Assess and Analyse Existing Security Controls and Measures Deployed At GlaxoSmithKline (2015)
Security Controls and Measures at GSK Dissertation – Cybercrime is becoming an increasingly prevalent area of concern for all organisations, with more companies experiencing some form of security incident than ever before. There has been a 66% increase in detected security incidents year-over-year since 2009, from 3.4 million to 42.8 million incidents per annum. Such incidents can have severe repercussions to an organisation, including; financial loss, intellectual property theft, operational disruptions and reputational damage to name just a few.
In 2014, an average financial loss of $2.7 million was attributed to cyber security incidents, with large organisations experiencing a $5.9 million loss. As a result, more organisations are taking appropriate actions to protect themselves against the increasing volume of threats.Arguably one of the most established forms of cyber-attacks affecting organisations is Malware.
Malware is a term used to classify forms of malicious software that are designed to infiltrate and damage the computers of innocent users. With 73% of large organisations and 45% of small organisations suffering from some form of infection in the past year, it is clear that businesses of any size should consider ways to protect themselves from this type of attack. This dissertation provides insight into how the pharmaceutical company, GlaxoSmithKline (GSK), protects itself from new and emerging threats.
It focuses on comparing the recommendations outlined in the literature against the defence mechanisms that GSK currently have in place, in order to pinpoint particular strengths and weaknesses. Based on these findings, a number of recommendations will be proposed in an attempt to improve the existing security controls and measures in place for protecting GSK against new and emerging threats.
The remainder of the introduction identifies the aims and objectives of this project, as well as provides context to the organisation that this dissertation is focused on. Specifically, it introduces the Malicious Code Management Security team, which is the main stakeholder for this project, and identifies where the team sits within the organisation. It also outlines the purpose of this team and the types of activities they carry out.
Dissertation objectives
- To assess the recommended best practices made by governments initiatives and security vendors / specialists
- To understand the level of staff awareness within GSK regarding cyber security
- To evaluate how security teams operate within GSK, taking into account people, process and technology
- To analyse and compare the findings obtained from the literature and GSK
- To make recommendations to improve the security controls and measures within GSK, and to reduce the risk of being infected by new and emerging threats
In order to accomplish the project goal within the designated time frame, it is important that these 5 objectives are satisfied. The concluding section of this report refers back to this section to identify whether this project has been successful in meeting these aims and objectives.
- 18,000 words – 76 pages in length
- Excellent use of literature
- Excellent analysis of subject area
- Well written throughout
- Includes questionnaire
- Ideal for information management and computing students
1 – Introduction
Aims and Objectives
Project Goal
Objectives
Background Information
Understanding GlaxoSmithKline
Organisational Structure
Malicious Code Management Security Team
Symantec Endpoint Protection (SEP)
Non-Host Security Compliant, Compliance Devices (NHCD)
2 – Literature Review
Malware
Classification of Malware
Trojans
Viruses and Worms
Adware and Spyware
Ransomware
How Malware Is Imported
Email
Web Browsing and Access To Social Media
Removable Media and Personal Devices
Case Study: Ransomware
Scenario
Ransomware Trends
Ransomware Prevention Best Practises
Malware Incident Prevention
Policy
Awareness and Training
Threat Mitigation
AV Software
IPS
Firewalls
Content Filtering
Application Control / Whitelisting
Defensive Architecture
Sandboxing
Virtualisation
Malware Incident Response
Detection
Identifying Malware Incident Characteristics
Identifying Infected Hosts
Incident Prioritisation
Containment
Removal and Recovery
Lessons Learnt
Automation of Incident Response Process
Continuous Data Collection
Aggregate and Apply Threat Intelligence
Streamlining Live Response Capabilities
3 – Methodology
Questionnaires
Participants
Procedure
Analysis
Semi-Structured Interview
Participant
Procedure
Analysis
4 – Research Findings
Questionnaire Findings
Interview Findings
5 – Discussion
Process
Utilising Playbook Strategies
Alignment with the Incident Response Life Cycle
Applying the Cyber Kill Chain
People
Lack of Awareness of Info Protect and Training Material
Effectiveness of How GSK Raise Staff Awareness
Lack of Understanding of Security Policies
Need for Additional Security Training
Challenges with Internationalisation
Technology
Focusing on Defence in Depth
Use of Defensive Architecture to Gain Intelligence
Summary
6 – Recommendations
Review of the Security Awareness Program
Review of Security Policies
Raise Awareness of Info Protect
Improving Security Awareness Internationally
Automating Incident Response Processes
Validation of Recommendations
7 – Process Diagram
8 – Conclusions
Revisiting the Project Objectives
Revisiting the Project Plan
Reflecting on Project Decisions
Opportunities for Future Work
Evaluation of Project
Standards
Bibliography
Appendices
