Final Module Essay

Assignment Topic

The aim of this deliverable is to apply the Cyber Security methods and techniques studied during the module to develop a solution to a business problem. The details of the business problem are as follows:

Queens medical centre is a community clinic and serves as the first point of call for any resident within the catchment area who happens to be unwell. The clinic has specialists in various areas of medicine. However, an appointment is required to schedule a consultation meeting with a specialist, which is done through a telephone call to the receptionist.

The clinic has been experiencing a high volume of calls, causing a lot of problems for residents to get access to care on time. Also, the management of Queens medical centre needs to plan to be able to respond to the rate of growth of the community population.

To address this problem, the clinic management has decided to acquire a web-based appointment and scheduling management information system (ASMIS). This will allow appointments to be booked online by prospective patients. The system will collect vital information from the patient to be able to determine which specialist is best to attend to a given case, considering the availability and workload of the specialist doctor.

The management of the clinic is concerned about the recent high rate of cybercrime and the government's policy on patient data protection. The IT team at the clinic has been tasked to install a secured ASMIS. As the Cyber Security Officer on the team that manages the clinic's IT systems, you are to advise the team on the potential cyber threats and how these can be mitigated.

So, you are to produce a report to management providing the following information:

Details of the benefits of the ASMIS as well as the potential problems including potential cyber threats to the system.
The report must include at least two UML diagrams.Each diagram should show aspects of the system and a threat modelling technique that can be used to identify and mitigate potential cyber threats
A background to the UML diagrams and modelling techniques, along with justifications for their use with supporting references.
The Cyber Security technologies that can be used to address the problem, discussing the strengths and weaknesses of the solutions with references to examples in which the technology has been employed.

Word limit – 2,000 words

Final Essay

The final essay can be viewed by clicking on the link below:

Click here to download the essay outline in a .pdf format

Tutor Feedback

Thank you for submitting your individual essay for the Launching into Cyber Security Module.

In this essay, you were asked to produce a report to management of Queens Medical Centre on a web-based appointment and scheduling management information system (ASMIS), providing the following information:

Details of the benefits of the ASMIS as well as the potential problems including potential cyber threats to the system.

The report must include at least two UML diagrams. Each diagram should show aspects of the system and a threat modelling technique that can be used to identify and mitigate potential cyber threats.

A background to the UML diagrams and modelling techniques, along with justifications for their use with supporting references.

The Cyber Security technologies that can be used to address the problem, discussing the strengths and weaknesses of the solutions with references to examples in which the technology has been employed.

Overall, excellent work done. Keep this up!

Knowledge and understanding

You discuss potential benefits as well as potential risks of ASMIS. You employed use case diagram to illustrate the various functionalities of the system that support genuine users of ASMIS. You further employed a combination of Abuse case, sequence diagrams and STRIDE modelling techniques to thoroughly identify potential vulnerabilities and their impact. You thoroughly discuss a number of measures and technologies to address the identified and these include: Two-factor authentication, Multi-Factor Authentication, Role Based Access Control, Intrusion Detection System, encryption, Next Generation Firewalls as well as education and training.

Criticality

You demonstrate a high degree of criticality in your discussion and appraisal of the proposed solution providing counter solutions to limitations identified, which is excellent.

Use of relevant resources

Relevant sources have been provided to support discussion which is excellent.

Structure and presentation

Report is well structured and presentation is excellent – a delight to read!. However, the word-count was excessive. Perhaps a summary table showing how each threat and the corresponding security measure would help to cut down the word count a little. Also, some signposting with clear title and subsections would improve the presentation.

Academic Integrity

References have been provided to support discussion, which is excellent.

Back to Artefacts Menu