insert narrationTitleCMIT 421 Section #Student Na

<insert narration>
<Title>
CMIT 421 <Section #>
<Student Name>
July 6, 2020
Good morning. My name is <Student Name>.
I work in the MERCURY USA Information Security and
Technology Department as a cyber threat analyst.
Today, I’ll be presenting our proposal to address the CEO’s
mandate to protect the organization from dangerous ransomware
attacks.
Let’s get started.
1
<insert narration>
AGENDA
2
Logistics through innovation, dedication, and technology –
MERCURY USA Delivers!
Tell your audience what you intend to cover in your proposal.
This is the PURPOSE of your communication!
You should cover the three areas enumerated in the Project 3

instructions.
Ensure you link your main points to your earlier work in Project
#1 and Project #2.
Although three main points is considered ideal, use less or more
to fit your project; four main points are shown here for example
purposes only.
The three projects should be consistent and aligned with Judy
“Mac” McNamara’s guidance.
2
Main Point #1
Main Point #2
Main Point #3
Main Point #4
1: OUR BUSINESS CASE
3
<insert narration>
What are the important factors about the business?

What is the CEO’s intent and guidance?
How do the first two items relate to the next slides?
Example sub-bullet #1
This is main point #1. Provide no more than six bullets to
expand on your topic.
Limit each bullet to around six words.
This is known as the 6 x 6 rule of presenting.
On this slide, you should cover the business case. Think of this
as the value to the business that will result from your
recommendations.
How does your recommendation meet the CEO’s direction and
intent?
Tell your audience members the what, why, how, and who so
that they can make an informed decision about your proposal.
If you do not cover these areas adequately, you may not get a
decision, you may get a negative decision, or you may be told to
come back after you’ve done your due diligence.
3
2: OUR SECURITY POSTURE
4
<insert narration>
What are the most important vulnerabilities discovered?
What is our exposure to known threats?
How did you link the results to the business?
Transportation industry hit hard by ransomware attacks
Example #1: Use your findings and conduct research [1]

Example #2: Use your findings and conduct research
What vulnerabilities did you find in your analysis? What are the
most important to tell the CEO about? Why are the
vulnerabilities you selected important to the business? Ensure
you explain in plain language, not technical jargon or cyber -
speak.
What are the threats that you see to the business given the
scenario?
Now consider this simple equation from the uCertify content:
risk = threat x vulnerability x impact
Use the equation to effectively explain your findings.
If you find yourself struggling to quantify a vulnerability,
return to this equation.
Are there identified and specific threats to MERCURY USA?
Avoid generic threats and using fear as a motivator.
Is there a vulnerability from your analysis that can be linked to
the specific threat?
What is the potential impact in not addressing the threat (e.g.,
cost, reputational, loss of jobs, damage to hardware and
software, etc.).
4
James Brocker (JB) - [@Andrew Rider] [@Jessica McCarty]
Not sure I understand the first bullet point. Looks like
something is missing.
James Brocker (JB) - [@John Galliano] Can you review?

John Galliano (JG) - Sorry for that, Team. Looks like a stray-
click & delete. Fixed!
3: OUR VM PROCESS
5
<insert narration>
<example process graphic>
This slide includes an example graphic.
5
A
B
C
D
E

F
4A: WE NEED A GOOD SCANNER
6
<insert narration>
Reviewed scanners
<Product Name> is recommended due to several factors
Sub-bullet #1
Sub-bullet #2
Sub-bullet #3
Sub-bullet #4
Provide your logic in recommending a scanning tool.
What process did you use to evaluate the scanning tools?
What tool are you recommending? Provide at least three sub-

bullets to support your recommendation.
6
4B: THE ASK
7
<insert narration>
Lead-in bullet
Sub-bullet #1
Purchase <Product Name>:
Cost
Manpower
Measures of success
This is main point #4 continued. Provide no more than six
bullets to expand on your topic.
Now give the specifics of your ask to the executive decision
maker.
What are you asking for? How much will it cost? Who will
implement it, and will additional manpower be required?
What about training? How will you measure success?
7
SUMMARY
8

<insert narration>
Main Point 1
Main Point 2
Main Point 3
Main Point 4
This is your summary and your last opportunity to connect with
your audience.
Do not merely repeat your agenda topics. Add one to two
important details about each main point to review for your
audience.
Ensure you re-state why you are giving this pitch: What is the
decision you want?
What is/are the main takeaway(s)?
8
EXECUTIVE DISCUSSION & QUESTIONS
The obligatory questions slide. In this scenario, it is highly
likely for open discussion to occur among the executives
present and other stakeholders, and you will field questions.
A narration for this slide is not required.
9

<Example IEEE Reference Citations>
[1] A. Greenberg, "The Untold Story of NotPetya, the Most
Devastating Cyberattack in History", Wired, 2020. [Online].
Available: https://www.wired.com/story/notpetya-cyberattack-
ukraine-russia-code-crashed-the-world/. [Accessed: 19- May-
2020].
[2] “Nessus Pro”, Tenable.com, 2020. [Online]. Available:
https://www.tenable.com/products/nessus. [Accessed: 19- May-
2020].
REFERENCES
10
The example above uses IEEE style. Ask your instructor for
clarification on the style to be used.
A narration for this slide is not required.
10
5
MEMO
DATE: 11/ 07/2021
TO: MERCURY USA CEO.
CC: MERCURY USA SUPERVISOR.
FROM, CMIT 421
RE: CYBERSECURITY CONCERNS IN THE
TRANSPORTATION SECTOR
PRIORITY: (URGENT)

Overview
The key aim regarding this report which was requested is to
assist in the addressing of the recent concerns regarding
cybersecurity against the identified transportation sector. After
effectively viewing the identified pen testing engagement
outcomes that were sent to me, I would like to effectively
suggest that the identified transportation sector in the company
ought to effectively adopt the identified vulnerability
management which is key as a cybersecurity principle.
Vulnerability management entails the practice associated with
making sure that the given business network is effectively
protected against any probable security weaknesses that can
lead to hacker attacks.
The identified vulnerability management usually works
collaboratively with the identified Open Vulnerability
Assessment Scanners tool which helps in the reduction of the
strain regarding the security personnel and even the operation
sectors within the identified transportation segment (Zakareya,
2018). The company may suffer the issue of ransomware if they
fail to effectively implement the identified vulnerability
management process which could impact the Mercury USA
financially.
Part 1: Vulnerability Management (VM) Process
Recommendation
When taking part in the implementation of the vulnerability
Process, the company needs to consider the identified
recognition regarding vulnerabilities as well as the investigation
associated with the essential vulnerabilities. It is vital that the
organization adopts the internal scans which is regarded as
being the kind of vulnerability management which can help in
the identification of the loopholes in the given transportation
sector which may be associated with damaging the network
associated with the company. It is also vital to consider the
measure regarding effectiveness associated with the internal
scans to make sure that it is the most appropriate strategy that is
available (Easttom, 2020).

Part 2: Vulnerability Scanning Tool Evaluation and
Recommendations
The identified OpenVas scanning tool is considered to be an
open source vulnerability scanning tool which in my personal
opinion is considered to be an industry standard. The key
benefit for the use of the OpenVas scanning tool is the
transparency aspect and it usually does not raise any security
associated concerns. It is associated with patching any kind of
security issues which may arise since it is easy to locate the
bugs but it is also vulnerable to hacking (Easttom, 2020). To
ensure feasibility in its use, I would recommend that the
identified Mercury USA is involved in the adoption of the
OpenVAS scanning instrument because of the capability it has
to offer a comprehensive report.
Part 3: Business Case Example
In the situation whereby the company does not take part in the
implementation of the given recommendation, there is the risk
of ransomware. For the given device to effectively function
again, the identified malicious program is associated with
infecting the identified protection systems as well as is involved
in showing messages requesting for a fee as the charges. It is
vital to note that ransomware can also create an essential
disruption regarding normal operations at the Identified
Mercury USA and in some cases data loss. Ransomware is
usually known to be involved in the damage of the companies’
reputation and it is vital for the mercury USA recommendations
to be followed to avoid such cases (Foreman, 2019).
Conclusion
Through the adoption of the internal scans as a key
vulnerability management kind of process to help in
safeguarding the identified transportation sector, the given
company can effectively solve most of the cybersecurity breach
situations and prevent any kind of losses. Collaboratively with
the identified OpenVAS scanning tool, the internal scans can
assist the organizations in safeguarding of the essential
information and in the reduction of the risk regarding

vulnerabilities like the malware infections (Zakareya, 2018).
Eqbal Danish
Cybersecurity Threat Analyst
Mercury USA
References
Foreman, P. (2019). The vulnerability experience. Vulnerability
Management, 7-34.
doi:10.1201/9780429289651-2
Easttom, C. (2020). Vulnerability assessment and
management. The NICE Cyber Security
Framework, 241-258. doi:10.1007/978-3-030-41987-5_12
Zakareya, O. (2018). Vulnerability and forensics associated
with the smart grid: Cyber attacks. International Journal of
Computer Applications, 181(22), 32-38.
doi:10.5120/ijca2018917952
Project Work for Week 6: Begin the Presentation to
Management
Using your two previous deliverables and
the Nessus scan report from Project 2, create a five- to 10-slide
presentation that will persuade management to implement a VM
process and purchase the commercial vulnerability
scanner Nessus as a key component of that VM process.
You will provide voice annotation for all slides in the following
format:
· five to 10 slides maximum; limit bullets to no more
than six per slide
· voice annotation for every slide (excluding the reference slide)
· a reference slide with one to two quality sources
Use the Presentation to Management Template. In the template,
you will see specific instructions in the document. Delete the
instruction text before you submit your project.

insert narrationTitleCMIT 421 Section #Student Na

insert narrationTitleCMIT 421 Section #Student Na

Recommended

Recommended

More Related Content

Similar to insert narrationTitleCMIT 421 Section #Student Na

Similar to insert narrationTitleCMIT 421 Section #Student Na (20)

More from TatianaMajor22

More from TatianaMajor22 (20)

Recently uploaded

Recently uploaded (20)

insert narrationTitleCMIT 421 Section #Student Na