Date of Publication

4-2023

Document Type

Master's Thesis

Degree Name

Master in Information Security

Subject Categories

Information Security

College

College of Computer Studies

Department/Unit

Computer Technology

Thesis Advisor

Marnel Peradilla

Defense Panel Chair

Fritz Kevin Flores

Defense Panel Member

Marnell Peradilla
Katrina Ysabel Solomon

Abstract/Summary

Security risks are increasingly common. In the first half of 2022, an estimated 53 million people have had their information exposed through a data breach. Well-known organizations are the primary targets for cyber-attacks due to the wide range of data they can offer. However, even typical organizations are at risk of ever-changing and complex cyber-attacks. Attackers take advantage of the data, whether corporate or personal. A security assessment is the starting point for an organization to establish its cybersecurity policy and combat security threats. It provides a view of the organization’s cybersecurity posture at a point in time. Conducting a regular security assessment to understand where an organization stands in its cybersecurity paths is significant. Having stringent controls can significantly help in times of an unexpected breach and protect the business's reputation. This capstone project aims to perform a security assessment through a vulnerability scan and risk scoring for an information services company to maintain its high-security posture and maturity standards. The author reviewed and differentiated automated cybersecurity risk scoring tools and adapted and performed an evaluation test for the chosen risk scoring tool. Furthermore, the author performed a vulnerability scan using Qualys as the Software as a Service (SaaS) tool and presented the cybersecurity risk scoring tool and vulnerability scan results.

Keywords: Security Assessment, Vulnerability Scan, Risk Scoring tool

Abstract Format

html

Language

English

Format

Electronic

Physical Description

151 leaves

Keywords

Computer security; Cyberterrorism

Upload Full Text

wf_yes

Embargo Period

4-14-2024

Download

Available for download on Sunday, April 14, 2024

Share

COinS