Unaware users High
to be a legitimate source
Storing more data than
High
needed for job
Personnel Sensitive or confidential Not safeguarding data Medium
data viewed stolen or Not destroying data properly Low
Data Breaches 2
utilized by personnel who Outdated policy and procedures for sensitive
High
do not have authorization data
Unaware Users High
Portable media not controlled properly Medium
Unaware users High
Insufficient training for security personnel Medium
Physical Security Social Engineering 7 Naive people exploited
Processes and processes and procedures
High
either misunderstood or out of date
Software intended to Outdated or not installed anti-virus Low
provide access to Outdates or not installed malware software Low
Malicious Threats 1
unauthorized personnel; or
Outdates or not installed spyware software Low
damage to networks
Spectrum not scanned to identify
Unknown or unauthorized High
unauthorized users
listening to
Network Security Eavesdropping 4 Spectrum not scanned to identify
electronic/radio Medium
unauthorized users
communications
Anomalies not monitored on network Low
No monitoring for DDOS Medium
Making network
No method to throttle traffic to counter
DDOS 5 unavailable through Low
DDOS
malicious attacks
Firewall not configured to counter DDOS Low
Policy that is not up to
date for technology and
procedures can make it
Outdated Policies and Outdated policy makes it difficult to ensure
Cybersecurity 3 difficult to hold users Medium
procedures user adhere to policy
accountable and to ensure
network is functioning
safely.
9
Lesson Learned
Pervasive flaws in the way information is handled can lead to a data breach which
unauthorized access to the system or network (Yeboah-Ofori & Islam, 2019). On the basis of
their impact, threats are classified into low, medium, high and critical levels. Critical threats
are those that pose a risk to employees and can potentially cause disruption to the
priority considerations when data are handled. What this means for Western Digital, is that
their data should not be vulnerable to any threat and they should take precautionary steps in
safeguarding it.
assets. The personnel and policies that are employed should be managed in a way that
protects and secures the organization's intellectual properties, intellectual assets and
technology. Additional measures should be taken to ensure that the physical access of data is
limited to only those people who have business purposes behind it. Likewise, physical
security should be maintained in the premises where information is stored to prevent any
identified risk to leadership in a manner which they understand and that is not very technical
in nature. The risk needs to be quantified in terms of how it affects the operations of Western
Digital and how taking the necessary action will help to mitigate the risk and protect the
operations of Western Digital. Documenting the risks is also very important so that it can be a
10
part of the overall cyber security risk management plan and to recommend a course of action.
The status of the risk management exercise should be updated at regular intervals to ensure
that it is not slipping through the net for any reason. When this does happen, it is important
enough to report and also make it known to the board so that they will have a better
It is critical to have a detailed plan, be thoughtful and utilize available data. Even
though the risk is not ongoing and should not be kept for too long, it is important to establish
an action plan that can be used as a template model. In order to determine whether there are
any known vulnerabilities that might be exploited by a threat agent, information should be
obtained from the source. The details of the vulnerability should be reviewed and if there are
any recently published vulnerabilities, they should be incorporated into the plan. This helps to
guide resource allocation, set priorities and to get leadership buy in and support for the plan.
It is critical to have leadership buy in or the vulnerability assessment will be doomed from the
beginning.
(Talbot & Jakeman, 2011). A vulnerability assessment cannot just be conducted and shelved.
The recommendations must be put in place or the organization will remain vulnerable. It is
important to first identify the threats that could be exploited. The vulnerability assessment
must be conducted in a manner that does not disclose any sensitive information while
identifying weaknesses inherent in the information systems, personal or physical security and
within the processes and policy that could be exploited leading to an attack from within or
outside the organization. After that, it is time to assign a level of probability to each
prospective danger, such as "high," "medium," or "low." This helps to provide a method to
tackle the issue or risk and how to apply resources within the organization to mitigate the
Finally, remediation plans are to be put in place. This involves the implementation of
measures that would remove the vulnerability or mitigate its impact or impact it less. The
implementation of a plan does not immediately mitigate the risk and is not an end-all solution
for all. An organization should monitor the progress of remediation on a regular basis and
take corrective action if corrective measures have not been taken within a specified time of
time. This is extremely important and requires the leadership to decide on which measure to
put in place first and to approve the implementation plan of the mitigation measures.
Network analysis tools are a must for performing vulnerability assessment and
penetration testing (Lamba, 2014). The use of these tools helps an "attacker" to identify
network services, protocols, CMS in use and host names. This information is then used to
gain further access and expose more vulnerabilities within the organization. If Western
Digital's employees are trained on accountability and proper policies are formulated, these
tools will help secure critical elements of the organization. There are a number of tool sets
A network audit ensures all the components of the network are understood and that no
unauthorized components join the network. An example of such a tool is Network Mapper
(Nmap), which can also be used to monitor network traffic, host or service uptime, and to
detect unauthorized communication (Husák et al., 2021). Packet analysis tools identify live
hosts, firewall used, operating systems and network devices on a network. Wireshark is fit for
this job and can sniff data contained in packets that traverse the network. Another tool that
must be used is port scanning. This helps identify ports that are open or closed on the network
and whether firewalls are in place to prevent unauthorized access to private networks. Port
scanning can help with the discovery of CMS applications, or web services in the case of a
12
private cloud system. The most common port scanners are Nmap and Hydra (Arhami &
Hidayat, 2019).
It is required to scan the entire corporate Western Digital network and to determine
the vulnerabilities that exist within the network. These tools can be used to identify missing
patches, misconfigurations and the presence of known vulnerabilities. A very popular and
respected tool that is widely available is Nessus (Kott & Arnold, 2013) and this will be used
by the team. A password cracking tool called John the Ripper can be used to audit passwords
against a database of previously cracked or leaked passwords. Western Digital must ensure
References
Arhami, M., & Hidayat, H. T. (2019, June). Analysis and implementation of the Port
Series: Materials Science and Engineering (Vol. 536, No. 1, p. 012129). IOP
Publishing.
Husák, M., Laštovička, M., & Tovarňák, D. (2021, August). System for continuous collection
The 16th International Conference on Availability, Reliability and Security (pp. 1-8).
Kott, A., & Arnold, C. (2013). The promises and challenges of continuous monitoring and
Lamba, A. (2014). Cyber Attack Prevention Using VAPT Tools (Vulnerability Assessment &
Talbot, J., & Jakeman, M. (2011). Security risk management body of knowledge. John Wiley
& Sons.
Yeboah-Ofori, A., & Islam, S. (2019). Cyber security threat modeling for supply chain