Background JLis asmallaccountingcompanyresiding in Perth, Western Australia.JLcurrentlyemploysfivepeople – none of whomhasanyIT expertise or literacy.There are plans to expand the number of employees...

Background

JLis asmallaccountingcompanyresiding in Perth, Western Australia.JLcurrentlyemploysfivepeople – none of whomhasanyIT expertise or literacy.There are plans to expand the number of employees to at least10.The boss’s 17-year-old niecewasresponsible for all computer and network relatedmatters for the past two years.JLare progressively movinginto theonlinemarket and have started communicating and sending confidential documents to its clients using a variety of online services.In recent months, employees have noticed; computersprogressively operating slower,andrandom malware inspired popups are being displayed.The following list contains an overview of the currentsituation within JL:

• The SOE consists of Windows 10 laptops, all of which are currently updated with the most recent Microsoft updates.


• None of the laptopscontainsany security software.


• Internet access is via ADSL using a D-Link DSL-2740B wireless router.


• AQNapTS-412 NAS is used to backupworkstationdata (at each employee’s discretion) using WinSCP. The username/password for the NAS admin account isadmin/admin.


• A Windows 2000 Server was previously operational in the organisation, but a power surge resulted inthe power supplyno longer functioning.


• Eachemployeereceives on average 40 spammessages each day.


• In July 2018 – two workstations succumbed to a ransomware attack andJLpaid the ransom.


• There are currently no policies or rules guiding employees on how to best utilise resources and conform to ideal cyber security conscious behaviours.


• Employees can access each other’s computers and email accounts.


• Confidential data is emailed/stored withoutusingany cryptographic techniques.


• On January 20th, 2019 week an employee found a USB flash drive in the car park and plugged it into their computer. Since then, the employee has claimed that the computer appears to have “a mind of its own”.

Instructions

You have been hired to develop a range of recommendations to ensure JLcan fulfillcurrent and futureclient requests.The employees are comfortable, and reluctant to change their current cyber security behaviour. Many of the employees believe that the company is functioning correctly and does not needa newcyber securityoperational model.JL’s manager is committed to addressing the cyber security issues andimproving theculture of the workplace. The manager has requested that you compile a small, succinct report addressingfive (5) criticalcybersecurity issues.In producing your solution, you should address the following requirements:

• Why the chosen cyber security issueshould be addressed immediately.


• A detailed explanation/demonstration of howyou propose to address the issue.


• Why is your chosen solution better than alternative approaches(i.e. clearly compare/contrast your solution toalternatives)?


• A detailed breakdown of the cost in addressing the selected issue.