ELE 386 Assessment 2 – Group Project Proposal Report

ELE 386 Assessment 2 – Group Project Proposal Report VU21992 - DEVELOP A CYBERSECURITY INDUSTRY PROJECT BSBRES401 - ANALYSE AND PRESENT RESEARCH INFORMATION Cyber Security Project Report Team name Student name and ID 1 Student name and ID 2 Student name and ID 3 Student name and ID 4 Student name and ID 5 Table of Contents 1.0 Project scope 3 1.1 Objective 3 1.2 Deliverables 3 1.3 Problem solving methodology 3 1.4 Milestones 3 1.5 Statement of Work (SoW) 3 1.6 Required Resources 3 1.7 Client sign of 3 2.0 Project priority matrix 4 3.0 Project deliverables 5 4.0 Work breakdown structure (WBS) 6 4.1 WBS diagram 6 5.0 Project A: Phishing Campaign 7 5.1 Phase 1: Target Audience 7 5.2 Phase 2: Campaign Tools Installed 7 5.3 Phase 3: Deployment Testing 7 5.4 Phase 4: Results and feedback of Campaigns 7 6.0 Schedule 8 6.1 Time schedule 8 7.0 Staffing and resource allocation and project budget 9 7.1 Cashflow 9 8.0 Stakeholder management 10 8.1 Stakeholders 10 9.0 Project risk planning 11 9.1 Project risk identification 11 10.0 Staf Awareness Program 12 10.1 Scope of Program 12 10.2 Types of Phishing 12 10.3 Impacts of Phishing 12 10.4 Tools to Detect Phishing 12 10.5 Business Implication of a breach 12 11.0 Team formation and team reflection 13 11.1 Team Bio’s 13 11.2 Team goal statement 13 11.3 Reflective summaries 13 11.4 Team assessment responsibility matrix 13 12.0 Appendix 14 12.1 All email templates will also be references under Appendix 14 1.0 Project scope 1.1 Objective What is the objectives of the project? List the objectives of the project. Make sure the objectivise are S.M.A.R.T. - deliver end to end phishing campaign 1.2 Deliverables List the deliverables of the project, including final deliverables and intermediate deliverables. Make sure success criteria are created. The top-level deliverables for this project are: 1. Create/design 3 minimum email templates = campaign 2. Landing page 3. Results analysis 4. Staf awareness program draft These deliverables are vital in ensuring the successful completion of the project. 1.3 Problem solving methodology – (PM) Water fall or Agile. Explain how chosen methodology is applied to this project. 1.4 Milestones – (PM) Gant chart 1. Task title and date for each Milestones to be defined using final and intermediate deliverables. Milestones are to be created in MS project. 1.5 Statement of Work (SoW) - (PM) 1. Task title and date for each Read this article to understand what is SOW. And how to create one. 1.6 Required Resources – - Technical resources required for the project. How would you secure them? 1.7 Client sign of Holmesglen Teacher 2.0 Project priority matrix - Refer to this article and complete the following table. You need to explain why. On example has been given. “Time is constraint, because there is a deadline of the assessment.” Constraint Accept Enhance Scope Time x Cost 3.0 Project deliverables – (Tech) ( expansion on 1.2) - Create a Phishing simulation Campaign (expand with detail on items in 1.2 above) Create email templates to be used in the campaign Create landing pages to be used in the campaign Document test deployment of campaigns – actual deployments, not any beta testing Formulate recommendations/summary of data Draft a staf awareness program Optional: Red team phish scenario 4.0 Work breakdown structure (WBS) – (PM) 4.1 WBS diagram There are online free tool to be used to create WBS. 5.0 Project A: Phishing Campaign 5.1 Phase 1: Target Audience Trade – why are you targeting? Hospitality – why? …. BDIT 5.2 Phase 2: Campaign Tools Installed (Extension of 1.6) Go phish – features do this Mailhog – does this and this too Hypervisor – VMWare why? mockeroo 5.3 Phase 3: Deployment Testing The actual simulated deployment, NOT any beta testing! Use Campaign screenshot to demonstrate test campaigns deployed Analyse, evaluate and interpret data to support to make recommendation and enhancements to ensure phishing emails more efective. 5.4 Phase 4: Results and feedback of Campaigns Use GoPhish Dashboard results to demonstrate results produced over the intended targets. 6.0 Schedule -(PM) 6.1 Time schedule Plot out time schedule of project Implementation plan with minimal end user disruption. Indicate if there is any required end user training. Schedule created with MS project software, provide screenshot of gantt chart 7.0 Staffing and resource allocation and project budget 7.1 Cashflow - (PM) Basic out line of cost associated with the project. Potentially comes from GANT Chart. Cashflow can be generated in MS project software 8.0 Stakeholder management 8.1 Stakeholders List the key stakeholder in this project and why • TSD – collate user behaviour? • Holmesglen Institute (Executive Com) • Your instructor - I am running the project stakeholder analysis to be done 9.0 Project risk planning - (PM) 9.1 Project risk identification Define the risk associated with deploying this project end to end. You may wish to comment on technical risks, resources risk and costing risks. How will you manage these risks and/or unexpected events that may impact upon the project objectives and/or timelines? Potential risk factors have been ranked based on the risk value. Risk type Probability or likelihood Impact Technology Likely Moderate Human Moderate Heavy A risk management plan is to be done for known risks 10.0 Staf Awareness Program (SAP) – (Tech) 10.1 Scope of Program - to identify training requirements as needed - Designing a draft SAP based on results from commissioned phishing campaign 10.2 Types of Phishing 10.3 Impacts of Phishing 10.4 Tools to Detect Phishing 10.5 Business Implication of a breach. 11.0 Team formation and team reflection 11.1 Team Bio’s Tom John Harry 11.2 Team goal statement 11.3 Reflective summaries Lessons learnt 11.4 Team assessment responsibility matrix Course Code: 22334VIC Course Name: Certificate IV in Cyber Security Team Name/Code: Teacher Name: Nam e Role (include a short description of contribution) Efort and Contribution Weighting (must add up to 100%) Student Signature tom 10 12.0 Appendix 12.1 All email templates will also be references under Appendix Include HTML code for 1 of the email templates.