INSTRUCTION:

1.
Open a web browser and go to http://targetedattacks.trendmicro.com/ accomplish
the "Targeted Attack: The Game". This game by Trend Micro will place you in different
situations in a company that requires critical decision-making when it comes to
cybersecurity and risk management.
2.
No need to create an account.
3.
Carefully read conversations (subtitles) within the game, for you to come up with the
appropriate cybersecurity-related decisions when a question pops-up. You may also take
down important information that would help you answer items in Step 5.
4.
At the end of the game, a summary explaining your decisions will be presented to you.

5.
After the summary explaining your decisions, answer the following items (essay) using
not less than four (4) sentences:
A.
Is cybersecurity risk management complex? Why or why not?

Cybersecurity, based on what I've read about the game and my own experience, is
extremely difficult to handle because it's expensive and time-consuming, but it's a must-
have. Because their business or organization will be vulnerable to attacks such as
ransomware or virus attacks if they do not update or improve their security, handling it is
extremely difficult because you must first consider the nature of it and its divisions in
order to truly understand the mechanism and be able to recognize its flaws. Cybersecurity
risk management is a complicated system with many interconnected components. If a
person. If one component fails, the entire system may be jeopardized. It entails analyzing
your risks and weaknesses, as well as implementing administrative and comprehensive
solutions to ensure that your company is effectively safeguarded.

B.
What particular cybersecurity/risk management question in the game was difficult to
answer? Rationalize your answer.

It's critical to underline that cybersecurity is a danger that affects the entire company. It
usually entails all of your resources. Employees, business units, and operational units As
well as all of your third parties, to minimize vulnerable flaws. It protects against data
breaches and cyberattacks that may have been avoided. The game uses your end-users'
full power to create an impenetrable barrier against future cybercrime in your company.
In a circumstance where an organization is confronted with a large data leak and the
options are to ignore it, take action, or continue with the product launch, there are two
roles that you can play. Need to conduct at the same time so that those two can catch each
other or nothing will be left behind in short, but in this case, it is very difficult for me to
decide whether to catch each other because I can't predict the outcome of my decisions at
all, and because this decision requires a collective effort rather than just myself.

C.
Would you answer differently if you were asked to play the game again? Why or why
not?

If I play the game again, I believe I will choose the correct response wisely because I
want to know the correct game conclusion, the correct decision, and the wise decision
that improves a business. I fail on the conclusion of my game because I didn't think about
the repercussions of my actions and just did what came to me as a result, and as a result, I
fail and this happens, but next time I need to use more creativity and ponder on what is
actually the appropriate choice. I'd make sure that the goals and objectives were set in a
more realistic context. In addition, you'll obtain insight into your job-related flaws. They
can also be trying to figure out how you handle failure. And whether you can recognize
and correct your flaws ahead of time, you'll be able to work with and manage a team.

D.
What vulnerabilities or threats have you encountered in the game? Briefly explain each.

People, as well as the vulnerabilities or threats I experienced in this game, are actual
assets. A database, the server that runs the database, and the network that connects to the
server are tangible assets in a firm or personally sensitive information or reputation in a
corporate network. Cyber threats, or simply threats, are cybersecurity events or
conditions that have the potential to inflict harm as a result of their outcome. A social
engineering or phishing assault, for example, could lead to an attacker installing a Trojan
and obtaining private information from your applications.

E.
Is it important and necessary to analyze risks and perform preventive measures against
possible attacks for a network? Why or why not?

Firewalls, screening routers, and virus protection are examples of perimeter security
elements. Early antiviral technologies became available, particularly in the form of early
antivirus technologies. Threats have grown in sophistication and capabilities over time.
Other features designed to secure corporate or organizational networks and systems
became available to counter such things as all hardware devices on the network, allowing
only authorized devices access and preventing unauthorized and unmanaged devices from
gaining access. You can't defend a network until you know what devices are connected to
it. This crucial security measure necessitates the creation of a list of all devices that may
attempt to connect to the network.