Lab 1 Group Outline

Lab 1 Draft (Kyle) Lab 1 Draft (Julie) Lab 1 Draft (Christian) Lab 1 Draft (Mack) Lab 1 Draft (Aly)

Glossary:

  • Cyber attack: An attempt to compromise or take down a computer system or network
  • Cyber-hygiene: Good habits that naturally minimize the creation of vulnerabilities
  • Cybersecurity: Protection against cyber attacks
  • Gamification: The use of gaming concepts and aspects in non-game environments to improve target behavior and engagement

    • Meet the Team

    Kyle Pait

    Kyle Pait

    Team Lead/Webmaster

    Kyle is currently looking to complete his BS in Computer Science to go along with his BS in Biology. He works as a Database Programmer and has experience with C++, Java, Python, Visual Basics, and SQL. He has one son who he enjoys playing soccer with in his free time.

    Christian Debolt

    Christian Debolt

    Frontend Developer

    Christian is a senior, on his way to complete his BS in Computer Science. He has some experience with C++, Java, Python, and is learning Rust. He enjoys working out at the gym, reading, video games, and giving affection to cats and dogs.

    Julie Jackson

    Julie Jackson

    Software Developer

    Julie is a senior at Old Dominion University. She is currently working on her bachelor's degree in computer science and a minor in cybersecurity. In her free time, she enjoys reading, watching movies, and listening to music.

    Mack Reliey

    Mack Reliey

    Database/Documentation Specialist

    Mack is currently pursuing a bachelor's degree in computer science at Old Dominion university. He is in his senior year of taking online classes in Sterling VA. He enjoys horror movies, long walks while listening to podcasts and has an interest in psychology.

    Aly Zeineldin

    Aly Zeineldin

    Backend Specialist

    Aly is a computer science senior at Old Dominion University. Aly is considering working as a network engineer. In his free time, Aly enjoys reading books and watching movies.

    Peter Langlands III

    Peter Langlands

    Mentor

    Software Developer with 10 years experience specializing in database development utilizing Microsoft SQL Server. My hobbies include surfing, playing the guitar, and volunteering.

    Problem Statement:

    Small businesses frequently face challenges in managing their cybersecurity practices, as they often lack comprehensive statistics and metrics to assess their cyber hygiene. This deficiency makes it difficult for these companies to identify areas for improvement in their cybersecurity posture. Moreover, small businesses often lack the necessary incentive structure and rewards system to keep employees engaged and proactive in enhancing their cybersecurity practices. Additionally, these businesses typically lack the robust cybersecurity infrastructure enjoyed by larger corporations, leaving them vulnerable to unnoticed vulnerabilities in their cyber hygiene. The existing practice of annual, one-size-fits-all training programs falls short in effectively mitigating these risks.

    Challenges:

    Lack of Statistics and Metrics

    Small businesses frequently lack access to real-time comprehensive cybersecurity metrics, impeding their capacity to assess security effectiveness, detect vulnerabilities, monitor progress, and respond promptly to emerging threats.

    Inadequate Incentive Structure

    Many small businesses lack a well-defined incentive structure, resulting in reduced employee motivation and limited proactive engagement in the company's cybersecurity initiatives. This absence of incentives can lead to complacency, weakening the organization's cybersecurity posture.

    Inadequate Yearly Cybersecurity Training

    Small businesses commonly utilize an annual, generic cybersecurity training approach, which inadequately addresses the ever-changing and intricate landscape of cyber threats. This infrequent training model leaves employees ill-equipped to adapt to the constantly evolving cybersecurity challenges, hindering the organization's ability to stay current and resilient against emerging cyber risks.

    Solution Statement:

    Cyberguard Pro emerges as a dynamic cybersecurity training platform that sets a clear path towards proper cyber hygiene for new and existing employees. With an achievement-based learning system, employees will be awarded digital badges of varying quality based on their level of commitment towards our own learning modules or specific concerns that the employer feels addressing. These badges will remain permanently associated with their account unless they wish to go back and address the security vulnerabilities they left behind to improve the quality of their badges.

    Beyond individual rewards, the system offers a comprehensive dashboard for managers and executives. This dashboard enables a holistic view of the organization's cyber hygiene, allowing decision-makers to identify areas that require immediate attention. Whether through additional training or policy adjustments, CyberGuard Pro provides the tools needed to enhance the company's overall cybersecurity readiness.

    CyberGuard Pro Is The Answer

    Achievement-Based Learning

      Provide employees with continuous feedback that taps into their built-in

      drive for competition and completion

    Cyber Hygiene

    Statistics and Metrics

    • Assessing the effectiveness of a company's cybersecurity awareness programs can be challenging.
    • CyberGuard Pro empowers businesses with precise metrics for comprehensive cybersecurity assessment.
    • Provides real-time, data-driven insights.
    • Allows organizations to quantify their cybersecurity readiness on a large scale.
    • Promotes a proactive and informed approach to cybersecurity management.
    Large Scale

    Accountability

    • Empower users to proactively enhance their cybersecurity habits.
    • Provide organizations with a means to monitor and encourage best practices with desirable rewards.
    • Seamlessly integrate into users' existing workflows.
    • Promote password hygiene.
    • Offer a path toward comprehensive cybersecurity awareness and resilience.
    Encouragement

    Performance Dashboard

    • Rest assured knowing that their sensitive information is safe in capable hands, more than just ticking boxes on a learning module
    Dashboard
    Current Process Flow
    Solution Process Flow Business
    MCFD
    Security Risks
    Technical Risk
    Competition Matrix
    algorithms
    Mockups
    Mockups Two
    Mockups Three
    Mockups Four
    Mockups Five

    User Story: Developer/Tester

    • To have unrestricted access to all features and functionalities of the CyberGuard Pro application to effectively assess its performance and functionality.
    • To experience the app from a user perspective in order to identify and report any issues or improvements.
    • To access the application's user and business database for testing purposes, which will enable me to verify user-related features and functionalities.
    • To simulate various user scenarios, user interactions, and business-related operations to ensure that the app works smoothly and securely.
    • To have access to the backend of the application in order to make necessary adjustments for testing purposes.
    • To modify the application's configurations, settings, and data to simulate different real-world scenarios and assess how the application behaves under various conditions.
    • The ability to make changes and observe their impact on the application's performance, while ensuring that these changes do not affect the security and integrity of the system.
    • Full access to the app should be provided to developers/testers through dedicated testing accounts or sandbox environments.
    • Access to the user/business database should be granted for testing, with the ability to create, modify, and delete user and business profiles.
    • Backend access should be facilitated through a secure and controlled environment that allows developers/testers to make changes to the application's functionality, configurations, and data, while ensuring data integrity and security are maintained.
    • By meeting these requirements, developers and testers can effectively evaluate and enhance the CyberGuard Pro application, ensuring its reliability, security, and optimal performance.

    User Story: Business Admin

    • To view the analytics and metrics of my employees' cybersecurity practices.
    • To identify vulnerabilities within my employees' cybersecurity practices.
    • Be able to respond swiftly to vulnerabilities regarding my employees' cybersecurity practices by recommending/assigning target training.
    • To make sure my employees are educated on the ways human error can lead to an attack.
    • Create a personalized training program to deal with each employee's vulnerabilities.
    • Create customized badges that employees can earn that focus on their weak practices.
    • To have updated and adequate training modules.
    • To know which employees bring security to the business and which ones don't.
    • To rest assured knowing that their sensitive information is safe in capable hands, more than just ticking boxes on a learning module.
    • Motivate employees to actively engage in the company's cybersecurity efforts.

    User Story: Employee of Business

    • To be provided with personalized training modules that suit my needs.
    • To be able to track my progress.
    • Complete achievements for on-time training completion, providing strong passwords, using 2FA.
    • To be able to compare my progress with other employees.
    • View “Showcase” of different badges and achievements.
    • To receive instantaneous feedback to see where the weak points in my training are.
    • Test the effects of my training.
    • Lessons that utilize gamification in order to improve cybersecurity habits and behaviors.

    References: