Scribd
Upload
37 views5 pages

CISS6022 Cyber Security

The document outlines a cybersecurity simulation involving different stakeholder groups responding to a data breach and escalating international crisis. Students are assigned roles and must assess updates, coordinate responses, and navigate diplomatic negotiations throughout the unfolding scenarios.

Uploaded by

quincygwaro
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
37 views5 pages

CISS6022 Cyber Security

The document outlines a cybersecurity simulation involving different stakeholder groups responding to a data breach and escalating international crisis. Students are assigned roles and must assess updates, coordinate responses, and navigate diplomatic negotiations throughout the unfolding scenarios.

Uploaded by

quincygwaro
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

CISS6022 Cyber security

Introduction to the Simulation

Student Instructions

Phase 1: Scenario and Updates

Phase 2: Scenario and Updates

Phase 3: Scenario and Updates

Debrief/Discussion

 Six Stakeholder groups, each student should already have been assigned
to one of these,
 Freedonia Government
 Avalon Government
 Private corporation/Hospital: MedTech
 International Organisation: United Nations
 Hacktivist group: HackX
 Civil Society Organisation: Global Cyber Alliance
• Crisis scenario has three phases (~30 mins each)
• Each phase will have a series of updates along with questions for each
stakeholder group to respond to in light of these updates. Questions will
typically involve identifying which other stakeholder groups to reach out
to and how best to coordinate a response/next steps with them.

When you receive scenario details and new updates, you are required
to,
1. Assess the situation considering all the information at hand.
2. Chart out all possible next steps (readings should give you an
idea of how this type of actor typically responds).
3. Evaluate, based on your interests and other information,
which will be the best course of action for you. Include the
reasons for rejecting other possible actions and the reasons
for your decision to take the steps you are taking.
4. Identify other stakeholders to coordinate with on this if
needed.
5. If negotiation with other stakeholder group is necessary,
identify goals for this negotiation, what is the outcome you
are working towards?
6. Engage with other stakeholder(s) and document negotiations
and determine level of success in achieving outcome.
7. Adjust course of action if needed, accordingly.

In a fictional scenario, the MedTech Hospital Group, a leading


healthcare provider located in Avalon, experiences a significant data
breach. There are growing suspicions that the breach is connected to
state-sponsored cyberattacks originating from an antagonistic country,
Freedonia. Simultaneously, there are DDOS attacks launched on
Freedonia’s government websites by a hacktivist group, HackX.
Updates:
 Initial discovery of the data breach, including the compromise
of patient health records.
 Circumstantial evidence suggesting state-sponsored actors
from Freedonia are behind the breach on MedTech.
 HackX takes responsibility for DDOS attacks on Freedonia’s
government websites
 Escalation of geopolitical tensions between Freedonia and
Avalon.

Government Agencies (both Freedonia and Avalon)


 How should each government respond to the data breach while managing
geopolitical tensions?
 What diplomatic measures can be taken to prevent further escalation and
coordinate between Freedonia and Avalon?

Private Corporation (MedTech Hospital Group):


 How should the MedTech Hospital Group respond to the breach while considering
the geopolitical context?
 What steps should they take to secure patient data and mitigate potential harm to
affected individuals?

International Organizations (UN):


 How can they assist in attributing the cyberattack and mitigating potential
international fallout?
 What diplomatic efforts can they undertake to prevent further escalation and
promote healthcare cybersecurity norms?

Hacktivist Group(HackX):
 What is their stance in this evolving crisis, and how do they respond?
 Are there opportunities for them to use their skills to contribute positively to the
situation? Does HackX have a specific political motive in this scenario?

Civil Society Group (Global Cyber Alliance or GCA):


 How can they raise awareness about the breach while considering its geopolitical
implications?
 What initiatives can they promote to ensure responsible state behaviour in
cyberspace, especially in healthcare?
Scenario: The cyberattack escalates, causing disruptions in healthcare services and increasing
international pressure for diplomatic negotiations. Efforts are underway to prevent a full-blown
cyber conflict, but tensions remain high.
Updates:
• The data breach leads to leaking of sensitive information on patient medical history
which can be used to target individuals.
• Details of ongoing diplomatic negotiations and international interventions are made
public.
• Escalating public concern and pressure on governments to respond.
Government Agencies:
 How should they balance the diplomatic negotiations with the immediate
healthcare crisis?
 What measures can they take to reassure the public and manage the crisis
effectively?

Private Corporation (MedTech Hospital Group):


 How does the escalating conflict impact MedTech Hospital Group's operations and
cybersecurity strategy?
 What role can they play in assisting government efforts to secure healthcare
infrastructure?

International Organizations (UN):


 How can they facilitate diplomatic negotiations and crisis management between
Freedonia and Avalon?
 What steps can they take to promote stability and cybersecurity in the face of
escalating tensions?

Hacktivist Group (HAckX):


 How do they respond to the intensifying crisis and potential international
interventions?
 Are there opportunities for them to engage constructively in cybersecurity efforts
or do they seek to further disrupt the status quo?

Civil Society Group (Global Cyber Alliance or GCA):


 How can they advocate for peace and responsible cyber behaviour during this
critical phase?
 What initiatives can they promote to reduce the impact of the crisis on ordinary
citizens?

Scenario: Diplomatic negotiations lead to a partial resolution of


the crisis, but there are significant geopolitical repercussions,
and international healthcare cybersecurity norms are re-
evaluated.

Updates:
• Partial resolution of the crisis through diplomatic
channels.
• Geopolitical realignments and shifts in international
healthcare cybersecurity norms.
• Post-crisis assessment and lessons learned.

Government Agencies:
 How can they leverage the partial resolution to rebuild diplomatic relations and
strengthen healthcare cybersecurity norms?
 What lessons can be drawn from this crisis to improve national healthcare
cybersecurity strategies?

Private Corporation (MedTech Hospital Group):


 How should MedTech Hospital Group adapt to the changing geopolitical landscape
and evolving healthcare cybersecurity norms?
 What steps can they take to enhance their cybersecurity resilience against state-
sponsored threats?

International Organizations (UN):


 How can they contribute to the establishment of new international norms and
cooperation in healthcare cybersecurity?
 What recommendations can they make to prevent similar crises in the future?

Hacktivist Group:
 What are the long-term consequences of their actions, and how can they
contribute positively to healthcare cybersecurity and peace?
 How does hacktivism challenge coordination efforts on global cybersecurity?

Civil Society Group (Global Cyber Alliance or GCA):


 How can they continue to advocate for responsible state behaviour in healthcare
cyberspace and the protection of patient privacy?
 What initiatives can they promote to ensure that the lessons learned from this
crisis are applied globally?

Reflection Essay

The reflection piece is a written assignment based on your own thoughts and reflection on the crisis
simulation that takes place on October 13. It is expected that you will discuss some on these issues in
your own words:

1. Describe your roles and tasks and those of your groups in the simulation. What were the
relevant background information, policies, profile and interests pertaining to your roles? (300
words)
2. What were the specific incidents and changing scenarios did you and your group face? How did
you respond to these challenges? (300 words)
3. Reflect on the decisions made to the crisis. Thinking about the decisions you and your group
made, were they good decisions. If so, why? Would you have made different decisions? Why or
why not? (400 words)

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy