Information Security

Writer’s Choice
SCENARIO:
It is your first day working in the IT security department at Aim Higher College, and you are called for a meeting. In this meeting, the need for strengthening the information security for the college is discussed, and everyone agrees that the first step is to identify the top five threats that are a potential risk to the school.
The administration and faculty run the latest version of Windows on their primary workstations, and student laptops may run Windows or macOS.
The college’s web servers run on Linux; but all other servers are Windows Server-based.
Student, staff, and faculty mobile devices, such as tablets and phones, run on iOS or Android; all mobile devices can connect to the campus network.
TASKS:
You have been chosen to determine the top five threats that Aim Higher College faces. Your supervisor gives you the following resources for your research and analysis:
Microsoft Security Advisories and Bulletins https://docs.microsoft.com/en-us/security-updates/
Common Vulnerabilities and Exposure (CVE) database search http://cve.mitre.org/find/index.html
Security organizations, such as Secunia http://secunia.com/
Your supervisor has also asked you to consider the following questions as you shortlist the threats:
What threats are new this year, and which have become more prevalent?
Why are these threats more common and why are they important?
What threats remain constant from year to year? Why?
What threats do you believe will become more critical in the next 12 months? Why?
What is the likelihood of an exploit affecting Aim Higher College, and which operating system(s) does it target?
With these considerations in mind, write a summary report of the top five threats to Aim Higher College.
Briefly explain why you have selected them and what effect they might have on the institution or its students, employees, graduates, or other communities on campus.