In this topic, you will learn how to:
- document network vulnerabilities
- present recommendations
- distribute and store documentation.
Let us begin.
Documenting network vulnerabilities involves systematically identifying, recording, and describing weaknesses or potential exploits within a network infrastructure.
Vulnerability information
The following video explains what is generally involved when documenting network vulnerabilities in the form of a technical report. Pay attention the various sections of the report, specific information and also the level of detail that needs to be included.
Practice
Practice activity 1
Computer safeguard guidelines
Computer safeguard guidelines ensure the security and integrity of digital systems and data. They encompass measures such as strong passwords, regular software updates, encryption, and access controls. Guidelines emphasise user education, backup procedures, and vigilance against phishing and malware. Continuous monitoring, incident response plans, and regular audits are essential components to maintain a resilient and secure computing environment.
The following video discusses some of the security controls or measures that organisations put in place to address security risks.
Using required format
Recommendations to organisational personnel are conveyed through various formats, including written reports, presentations, emails/memos, dashboards, training sessions, one-on-one meetings, policy documents, videos/webinars, infographics, and interactive workshops.
Each format serves to communicate recommendations effectively, considering audience preferences and the complexity of the information. Written reports offer detailed analysis and proposed actions, while presentations and infographics provide visual aids for clarity. Emails, memos, and policy documents offer concise summaries and guidelines. Training sessions, videos, and webinars engage personnel through interactive learning, while one-on-one meetings and workshops foster collaboration and tailored solutions.
Determining the required personnel
Presenting recommendations to the key stakeholders in an organisation is a crucial step in ensuring that the organisation is well-informed about potential risks and can take appropriate actions. This involves determining who the key stakeholders are in your organisation or project (e.g. executives, project managers, technical teams, legal experts, and any other relevant parties)
Remember that the level of detail and the specific information shared may vary depending on the audience. Tailoring the communication to each stakeholder group's needs and responsibilities is essential.
Key stakeholders
The key stakeholders with whom threat data analysis results should be discussed include:
- Executive leadership: CEOs, CIOs, and other top executives need to be aware of the overall threat landscape and its potential impact on the organisation's strategic goals. Depending on the severity and strategic impact of the threats, it may be necessary to update the board of directors on the threat analysis results. They can provide oversight and strategic guidance.
- Third-party partners and vendors: If applicable, share threat analysis results with third-party partners and vendors, especially if they have access to sensitive information or are critical to the organization's operations.
- Employees: Depending on the nature of the threats, it may be appropriate to provide a level of awareness to all employees to ensure that they are vigilant and informed about potential risks.
- IT and security teams: IT managers, cybersecurity experts, and other members of the security team should be involved in detailed discussions about the specific threats, vulnerabilities, and recommended mitigation strategies.
- Other departments and teams that may need to be included in threat data analysis reviews include:
- Risk management teams: Teams responsible for assessing and managing organisational risks should be informed of threat analysis results to update risk profiles and mitigation plans.
- Legal and compliance teams: Legal and compliance experts can guide on any legal implications of the identified threats and ensure that the organisation meets regulatory requirements.
- Operations and business units: Operational managers and leaders from different business units should be aware of threats that may impact their specific areas and be involved in devising and implementing mitigation strategies.
- Communication and PR teams: Communication teams can help in developing external and internal communication strategies in case of a security incident or when proactive measures are taken to address threats.
- Human resources: Human resources departments should be aware of any threats that may impact employees or the workplace, and they can assist in training and awareness programs.
- Finance department: The finance team needs to be informed about the potential financial implications of the identified threats and any budgetary requirements for implementing security measures.
Case Study
A company's cybersecurity team has conducted a thorough assessment of the organisation's network infrastructure and identified several vulnerabilities that need to be addressed to enhance security posture.
Following are some examples of the formats recommendations can be presented.
- Written Report: A detailed report is prepared, outlining the vulnerabilities, their potential impact, and recommended actions for mitigation. It includes an executive summary summarising key findings and priorities for management's attention.
- Presentation: A PowerPoint presentation is created with slides detailing each vulnerability, accompanied by charts and graphs illustrating the severity and potential risks. The presentation is delivered to the IT department and management during a scheduled meeting for discussion and decision-making.
- Email/Memo: A concise email is sent to department heads summarising the vulnerabilities and highlighting the urgency of addressing them. It includes a link to the full report for further details and instructions on next steps.
- Interactive Workshop: A workshop is organised, bringing together IT personnel, department heads, and security experts to brainstorm solutions for addressing vulnerabilities collaboratively. Participants engage in group discussions and scenario-based exercises to develop action plans tailored to the organisation's needs.
Practice
Practice activity 2
Your role: You are working as a ‘Cyber security analyst’ at XYZ Manufacturing.
Your task: Draft an email to the key stakeholders John Smith (CEO), Mary White (Chief Security Officer) and Steven Brown (Chief Technology Officer) to provide recommendations and computer safeguard guidelines related to the recent ransomware attack that impacted the manufacturing operations of the organisation.
Note: Do this activity based on the information you noted down from Practice activity 1.
In your email you must:
- address the email to the required personnel
- discuss and review the identified vulnerability information
- provide recommendations on computer safeguard guidelines.
You must use XYZ Manufacturing’s standard email template to draft your email: XYZ Manufacturing_Email template_v1.docx
Store documentation
When storing threat analysis documentation:
- consider security, accessibility, and version control
- ensure that the storage system complies with cybersecurity standards, employing encryption and access controls to safeguard sensitive information
- implement a structured folder hierarchy for easy navigation and retrieval
- establish clear user permissions to control access based on roles and responsibilities
- regularly update and back up the documentation to prevent data loss
- utilise version control mechanisms to track changes and maintain an audit trail
- document metadata, including creation dates and contributors, for accountability
- consider integrating the documentation into a centralised knowledge management system for cross-functional collaboration
- regularly review and update storage protocols to align with evolving security standards and organisational needs.
Document storage locations
The following video discusses various document storage locations that organisations may commonly use.
Practice
Practice activity 3
Your role: You are working as a ‘Cyber security analyst’ at XYZ Manufacturing.
Scenario: You have created a threat analysis report. The company uses Microsoft’s OneDrive storage to store all documents.
Your task: Create a folder in your OneDrive cloud storage with a name appropriate to the business function or business document type. Within this folder, store the threat analysis documents in both WORD and PDF versions.
Distribute documentation
When distributing threat analysis documentation:
- prioritise security and controlled access
- use secure channels, such as encrypted email or secure file-sharing platforms, to transmit sensitive information
- clearly define the intended recipients and limit access to those with a legitimate need-to-know
- consider redacting or summarising sensitive details for wider dissemination
- attach a cover sheet outlining document sensitivity and appropriate handling procedures
- provide a brief summary or executive overview for a quick understanding
- educate recipients on the importance of confidentiality and data protection
- encourage feedback and questions to ensure a shared understanding
- regularly review and update distribution lists, removing individuals who no longer require access
- document distribution details for accountability and audit purposes
- regularly assess and update distribution protocols to align with evolving security requirements and organisational policies.
Demo: Share a file from OneDrive
The following videodemonstrates how to share a file from OneDrive and discusses the benefits of doing so.
Practice
Practice activity 4
Your role: You are working as a ‘Cyber security analyst’ at XYZ Manufacturing.
Scenario: You have created a threat analysis report and have saved it in Microsoft’s OneDrive storage.
Your task: Share the latest version of the threat analysis report stored in OneDrive storage with the key stakeholders following the procedures from Microsoft Support.
How did you go?
Congratulations on completing the topic Document and present recommendations .
In this topic, you learnt how to:
- document network vulnerabilities
- present recommendations
- distribute and store documentation.
Assessments
Now that you have learnt the basic knowledge and skills for this module, you are ready to complete the following assessment event.
Assessment 6 (Project)