CYM23701 Cyber Security Principles Level 7 Assessment Brief Sem 1 , 2025/26

High-level Project Description:

This final assignment requires you to investigate and analyse a cybersecurity breach and produce a professional technical report supported by a presentation. You will examine how the breach occurred, what vulnerabilities were exploited, the consequences of the attack, and how the affected organisation could have responded and recovered. The objective is to demonstrate your ability to apply cybersecurity principles, tools, and frameworks in analysing threats and designing effective incident response and risk mitigation strategies.

Through this assignment, you will develop and showcase key skills in threat modelling, vulnerability assessment and defensive security planning. By drawing on topics from across the module — including encryption, network attacks, detection tools, and human factors — you will integrate both technical and contextual understanding of cyber incidents. The project also reinforces your ability to communicate complex cybersecurity concepts clearly through technical writing and professional reporting.

Important Notice: Academic Integrity, Citation Requirements, and Use of AI Tools

Before beginning your report, it is essential that all claims, analyses, and recommendations are fully supported by appropriate citations from credible sources. Assertions such as “this will work” or any proposed countermeasures must be backed by evidence from academic research, established industry standards, or authoritative cybersecurity publications. Unsupported statements will not meet the assessment criteria and will negatively affect your grade.

The University takes academic misconduct very seriously. Academic misconduct includes any attempt to gain unfair advantage in assessments or to assist another student in doing so. This includes plagiarism, fabrication, collusion, and any other forms of cheating as defined by the University regulations. You are strongly advised to review the University’s policies and ensure that your work is your own.

Regarding the use of generative AI tools (such as large language models), their use is permitted only according to the guidelines discussed during lectures. These tools should assist your learning and research processes, not replace your critical thinking or original analysis. You must clearly indicate and properly reference any AI-assisted content. The teaching team reserves the right to verify the authenticity and ethical use of AI in your submission. Failure to comply with these requirements may result in penalties or affect your final mark.
To demonstrate your understanding and mastery of the subject, it is expected that your report reflects original work supported by thorough research and critical evaluation. Over-reliance on AI-generated content without meaningful engagement will not be acceptable.

Project Structure/ Brief

1.Technical Report — 2,500 Words (80%):

Report Outline:

1. Introduction & Organisational Context

Core Requirements: You should set the scene by describing the organisation or system targeted in the breach. This includes providing relevant information about the organisation’s size, industry sector, and the type of critical data it handles. Additionally, explain the broader threat landscape that pertains to this organisation or industry, outlining the typical risks and challenges faced in this context.

Guiding Questions:

• Why was the organisation a valuable target?
• What were the "crown jewels" the attackers were after?
• What key regulations or industry standards applied to the organisation?

2.Technical Breach Analysis

Core Requirements: Provide a detailed and clear timeline of the breach along with a technical explanation of how the attack unfolded. This should cover how the attackers initially gained access, the attack vector used (such as phishing or RDP brute-force), and the tools or techniques employed. You should also map the breach to the STRIDE threat model categories and provide an analysis of how the breach impacted the Confidentiality, Integrity, and Availability (CIA) triad.

Guiding Questions:

• What specific technical flaw or vulnerability allowed the attackers to get in?
• How did the attackers move from their entry point to the sensitive data?
• Which element of the CIA triad was most significantly damaged and why?

3.Countermeasures and Preventive Strategies

Core Requirements: Propose a set of relevant countermeasures that could have prevented or mitigated the breach. Explain how each measure would help to prevent or limit the attack’s effectiveness. It is important to critically evaluate these countermeasures by considering their limitations, trade-offs, or any unintended consequences. Furthermore, discuss how realistic or appropriate each countermeasure is within the specific context of the organisation involved.

Guiding Questions:

• What is the single most effective countermeasure that could have prevented this breach?
• How would this control have broken the specific attack chain you described?
• What are the practical challenges (e.g., cost, complexity) to implementing this control?

4.Incident Response and Recovery

Core Requirements: This section should discuss how the organisation could effectively respond to the breach and restore normal operations. Consider the initial steps for containment, threat eradication (e.g., removing malware), and recovery. Discuss potential challenges that might arise, such as data loss or system downtime. Additionally, outline how communication with internal and external stakeholders (employees, customers, regulators) should be managed.

Guiding Questions:

• What was the biggest failure in the organisation’s actual response to the incident?
• What immediate steps should have been taken to contain the damage?
• How should the organisation have communicated the breach to its customers and regulators?

2.Presentation and Demonstration — 10 mins (20%):

Prepare a professional presentation that clearly and concisely summarises the key findings of your written technical report. The goal is to walk the audience through the main points of your analysis, from the initial breach to your final recommendations.

Key Elements to Cover: Your presentation must summarise the highlights from your report, including:

• Introduction to the Case (from Part 1 of your report):
  oA brief overview of the organisation you studied.
  oSummary of the breach incident.
• Summary of Your Technical Analysis (from Part 2 of your report):
  oIdentify the main attack vector used.
  oState the most significant impact on Confidentiality, Integrity, or Availability (CIA).
• Key Recommendations (from Parts 3 & 4 of your report):
  oPresent your single most important preventive countermeasure.
  oOutline the most critical steps of your proposed incident response plan.

Other useful information

Further reading and other resources Your work should be referenced using the Harvard referencing system.

Please also provide a bibliography using the Harvard referencing system.

Module learning outcomes

LO_01 Critically analyse and evaluate cybersecurity breaches, including attack methods, threat models, and their impact on organisational assets.
LO_ 02 Develop and critically assess eective countermeasures and incident response strategies to mitigate and recover from cybersecurity incidents.
LO_ 03 Demonstrate mastery in researching, synthesising, and communicating complex cybersecurity concepts, including ethical and legal considerations, to support informed decision-making within organisations.

The Five Principles

The Five Principles underpin the Mindsets and Skillsets Manifesto and are the foundation upon which all course curriculum frameworks and Module specifications are based. The relevant Principles as stated below have been mapped against the Learning Outcomes relevant to each course Module and at each level (see Programme Specifications for full description of the Five Principles):

Cultivate: Where the individual thrives.
Collaborate: Where the individual evolve.
Integrate Advocate: Where education engages industry.
Where purpose meets practice.
Originate: Creativity meets technology.

Submission Regulations

Students who miss the deadline or fail this project will be required to complete a retrieval project which demonstrates that the learning outcomes have been achieved.

Students should be aware that retrieval submissions are capped at a bare pass grade, (D-) unless the extenuating circumstances panel uphold an evidenced application.

The deadline for retrieval submissions will be determined at an Assessment Board.