ASSIGNMENT 2 FRONT SHEET

Qualification BTEC Level 5 HND Diploma in Computing

Unit number and title Unit 06: Planning a computing project

Submission date 09/12/2023 Date Received 1st submission

Re-submission Date Date Received 2nd submission

Student Name Nguyen Minh Anh Student ID BH00644

Class SE06203 Assessor name Nguyen Van

Student declaration
I certify that the assignment submission is entirely my own work and I fully understand the conseque
understand that making a false declaration is a form of malpractice.

Student’s signature Anh

Grading grid

P5 P6 P7 P8 M3 M4 D2

Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
❒ Summative Feedback: ❒ Resubmission Feedback:

Grade: Assessor Signature: Date:

IV Signature:

Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
Table of Contents
I. Introduction.....................................................................................................................................................

1. Project purpose:...........................................................................................................................................

2. Project Objectives........................................................................................................................................

II. Devise comprehensive project plans for a chosen scenario, including a work and resource
allocation breakdown using appropriate tools. (P5)...............................................................................................

1. Overview......................................................................................................................................................

2. Project communication plan.........................................................................................................................

3. WBS and Gantt chart...................................................................................................................................

a. Definition..................................................................................................................................................

b. Results:.....................................................................................................................................................

c. Summary:.................................................................................................................................................

III. Communicate appropriate project recommendations for technical and non-technical audiences.
(P6)...............................................................................................................................................................

1. Analysis qualitative data..............................................................................................................................

2. Analysis quantitative data............................................................................................................................

3. Project recommendation...............................................................................................................................

a. For non-technical audience:.....................................................................................................................

b. For technical audience:................................................................................................................................

IV. Present arguments for the planning decisions made when developing the project plans (P7)....................
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

V. Discuss accuracy and reliability of theDownloaded

differentby:research
bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
methods applied (P8)...........................................

VI. References....................................................................................................................................................
 I.I ntroduction
This research delves into the important intersection between Big Data storage systems and
cybersecurity risks. The growing importance of Big Data in business brings serious threats to
data security, putting companies and individuals at risk. The misuse of personal data and the
rise in sophisticated cyberattacks highlight the complexity of cybersecurity challenges. The
report highlights the urgent need to understand and address cybersecurity risks associated with
both cloud-based and local Big Data storage systems. The increasing volume of data,
combined with inadequate awareness and the potential for misuse, creates vulnerabilities that
pose risks to cybersecurity. The analysis includes evolving attack methods, exploited
vulnerabilities, and changes in data security threats over time. In addition to highlighting
current challenges, the report also predicts future dangers arising from technological advances,
emphasizing the importance of protecting critical data and systems. Solutions and limitations
to mitigate these security risks are explored with the aim of providing a comprehensive and
secure approach. The study not only provides an overview of cybersecurity risks in local
and/or cloud-based Big Data systems but also suggests strategies to avoid risks and solve
problems quickly. comprehensive way. Overall, the report contributes to understanding the
evolving landscape of cybersecurity risks in the context of Big Data storage systems and
highlights the need for continuous improvements in security capabilities.

1. Project purpose:
Our projects in the field of Academic are designed with the main aim of improving the quality of
education and research, and supporting political
Document shared on and social decisions through the use of big data.
https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
. Below are the detailed purposes of the project:

 Improve the quality of education:

- Purpose: Develop tools and methods to use big data to improve the quality of education at all
levels.
- Means: Use data on academic activities, test results, and study habits to analyze
 trends and recommend curriculum and training improvements.
 Support for Research and Academic Development:
- Purpose: Create data sources and tools to support research and development in various academic
fields.

- Media: Process data to produce reports, research articles, and scholarly resources that support the
research community.
 Political and Social Decision Support:
- Purpose: Use data to provide academic information to support political and social decisions in
the field of education.
- Means: Analyze data on academic performance, educational quality, and other
educational issues to make assessments and policy recommendations.
 Explore New Thinking and Creative Perspectives:
- Purpose: Search and develop new aspects in the academic field through the use of big data.
- Means: Analyze data to identify trends, relationships, and creative thinking abilities,
thereby creating new ideas and different perspectives.

This project's main aim is to make a positive contribution to the academic field, providing tools
to support both teaching and research processes, and supporting political and social decisions in
improving the system education.

2. Project Objectives:
Our project, focusing on the Academic field, has a detailed and complete goal to meet the needs
and make a positive contribution to the education and research community. Below are details of
the project's goals:
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
 Improving the Quality of Education:
- Goal: Develop a large data system to track and evaluate student learning performance,
helping schools and teachers better understand challenges and opportunities in the
teaching process.
- Implementation Plan: Collect data on scores, learning activities, and class participation
to create an easy-to-read dashboard that provides detailed information about student
 progress.
 Support for Research and Academic Development:
- Goal: Build a large academic database to support research and development in diverse
fields, from social sciences to natural sciences.
- Implementation Plan: Organize data from diverse sources such as scientific articles,
academic research, and statistical data to create a diverse and reliable academic resource
 3. Political and Social Decision Support:

- Goal: Use data to provide academic information to support political and social
decisions in making policies and decisions in the field of education.
- Implementation Plan: Analyze data related to educational quality, learning
motivation, and specific educational issues to make assessments and propose
educational policies.
 Explore New Thinking and Creative Perspectives:
- Goal: Find and develop new aspects in the academic field through the use of big
data to discover trends and creative thinking.
- Implementation Plan: Use data analytics to identify unknown connections, trends,
and thereby generate new ideas and innovative perspectives in the academic field.
 Creating Smart Tools for Educational Management:
- Goal: Develop an application or tool that uses artificial intelligence to support
educational management, make performance predictions and suggest improvement
measures.
- Implementation Plan: Use machine learning algorithms to predict academic
performance, provide suggestions for improving educational quality, and support school
management.

Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

In short, the project's goal is to leverage the power of big data to improve the quality of education,
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

support academic research and development, and provide academic information to support political
and economic decisions. society in the field of education.
 II. Devise comprehensive project plans for a chosen scenario, including a work
and resource allocation breakdown using appropriate tools. (P5)

1. Overview:
a. Project Overview:

MAIN TARGET

This project focuses on researching and evaluating cybersecurity risks related to large data
storage systems on both local and cloud. Main goals include:

 Cyber Security Risk Assessment - Big Data Storage Systems:

Target:

- Identify and analyze current cybersecurity risks for big data storage systems (Big Data) both
local and cloud.
- Assess the severity of each risk and their impact on the entire system.

Step 1: Collect Information

 Local Big Data Storage System:

- Determine the local system architecture.
- Collect information about current security measures.
- Determine the type of big data stored.
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
 Cloud Big Data Storage System:
- Identify cloud service provider and system architecture.
- Check the cloud provider's security infrastructure.
- Multi-site infrastructure evaluation.

Step 2: Risk Classification

  Local Storage:
- Possibility of Data Loss:
- Risks due to hardware errors or damage leading to data loss.
- Internal Network Attack:
- Risk from internal employees who may intend to sabotage or steal information.
 Cloud Storage:
- Violation of Access Management:
- Risks from not controlling access to data in the cloud environment.
- Cloud Service Attack:
- Risks from targeted attacks on cloud infrastructure.

Step 3: Assess Severity

 Determine Evaluation Criteria:

- Evaluated according to criteria such as economic impact, reputation, and legal compliance.
 Severity Rating:
- Determine the severity of each risk based on assessment criteria.
- Prioritize risks with high severity.

Step 4: Build an Evaluation Table

Number Risk Classify Severity Precautions

1 Data Loss Due Local Storage High Regular backups,
to Hardware testing and
Failure maintenance
2 Internal NetworkDocument
Localshared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Storage Medium Manage
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
access
Attack rights, educate
employees
3 Violation of Local Storage High Strict access
Access Control control, event
tracking
4 Cloud Service Local Storage Medium Use anti-
 Attack DDoS
protection and
data encryption
services

Step 5: Summary and Report

- Summary of severity assessment results and detailed analysis for each risk.
- Develop a risk assessment report to share with stakeholders and recommend specific preventive
measures.

Step 6: Propose Preventive Measures

- Recommend specific preventive measures for each risk to minimize their severity and risk of
occurrence.
- List the limitations and potential risks when implementing preventative measures.

Conclude:

Risk assessment is an important step in understanding the threats facing big data storage
systems. Through this assessment, we can prioritize and implement preventative measures to
maximize the protection of critical information.

 Analyzing the Historical Development of Cyber Security Risk

Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
Target:

- Research the historical development of cybersecurity risks related to big data storage systems
(Big Data).
- Understand how risks change over time and identify the key points influencing these
developments.

Step 1: Collect Historical Data

 Important Security Events:

- Identify and collect information about important cybersecurity events related to Big Data storage
systems.
 Technology Change:
- Evaluate major changes in technology related to big data storage.

Step 2: Identify Critical Stages

 Establishment Period (Before 2010): Understand the origins and early development of big data
storage systems.
 Acceleration Period (2010-2015): Identify new business models and significant increases in data
capacity and scale.
 Cloud Transition (2015-2020): Research the transition from local to cloud storage and its impact
on cybersecurity.
 Rising Challenges (2020-present): Assesses emerging challenges, including increasing scale and
complexity of attacks.

Step 3: Analyze Change

Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
 Technology Factor: Assesses the evolution of big data storage technology and how it impacts
cybersecurity.
 Increasing Data Scale: Analyze the impact of increasing data scale on management and security.
 Migrating to the Cloud: Understand the challenges and benefits that migrating storage to a cloud
environment brings.
  The Challenge of Enhancing Security (2020-present): Classifies and assesses the
new challenges facing cybersecurity in today's big data landscape.

Step 4: Synthesize and Draw Conclusions

 Synthesize the information collected to build a comprehensive view of the historical

development of cybersecurity risks related to Big Data storage systems.
 Draw important conclusions and propose adjustments and improvements in cybersecurity
strategy.

Step 5: Report and Share

 Prepare a detailed report analyzing historical developments and the most important insights.
 Share reports with stakeholders and dialogue to ensure common understanding and
engagement in aligning cybersecurity strategy.

Conclude:

Analyzing the historical evolution of cybersecurity risks in the big data storage sector will
provide an in-depth understanding of risk and volatility in the industry. This helps
organizations be better prepared and more effective in facing today's cybersecurity
challenges.

 Predicting Future Cyber Security Risks

Target:

- Predict potential future cybersecurity risks associated with large data storage systems.
- Consider technological advances and industry trends that may impact cybersecurity.

Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

Step 1: Analyze Industry Trends Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

 The Evolution of Storage Technology: Assess the evolution of big data storage technology and
how it may create new risks.
 Mobile Trends: Analyzing the impact of mobile trends on the cybersecurity of big data storage
systems.
  The Rise of Artificial Intelligence (AI) and Machine Learning: Examines how AI and
machine learning can create both new risks and security solutions.

Step 2: Predict Potential Risks

 Enhanced Attack Technology: Anticipate advances in attack technology, including new malware
and attack techniques.
 Internal Risks: Consider risks that may arise from within the organization, including employee
risks and access management.
 Switching Technology Partners: Anticipate risks that may stem from switching
technology partners and dependence on third parties.

Step 3: Analyze the Impact of New Technology

 Internet of Things (IoT): Assessing the impact of IoT developments on the cybersecurity of big
data storage systems.
 Blockchain and Data Security: Consider how blockchain can help increase data security while
also creating new risks.
 Technology Intersection: Analyze the intersection of new technologies and how it can create new
risk situations.

Step 4: Propose Countermeasures

 Security Research and Development: Proposal to improve security research and

development activities to deal with potential risks.
 Personnel Training: Propose a training program for personnel on recognizing and dealing with
new risks.
 Continuous Monitoring: Continuous monitoring is recommended to detect and minimize damage
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
from attacks. Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

Step 5: Report and Deploy

 Prepare a detailed report on future risk projections and proposed countermeasures.

 Share information with key parties and implement proposed measures.

Conclude:
 Predicting future risks is an important part of a cybersecurity strategy so that
organizations can effectively deal with an increasingly complex security
environment. Considering technology developments and industry trends will help
build a cybersecurity strategy that is flexible and responds quickly to new
challenges.

 Security Measures for Large Data Storage Systems

Target: Identify and implement security measures to mitigate current risks and prevent future
vulnerabilities to big data storage systems.

Step 1: Protect Important Data

 Data Encryption: Apply full data encryption during transmission and storage to prevent
unauthorized access.

 Access Rights Management: Implement a strict access rights management system to

ensure only authorized users can access important data.

Step 2: Protect Against Internal Network Attacks

 Employee Education: Organize periodic training sessions to increase cybersecurity

awareness and reduce risks from internal users.
 Internal Behavioral Monitoring: Use internal behavioral monitoring tools to detect suspicious
employee behavior.

Step 3: Protect Against Foreign Attacks

 Firewall and Virtual Private Network (VPN): Use a firewall and connect via VPN to protect
your network from outside attacks.
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
 Recommended System Updates: Ensure thatby:systems
Downloaded are kept
bui-thi-hoai-btec-hn up to date with the latest
(hoaibtbh01141@fpt.edu.vn)

security patches to protect against known vulnerabilities.

Step 4: Deal with Future Risks

 Continuous Research and Development: Organize research and development projects

to respond to new risks and predict attack trends.
  Continuous Monitoring Mode: Implement continuous monitoring mode to detect suspicious
activities early and handle them

Step 5: Ensuring the Security of the Cloud System

 Cloud Access Control: Strictly manage access to data in the cloud environment.
 Data Encryption in the Cloud: Use data encryption in the cloud environment to protect important
information.

Step 6: Periodic Backup Mode

 Recommended System Backup: Organize a regular backup mode to ensure data safety and quick
recovery after incidents.
 Periodic Tests: Perform periodic tests to ensure that the backup process is working properly and
that data is recoverable.

Step 7: Periodic Review and Update

 Periodic Security Reviews: Organize periodic security reviews to ensure that security measures
remain effective.

 Update Security Strategy: Based on assessment and changes in the security

environment, periodically update the cybersecurity strategy.

Conclude:

These security measures aim to increase the security of large data storage systems, protect
critical information and minimize risks from both internal users and external attacks.
Regular monitoring, evaluation, and updating processes will help maintain the safety and
effectiveness of your security strategy.
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

PROJECT SCOPE:

SYSTEM IDENIFICATION:

 Target: Store and analyze data from the organization's large data storage systems both locally
and in the cloud.
Specific work:

 Identify Data Sources: Evaluate and identify data sources from local and cloud storage systems.
 Database Analysis: Create database analysis models to understand the structure and relationships
between components.
 Build Storage Process: Develop effective data storage process for both local and cloud.

COMPATIBILITY:

 Target: Ensure compatibility between storage systems and other elements in the IT
infrastructure.
 Specific work:
 Check Current Compatibility: Perform checks on current compatibility between
systems and other components in the IT infrastructure.
 Adjust Link Protocol: If necessary, adjust link protocol to ensure compatibility between systems.
 Perform Compatibility Testing: Organize tests to ensure compatibility under different conditions.

PREVENTION SYSTEM:

 Target: Develop preventative measures to minimize cybersecurity risks.

 Specific work:
- Current Risk Assessment: Analyze and evaluate current cybersecurity risks in data storage
systems.
- Build Security Measures: Develop security measures such as encryption, access management to
deal with identified risks.
- Deploy Preventive Technology: Implement preventive technologies such as firewall and
behavioral monitoring to protect theshared
Document system.
on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

EVALUATE:

 Research results:
- Evaluate the success of data storage and analysis.
- Check compatibility between systems and other elements.
- Evaluate the performance of preventive measures and make improvements if necessary.
 Rapport and Communication:
- Prepare detailed reports on results and suggestions for improvement.
- Communicate with stakeholders to share information and receive feedback.

IMPLEMENTATION PLAN:
 Phase 1 (February 15, 2023 - February 28, 2023): System Identification

Identify data sources and analyze the database.

 Phase 2 (March 1, 2023 - March 10, 2023): Compatibility

Check current compatibility and adjust link protocol.

 Phase 3 (March 11, 2023 - March 20, 2023): Prevention System

- Assess risks and develop security measures.
- Deploy prevention technology.
 Phase 4 (March 21, 2023 - March 30, 2023): Evaluation and Report

- Evaluate results and performance.

- Prepare detailed reports and communicate with stakeholders.

RESEARCHERS:

Team Leader:

- Name: Nguyen Minh Anh

Role: Team leadership, management and strategic decision making.

Team Members:
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

- Name: Tran Huu Duy

Role: Cyber Security Expert

Duties: Analyze network security risks, develop preventive measures.

- Name: Le Thi Mai

Role: Big Data Storage Specialist

Duties: Identify and analyze large data storage structures, recommend improvements to the storage
system.

- Name: Hoang Van Tam

Role: Cloud Computing Expert

Mission: Research and deploy security solutions for cloud environments, ensuring compatibility.

- Name: Nguyen Thi Bich Ngoc

Role: Data Analyst

Task: Analyze specifically the structure and relationships between data in the system.

- Name: Tran Van Tuan

Role: Data Analyst

Duties: Support in the data analysis process, perform compatibility tests.

Communication and Group Meeting Schedule:

Time: Weekly on weekends.

Means of Communication: Online meetings via tools such as Zoom.

Duties: Discuss progress, answer questions, and suggest improvements.

PROJECT SCHEDULE:

Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
CONCLUDE:

This project aims to extensively research cybersecurity risks associated with large data
storage systems, both local and cloud. Understanding the evolution of risks over time and
predicting future risks will help develop effective security measures to protect important
information. The schedule is designed to ensure project integrity and feasibility.

b. Project Scope and Deliverables

Project: Cybersecurity Risks Associated with Local and/or Cloud-based Big Data Storage
Systems

Project objectives: Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
 Cyber Security Risk Assessment:

- Research and evaluate current cybersecurity risks in large data storage systems both locally and in
the cloud.

- Analyze existing types of attacks and security vulnerabilities.

  Analysis of Development Over Time:

- Research the historical development of risks to understand changes and adjustments in attack
methods.

 Forecasting Future Risks:

- Anticipate potential future cybersecurity risks, considering technological advances and industry
trends.

 Security Measures:

- Identify necessary security measures to mitigate current risks and prevent future vulnerabilities.

Project scope:

 Define the System:

- Store and analyze data from the organization's large data storage systems, both local and cloud.

- Evaluate compatibility between storage systems and other elements in IT infrastructure.

 Prevention System:

- Develop preventive measures to minimize cybersecurity risks.

Deliverables:

 Cybersecurity Ris Assessment Report:

- Describe and analyze current risks in big data storage systems.

- Propose preventive and improvement measures.

Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

 Report Development Over Time:

- Summary of history of risks and changes in attack strategies.

- Provide comments on security risk trends.

  Predicting Future Risks and Preventive Measures:

- Predict risks that may appear in the future.

- Identify preventive measures to minimize potential risks.

 Security Improvement Plan:

- Develop a security improvement plan based on research results.

- Propose specific steps to implement improvements.

Expected results:

- Provides a comprehensive view of cybersecurity risks related to large data storage.

- Diagnose and mitigate current risks, while predicting and preparing for future risks.

- Propose specific plans to improve the security of large data storage systems.

2. Project communication plan

For communication project planning, according to ASM 1 we have clear plans for our project,
and based on this I will create a communication project plan to ensure The project can be
completed completely

• The tasks listed below are included in the Gantt chart:

- Collect Data
- Assess ricks when accessing the network
- Data Analysis Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

- Toss in recommendations.
- Completed report
For example, the development of the comprehensive plan to manage and reduce the
environmental impact of digital technologies depends on the completion of the
literature review. Gantt charts are an important tool for project management. They
help project managers plan, track progress, and identify potential problems.

PROJECT COMMUNICATION PLAN REPORT

The project "Cybersecurity Risks Associated with Local and/or Cloud-based Big
Data Storage Systems" aims to optimize information sharing and interaction within
the group. Our communication plan is built to ensure every member clearly
understands the goals, progress, and contributes ideas.

Main target:

1. Start-Up Meeting: Each new phase, the team will hold a meeting to share details about
the project goals and schedule, and listen to opinions and suggestions from every
member.

2. Project Team Meeting: Every week, every member will participate in a meeting to
discuss work progress, resolve problems, and suggest improvements. This meeting will
help keep the team in sync.

3. Check-Ins (Meeting Summary): Each day, we will have a quick summary of progress
and key points from the team meeting. This helps all members update information
effectively.

4. Project Status Meeting: Every month, we will hold a meeting to overview progress, risks,
and adjust strategy if necessary.

5. UX Design Review: EveryDocument

3 months, the UX design team and target users will meet
shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
to test and evaluate the user interface design.

This communication plan is intended to ensure all information is communicated

effectively and evenly throughout the entire project.
 Purpose Medium Frequency Audience

Kickoff Share details about Every new stage When there are The entire project
meeting project goals, scope, major updates or team, project
UX design review andTest and evaluate Every 3 months changes
schedule. To to strategy UX design team,
ensuremanagement, research
and key
user interface design continuous team, and target users
stakeholders
Project with work
team Discuss input from
Every Week To improvement
track progressandResearch team member,
meetings experts and target
progress, andmeet
stay user needs
flexible cybersecurity expert, and
users.
solve project manager
problems, and
suggest
improvements.
Check- Get quick updates Email Daily Project team and
ins(meeting on team meeting key stakeholders
recap) progress and key
points.
Project status Overall assessment Every Month To ensure consensus Project team,
meetings of progress, risks, and adjust to cybersecurity
and strategy changes management, and
adjustments if peripheral stakeholders
necessary.

 Evaluate Performance and Adjust:

- Periodic Feedback: Hold a meeting to evaluate communication effectiveness at
the end of the month to adjust the communication plan if necessary.
- Adjust the Plan: Based on feedback and evaluation, adjust the
communication plan to ensure effectiveness and comprehensiveness.
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

3. WBS and Gantt chart:

a. Definition:
WBS concept:

The concept of WBS (Work Breakdown Structure) is a method of organizing and

decomposing work in a project into smaller and more manageable components. The WBS is
often represented as a leveled tree, starting with the main project and dividing into more
detailed tasks.
Key Features of WBS:

1. Decomposition of Work: WBS helps decompose large tasks into smaller and more detailed parts,
reducing project complexity.

2. Create a System Structure: Provide a system structure for the project, making each job and its
responsibilities clear.

3. Relationship Display: Allows the display of relationships between tasks and provides an overview
of the scope of the project.

4. Easy to Track and Manage: WBS makes it easier for management to track and evaluate the
progress of each piece of work.

5. Information Sharing: WBS helps share information effectively among project team members and
with stakeholders.
Benefits of WBS:

- Clarity: Understand the specific tasks and responsibilities of each member in the project.

- Better Management: Easily manage and track project progress step by step.

- Reduce Risk: Reduce risk by dividing work

into smaller, more controllable parts.
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
Important Note:
- WBS is an important management tool, helping to ensure clear understanding and consensus on
project scope.

- It provides a starting point for planning and tracking project progress.

How to Create a WBS for a Project

 Creating a Work Breakdown Structure (WBS) for a project is important to divide the work
into smaller, more manageable parts. Here's how you can create a WBS for a project:

Step 1: Define Project Scope

- Determine what belongs to the project and what does not belong to it.

- Ensure a clear understanding of the project's goals and expected outcomes.

Step 2: Identify Work Packages

- Divide main work into smaller work packages that can be easily managed and evaluated.

- Each work package should be directly related to a specific goal or outcome.

Step 3: Use Levels on the WBS

- Use levels to represent the level of detail of the WBS.

- The highest level usually represents the main project, lower levels represent more detailed work.

Step 4: Classify and Group Jobs

- Classify jobs into groups based on relevance or function.

- This helps create a logical organizational structure for the project.

Step 5: Arrange Work in Necessary Order

Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
- Identify the relationship between tasksDownloaded
and arrange them in the necessary
by: bui-thi-hoai-btec-hn order.
(hoaibtbh01141@fpt.edu.vn)

- This helps define the order of execution and dependencies between tasks.

Step 6: Assign Codes to Each Work Package

- Assign unique codes to each work package for easy identification and reference during project
management.
Step 7: Check and Confirm with Stakeholders

- Review the WBS with stakeholders to ensure clear understanding and consensus on its structure
and details.

Creating a WBS is a relatively flexible process, but most importantly, it must fully and
accurately reflect the work to be done in the project.

b. Results:

Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
As project manager, I created a Work Breakdown Structure (WBS). The WBS breaks the project
into smaller, more manageable tasks and provides a clear structure for project planning and
analysis. Here is the professional WBS for the project:

1. Collect Data ( September 1, 2023 – September 10, 2023)

1.1. Determine Data Source

1.2. Data Collection

1.3. Data Quality Control

2. Assess Risks When Accessing the Network ( September 10, 2023 – September 20, 2023)

2.1. Determine Specific Risks

2.2. Risk Classification According to Priority

2.3. Assess the Level of Impact and Likelihood of Occurrence

2.4. Make Recommendations

3. Data Analysis ( September 21, 2023 - September 25, 2023)

3.1. Detailed tasks

3.2. Conduct Statistical Analysis

3.3. Summarize Findings

4. Toss in Recommendations ( September 26, 2023 – September 29, 2023)

4.1. Review Data Analysis Results

4.2. Develop Security Recommendations

5. Completed Report ( September 29, 2023 – September 30, 2023)

5.1. Review Data Collection Results

5.2. Summarize Key Findings

Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

By breaking down the project into these specific phases
Downloaded and tasks, the
by: bui-thi-hoai-btec-hn WBS provides a structured
(hoaibtbh01141@fpt.edu.vn)

approach to project management, ensuring clarity, efficiency, and effective analysis. Each phase
has a defined duration, allowing for better time management and resource allocation.
 c. Summary:

We have made significant progress on this project, successfully completing the Initiation of
Meetings stages (100%). We have also made progress in the phase of defining the mission, key
characteristics and areas of activity. However, the stages of assessing cyber security risks related
to local big data systems are still incomplete and have not achieved the highest targets, followed
by proposed security measures and planning. The improvement plan has not yet achieved the
target (100%) in its entirety. Finally, we have not yet completed the Review meetings here.

• Evaluate each stage:

➢ Start (100% completed): We have set up and prepared the meeting content,
Deployed the meeting, Prepared meeting minutes on the issue of network security
risks related to the local big data system completed excellently

➢ Identify main characteristics and areas of activity (96% completed): We have

identified the main characteristics of the project and the project's areas of activity in a
meticulous and effective manner. This section details the collection of relevant
information, classification of characteristics and areas of activity, and also mapping the
scope of the project's area of operation.

➢ Assessing cybersecurity risks related to local big data (91.6% completed): Thanks to
identifying the main characteristics of the project, and the project's operational areas in a
detailed manner. meticulously, we have been able to research and evaluate cybersecurity
risks related to local big data quite excellently, here we have completed the risk
identification to achieve ( 100%) and assess the severity of the problem (90%) and
classify risks according to severity (85%).
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
➢ Identify security measures (90% complete): Progress has been made in testing
existing system errors (100%), identifying necessary measures (100%), and analyzing
achieved priorities quite good (70%)

➢ Improvement planning (91.6% completed): We have collected feedback fully and

achieved (100%), next is about building plans Improvement from feedback is achieved
(95%) and finally, discussing and confirming the plan with your operations team is
 achieved (80%).

➢ Reviewing the meeting successfully (8.3%): Here, we have only completed a small
part of the content of the meeting to summarize the issue successfully (25%), as for the
implementation of the summary meeting. We have not yet completed the conclusion and
preparation of summary meeting minutes

• Prioritize the planning phase of meetings, identify project characteristics and areas of activity, evaluate
project plans, and analyze findings to understand the true scope of the project and provide
information for the remaining stages. Overall we are off to a good start but there is still much
work ahead. By focusing on ensuring cybersecurity measures related to local big data systems,
creating improvement plans and completing the final step is to summarize your project.

III. Communicate appropriate project recommendations for technical and non-

technical audiences. (P6).

1. Analysis qualitative data

• For this part, from the data that I have researched and analyzed qualitative data in ASM1 as follows:

• To be able to qualitatively analyze cybersecurity risks associated with local Big Data storage
systems, we need to qualitatively analyze cybersecurity risks associated with local Big Data
storage systems . It helps us understand security issues and challenges our systems may
face. In addition, we need to ask some qualitative questions about this issue and survey
the number of respondentsDocument
in each question. Below are some of the contents and
shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
questions I gave for everyone to answer.

• The first is about access and access management:

➢ What security measures are in place to ensure that only authorized people have access to
local big data?
 ▪ Answer A: Access control (30 people choose)

▪ Answer B: Authentication and identity verification (40 people chose)

▪ Answer C: Access rights management (50 people choose)

▪ Answer D: All of the above options (70 people choose)

➢ How do you ensure proper access rights management and track access usage?

▪ Answer A: Identify and clearly state access rights (21 people chose)

▪ Answer B: No way (5 people choose)

▪ Answer C: Use an access rights management system (ACL) (30 people chose)

▪ Answer D: answers A, B, C are all correct (65 people chose)

• Next is about data leaks:

➢ How to identify and prevent potential security vulnerabilities in big data storage systems?

▪ Answer A: Security scan and vulnerability check (20 people choose)

▪ Answer B: Apply security updates (30 people chose)

▪ Answer C: Both answers above are correct (50 people chose)

➢ What procedures are in place to monitor and detect data breaches?

▪ Answer A: Use a diary system (30 people choose)

Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

▪ Answer B: Determine normal data standards (40 people choose)
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

▪ Answer C: Set up real-time warnings and alerts (20 people chose)

▪ Answer D: All of the above options (70 people chose)

• Data management:

➢ How to backup large data safely and effectively?

Answer A: Identify
important data (29
people chose) Answer B:
Choose a storage
medium (13 people
chose) Answer C: Check
data integrity (30 people
choose) Answer D: All
the above answers (50
people choose)
➢ How to recover large data safely and effectively?

Answer A: Develop a recovery plan (15 people chose)

Answer B: Check and authenticate

backup data (20 people choose)
Answer C: Decide to deal with the
incident (30 people choose) Answer
D: All the above answers (60 people
chose)
• Security and software vulnerabilities:

➢ How do you ensure that Document

all software
shared on and operating
https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
systems are up to date and secure? Answer A:
Perform periodic updates (20 people choose)
Answer B: Automate the
update process (25 people
chose) Answer C: Follow and
check updates: (35 people
 chose) Answer D: All the
above answers (70 people
chose)
• Cybersecurity and intrusion:

➢ How to protect large data storage systems from

DDoS attacks or network intrusions? Answer
A: Use DDoS mitigation solution (22 people
chose)
Answer B: Set up a distribution
network (CDN) (25 people choose)
Answer C: Monitor network traffic
(15 people chose)
Answer D: All the above answers (60 people chose)

• Staff management and training:

➢ How do we ensure that employees are trained on cybersecurity and privacy regulations?

▪ Answer A: Identify necessary training contents (30 people chose)

▪ Answer B: Developing training programs (40 people choose)

▪ Answer C: Customize training for each role (55 people chose)

▪ Answer D: All the above answers (70 people chose)

• Scalability and performance:

Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
➢ How to ensure that the system is scalable to meet future large data storage needs?

▪ Answer A: Design a scalable system (23 people chose)

▪ Answer B: Use cloud computing technology (34 people chose)

▪ Answer C: Use object storage (55 people chose)

 ▪ Answer D: All the above answers (60 people chose)

• Risk analysis and compliance:

➢ How does the organization analyze risks and ensure compliance with relevant cybersecurity
standards?

▪ Answer A: Identify relevant standards and rules (21 people chose)

▪ Answer B: Risk analysis (31 people chose)

▪ Answer C: Identify protective measures (40 people chose)

▪ Answer D: All the above answers (60 people chose)

• From Asm 1, I will analyze qualitative data on cybersecurity risks related to big data systems in a
detailed and understandable way as follows, through research as well as evaluation of the answers.
Thanks to everyone's feedback, I was able to briefly analyze this data:

1. Access rights and access management:

➢ Access security measures:

✓ Conclusion: The majority of participants (50%) support the adoption of

"Access Rights Management" as a key measure to ensure only authorized
people have access to big data.

➢ Manage and track access usage:

✓ Conclusion: The selection of “All of the above” (70%) demonstrates consistency in combining
multiple measures to
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
ensure effective access management and monitoring.

2. Data leak:

➢ Detect security vulnerabilities:

✓ Conclusion: Combining "Security scanning and vulnerability testing" with

 "Applying security updates" was supported by 50% of participants,
demonstrating awareness of the importance of combining these measures. it's
France.

➢ Monitor and detect data breaches:

✓ Conclusion: The high preference rate for "All of the above" (70%)
shows that participants are aware of the importance of using log systems,
data standards, and alerts for monitoring and detect data breaches.

3. Data management:

➢ Back up data safely and effectively:

✓ Conclusion: Selecting “All of the above” (50%) demonstrates consistency in

combining multiple measures such as identifying critical data, selecting storage
media, and checking integrity to ensure Ensure safe and effective data backup.

➢ Safe and effective data recovery:

✓ Conclusion: The high priority rate for "All of the above" (60%) shows
consistency in developing a recovery plan, testing, and validating backup
data.

4. Security and software vulnerabilities:

➢ Software and security updates:

▪ Conclusion: The high consistency of “All of the above” (70%) demonstrates a sense of
incorporating periodic
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
updates, automation, and update monitoring to ensure software security. soft.

5. Network security and intrusion:

➢ Protect your system from DDoS and network intrusions:

✓ Conclusion: Prioritizing “All of the above” (60%) shows consistency in combining DDoS
 mitigation solutions, CDN
setup, and network traffic monitoring to protect systems.

6. Staff management and training:

➢ Cybersecurity and Privacy Training:

✓ Conclusion: High consistency for “All of the above” (70%) shows a sense of integration in
identifying training
content, building training programs, and customizing training for each role .

7. Scalability and performance:

➢ System expandability:

✓ Conclusion: High consistency for “All of the above” (60%) demonstrates awareness of
combining measures such as
system design, use of cloud technology and use of object storage to ensure ensure
system scalability.

8. Risk analysis and compliance:

➢ Risk analysis and compliance:

✓ Conclusion: High consistency for “All of the above” (60%) demonstrates awareness of
combining standardization,
risk analysis, and identification of safeguards to ensure follow.

• In short, the qualitative data demonstrates consistency and a high awareness of the importance of
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
combining multiple measures to ensure cybersecurity and data management. Attention should be
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

paid to implementing integrated measures to face the diverse and complex challenges in the
field of cybersecurity and data management. Understand the specific risks that lead to network
security system failures, Identify weaknesses in data management and network security
processes. Identify improvement measures as a result of qualitative analysis that will
recommend specific improvement measures to reduce or eliminate cybersecurity risks. Create
an improvement plan: Based on the results of the qualitative analysis, the organization can
create a specific cybersecurity improvement plan. Enhance compliance and monitoring:
Qualitative analytics helps improve compliance with cybersecurity standards and regulations
and increase cybersecurity awareness.

2. Analysis quantitative data

• From the quantitative data that I analyzed and researched in ASM 1 as follows:

• Big data storage systems are increasingly used by organizations to store and process large volumes of
data, but they also pose significant cybersecurity risks, especially in local systems or based on a
large cloud, we simply understand the reason why special cybersecurity risks related to this
large data occur is because important data and information are always stored here. Therefore,
quantitative analysis of these risks is very important to ensure the organization's information
security and confidentiality. Here are some major data security risks:

• A DDoS attack can cause data storage systems to become larger but inactive by loading network resources.
➢ Risks of malicious code: Big data often contains a lot of important information and
malicious attacks can lead to data loss or dissemination.

➢ Risks of access management: Proper access management to data is extremely

important. Deficiencies in access control and monitoring can lead to intrusions and
data leaks.

➢ Risks from security warehouse: Big data often requires many different
systems and applications, which creates weaknesses if one of them has a
security hole.

➢ Coding risks: If large data is not encrypted then it can be accessed correctly on the left.
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
➢ Risks from employees and talent: Employees can be a source of risk when they
do not comply with security rules or intentionally violate public relations. Talents
can also leave the organization and get important information.

➢ Data quality risks: Big data can contain errors and noise that lead to inaccurate or distorted
data.
➢ Risks from data backup: Large data backups may not be executed properly or fail to ensure
data security and recovery.

➢ Risks from lack of management data: Managing big data requires a strategic tool.
Lack of initiative and data management can lead to loss and leakage of important
information.

➢ Risks related to prescribed minerals: Organizations need to integrate data security

regulations, including GDPR, HIPAA or other industry-specific rules. Deficiencies in
work can lead to legal and financial consequences.

• After identifying the risks above, we begin to analyze and evaluate the risks, collect
data and figures related to the risks so that we can detect them early. Which is the
most important to promptly prevent and thoroughly overcome? Below are the
steps to identify risks, as well as some statistics on cybersecurity risks related to
data systems large local data

• First and foremost, we must determine which data is most likely to be attacked and have the
most vulnerabilities.

• Next is the need to determine what those risks are: cyber attacks, malware infection or data theft,
etc.

• Then it is necessary to evaluate the attack capabilities. The next stage is to evaluate the
attacker's ability to exploit the vulnerability. This can be done using a variety of
approaches, including historical data, expert opinions, and attack vectors.

• Assess the impact of attacks The third phase is to assess the impact of attacks on assets. This can
be done by taking
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

into account issues such as data breach costs, reputational damage and regulatory fines.
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

• According to the statistics we have learned, cyber attacks related to local large data systems involve many
aspects, it can
include types of attacks as well as the number of vulnerabilities. empty etc... specifically as
follows:
 • Number of daily attacks: On average, local big data storage systems record about 50-100 cyber
attacks daily. • DDoS
attacks: Account for about 30% of total daily attacks.

• Malware attacks: Account for about 20% of total daily attacks.

• Denial of service (DoS) attacks: Accounts for about 15% of total daily attacks.

• Attacks exploiting security vulnerabilities: Account for about 10% of total daily attacks.

• Other attacks: Account for 25% of total daily attacks.

• On average, there are about 20-30 security vulnerabilities discovered every

month on local big data storage systems.

• Percentage of attacks detected and blocked before causing damage: About 60% of all attacks are
detected and
blocked before causing serious damage.

• In addition, we also collect some other data related to this issue as follows:

• In 2021, global cybercrime losses will be $16.4 billion per day, $684.9 million per hour, $11
million per minute and
$190,000 per second.

• Total internet outages would result in a daily GDP loss of 1.9% for a country with strong
connectivity and a daily loss
of 0.4% for a country with poor connectivity.

• In the United States, theDocument

chanceshared
of finding and convicting the perpetrator of a cyber attack is 0.05%.
on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

• By 2021, 70% of bitcoin transactions will be linked to or used for criminal activities.

• In 2019, attacks on IoT devices increased by 300%.The FBI's Cyber Most Wanted
List includes 102 notorious criminals who are believed to have committed a
series of cyber crimes that have harmed and cost individuals and companies
billions of dollars to date. April 2021
• Global ransomware costs are $21 billion, with phishing, cyber intrusions, accidental disclosures,
stolen devices or
data, and system misconfigurations being the most common forms of attack in the USA.

• Public corporations, professional industries, manufacturing organizations, information companies,

and health care
businesses are the industries hardest hit.

• The average ransom for businesses infected with Ransomware is $233,817.30.

• Unauthorized online and mobile advertising costs the world 44 billion USD.

• Customers stay away from companies experiencing cyber attacks, with the average time between
attacks being 11seconds.

• Organizations are increasingly using big data storage systems to store and analyze huge
volumes of data, but they also pose a major cybersecurity threat, especially in local or
local systems. Massive cloud-based. Quantitative risk analysis is critical to protect the
safety and security of your organization's information. Here are some major data
security threats:

• Global ransomware costs are $21 billion, with public companies accounting for 38% of
intrusions in the United
States.

• Ransomware mainly affects public companies, with SaaS being the most vulnerable.

• Customers avoid businesses subject to cyber attacks 59% of the time, with 70% feeling that
businesses have not Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
done much to secure their personal information.

• More than half of all cyber attacks target small and medium-sized businesses, with 60%
failing within six months.

• With a 12% CAGR in cybersecurity IT spending, the average cost of a data breach in 2020 was
$3.86 million.
 • The standard deviation of a data collection is a measure of the dispersion of values around
the mean. The larger the standard deviation, the wider the range of values in the
data collection. The standard deviation of various statistics for cybercrime data is
determined as follows:

• Global ransomware costs are $2.2 billion, of which 10% of intrusions are ransomware.

• There are 1,200 industries most affected by malware, with the internet most affected by phishing
(10.2%).

• The average ransom for businesses infected with Ransomware is $100,000.

• Customers stay away from companies experiencing cyber attacks, with the average time between
attacks being 10
seconds.

• In 2020, the average cost of a data breach was $1.2 million.

• From the above information, I will briefly analyze quantitative data and draw specific conclusions
as follows:

1. Overview:

The data identifies that big data storage systems are facing significant cybersecurity risks.

2. Big Data Security Risks:

➢ DDoS Attacks: Account for 30% of all daily cyber attacks, threatening to increase system
size but not working.

Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

➢ Malware Risk: Big data contains a lot of important information, facing the risk of loss or
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

uncontrolled circulation.

➢ Access Management Risks: Deficiencies in access control and monitoring can lead to data
breaches and leaks.

➢ Security Store Risk: Large systems require many different systems and
 applications, creating weaknesses if one of them has a security hole.

➢ Encryption Risks: Unencrypted data can be accessed from the outside.

➢ Employee and Talent Risk: Employees can be a source of risk when they do
not comply with security regulations or intentionally violate them.

➢ Data Quality Risks: Big data can contain errors and noise, leading to inaccurate information.

➢ Data Backup Risks: Improper backup can lead to loss and poor recovery.

➢ Data Management Risks: Lack of management can lead to loss and leakage of information.

➢ Regulatory Risks: Need to integrate data security regulations such as

GDPR, HIPAA to avoid legal and financial consequences.

• 3. Risk Analysis and Assessment Step:

➢ Identify Critical Data: Must determine which data is most likely to be attacked and has the
most vulnerabilities.

➢ Risk Type: Classify cyber attacks, malware infections, and data theft to identify specific risks.

Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
 ➢ Attack Potential: Assess an attacker's ability to exploit a vulnerability using a
variety of approaches, using historical data and expert opinion.

➢ Impact of the Attack: Assess the impact in terms of data breach costs, reputational damage,
and regulatory penalties.

4. Statistics and Additional Data:

➢ Daily Data: ▪ On average, there are 50-100 cyber attacks per day.

▪ DDoS attacks account for 30%, malware attacks 20%, denial of service
(DoS) attacks 15%, security vulnerability exploitation attacks 10%, other
attacks 25%.

➢ Security Vulnerabilities: Every month, about 20-30 security vulnerabilities are discovered.

➢ Prevention and Response:

✓ About 60% of attacks are detected and stopped before causing serious damage.

➢ Loss Statistics:

▪ Global losses from cybercrime are $16.4 billion per day.

▪ GDP loss is 1.9% daily for a strongly connected country.

➢ Bitcoin Statistics: 70% of transactions involve crime.

• 5. Ransomware Cost:

Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

➢ Data: The average ransom is $233,817.30.
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

➢ Analysis: This cost poses a serious problem and can have a major impact on a
business's finances. A strong security strategy is needed to prevent ransomware
attacks.

6. Challenges from Customers and Cyber Attacks:

 ➢ Data:

✓ The average time between attacks is 11 seconds.

✓ 59% of customers avoid businesses suffering from cyber attacks.

✓ 70% feel that businesses do not ensure the security of personal information.

✓ 60% of cyber attacks target small and medium businesses with a 60% failure rate
within six months.

➢ Analysis: The short time between attacks is a major challenge. Customers are
increasingly sensitive to information security, placing high demands on security
and demonstrating care for their data.

• 7. Cyber Security Cost and Standard Deviation:

➢ Data:

▪ The average cost of a data breach in 2020 was $3.86 million.

▪ The standard deviation of ransomware costs is $2.2 billion.

▪ The average ransom for businesses infected with Ransomware is $100,000.

➢ Analysis: The high cost of each data breach demonstrates the severity of the
consequences and the level of investment needed in cyber security. A high standard
deviation indicates large variation in costs, which may stem from the diversity of
attacks.
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
• 8. Big Data Security Threats: Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

➢ Data:

▪ Global ransomware costs were $21 billion, with 38% of US intrusions involving public
companies.
 ▪ Ransomware primarily affects public companies, especially SaaS.

➢ Analysis: The rise in ransomware costs and the particular impact on public and
SaaS companies requires effective and ongoing security measures.

• The conclusion is as follows: quantitative research data indicates that cyber security threats and
associated costs for businesses are high risk. Faced with challenges ranging from short time
between attacks to customer avoidance, businesses need a comprehensive cybersecurity
strategy. The diversity in the data suggests the complexity and variability of the attacks. To
protect information and maintain trust, businesses need to invest in alerting, containment, and
emergency recovery, along with ongoing upgrades to security measures.

3. Project recommendation

a. For non-technical audience:

• For this part I will propose a project for non-technical listeners.

• First is about Overview:

➢ This project highlights the issue of cybersecurity risks related to large data
storage systems. For non-technical people, the project introduces the
problem in a simple way and provides an effective solution for protecting
important data.

• Next is the problem in the project:

➢ Big data storage systems are important milestones in every field, but are
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
also prime targets for hackers and security attackers. Personal data and
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

important information can be stolen, threatening cybersecurity and causing

serious consequences for individuals and businesses.

• The goals of the project will be:

➢ Cyber Security Risk Analysis:

 ✓ Description: Introduction to large data storage systems and its role.

✓ Risk Assessment: Assess the cybersecurity risks common to this system.

➢ Security Solution:

✓ Risk Analysis: Presents effective solutions to protect big data.

✓ Implementation and Deployment: Proposing solutions to implement and deploy

solutions.

➢ Research and Proposal:

✓ Attack Methodology Research: Research on new and potential security attack

methods.

✓ Propose Strategic Changes: Propose strategic changes to face these challenges.

➢ Future and Expansion:

✓ Predict Future Trends: Predict future trends in cybersecurity and big data
storage systems.

✓ Scaling Solutions: Propose solutions to maintain security when the system

expands.

• Details of the project will be:

➢ Cyber Security Risk Analysis:

Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

✓ Description of Big Downloaded
Data Storage System: (hoaibtbh01141@fpt.edu.vn)
by: bui-thi-hoai-btec-hn

✓ Introducing the importance of large data storage systems in all fields.

➢ Risk assessment:

✓ Identify common risks such as data loss, cyber attacks and misuse of personal
information.
➢ Security Solution:

✓ Risk Analysis and Solutions:

✓ Recommend solutions such as data encryption, access control, and continuous

monitoring.

➢ Implementation and Deployment:

✓ Instructions on how to deploy the solution, including the

implementation process and testing for effectiveness.

➢ Research and Proposal:

✓ Researching Attack Methods:

✓ Consider new attack methods such as zero-day attacks and social engineering.

✓ Proposed Strategy Change:

✓ Propose updates to security strategies to deal with new attack methods.

➢ Future and Expansion:

✓ Predicting Future Trends:

✓ Anticipate new trends such as the rise of AI in cyberattacks.

✓ Extended Solution

✓ Suggest ways to expand the system while still maintaining high security.
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

➢ Next is the Expected Benefits:

✓ Deep understanding of cybersecurity risks associated with big data.

✓ Apply effective solutions to protect personal and business data.

✓ Face cybersecurity challenges confidently and securely.

 ➢ Finally, the Conclusion:

✓ This project provides an overview of cybersecurity in large data

storage systems, helping audiences understand the problem and
apply solutions to maintain the security of important information.
b. For technical audience:

• For this part I will propose a project for listeners who are technical people

• First about Overview:

➢ This project is aimed at technical experts with the goal of improving

cybersecurity for large data storage systems. The mission is to deliver superior
technical solutions to prevent potential cybersecurity threats and protect critical
information.

• Next is the problem:

➢ Big data storage systems are facing increasingly complex cybersecurity

challenges, including zero-day attacks, advanced persistent threats (APT),
and new attack techniques that are constantly emerging.

• For project objectives will be:

➢ Cyber Security Risk Analysis:

✓ Infrastructure Check:

✓ Check for weaknesses

Document shared in
on the system infrastructure.
https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

✓ Analysis of Attack Techniques:

✓ Research and analyze new attack techniques.

➢ Security Solution:
 ✓ Data encrypt:

✓ Build and deploy a strong data encryption system.

✓ Decentralized Management:

✓ Optimize access control and authorization management processes.

➢ Research and Recommendations:

✓ Solution Performance Evaluation:

✓ Evaluate the performance of newly deployed security solutions.

✓ Suggestions for improvement:

✓ Recommend improvements based on feedback and performance evaluation

results.

➢ Future and Expansion:

✓ Predicting Future Trends:

✓ Predict cyber attack trends and adjust cyber security strategy.

✓ Building an Expansion System:

✓ Develop scalable systems capable of combating new threats.

• Next is the Project Details:

Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
➢ Cyber Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

Security Risk
Analysis:

✓ Infrastructure
Check:
 ✓ Test each component in your infrastructure to identify weaknesses that can be
exploited.

✓ Analysis of Attack Techniques:

✓ Research new attack techniques and classify them according to danger level.

➢ Security Solution:

✓ Data encrypt:

✓ Deploy a strong data encryption solution with the most advanced algorithms.

✓ Decentralized Management:

✓ Build a flexible and effective decentralized system.

➢ Research and Recommendations:

✓ Solution Performance Evaluation:

✓ Use performance assessment tools to ensure the solution is robust and efficient.

✓ Suggestions for improvement:

✓ Based on the evaluation results, propose improvements to improve performance

and attack resistance.

➢ Future and Expansion:

✓ Predicting Future
DocumentTrends:
shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

✓ Predict attack trends and develop a flexible cybersecurity strategy.

✓ Building an Expansion System:

✓ Develop scalable systems to cope with the increasing complexity of the

cybersecurity environment.
 • Expected Benefits:

➢ Effective Solution:

✓ Provides effective and in-depth security solutions for large data storage systems.

➢ Enhance performance:

✓ Optimize system performance and minimize cybersecurity risks.

➢ Technology Leadership:

✓ Help technology and management leaders make decisions based on trusted

cybersecurity information.

• Finally, the conclusion:

➢ This project provides an overview of cybersecurity in large data storage
systems, helping a specific audience of industry professionals understand the
problem and apply solutions to maintain the security of their data. Important
Information.

IV. Present arguments for the planning decisions made when developing the project
plans (P7)

• The first is for the argument for project planning

• Title: cybersecurity risks related to big data systems

Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

The rapid advancement of big data hasDownloaded
revolutionized many different
by: bui-thi-hoai-btec-hn aspects of our lives,
(hoaibtbh01141@fpt.edu.vn)

bringing many benefits and growth opportunities, and almost in all fields have to use the system.
big data system to be able to work. However, it also poses cybersecurity risks. This essay
explores the project manager's role in addressing these concerns and presents a comprehensive
plan to mitigate and prevent cybersecurity risks associated with local big data system. By
applying effective risk assessment, research, and finding gaps in cybersecurity risks. However,
this transformation has unforeseen consequences, including an increase in cyber security risks.
network security vulnerabilities. As a project manager, I find myself at the forefront of an
endeavor that is challenging and difficult but in return will provide me with profound
experiences. This essay delves into the details of the project, highlighting the goals, key tasks,
risk management strategy, research methodology, and comprehensive plan for managing
cybersecurity risks.
Through effective project management processes and a dedicated team, we aim to provide practical
recommendations to promote activities to strengthen cyber security measures related to data systems.
safely grow locally.

• Project overview:

The project starts in September 2023, focusing on the main stages: conducting meetings
to be able to define project goals and develop mitigation plans as well as implementation
and monitoring. closed afterwards. The first stage lasts from September 1, 2023 to
September 15, 2024, including the development of meetings and identification of areas
of activity.
The next phase, from September 16, 2023 to September 30, 2023, includes conducting a
cybersecurity risk assessment related to local big data systems and security measures to reduce
minimize problems.

• Assess risks and develop mitigation plans:

During this Phase, our team embarked on a thorough risk assessment to identify cybersecurity
risks and their potential impact. We used a mixed methods approach, combining quantitative and
qualitative data collection methods. Primary data was collected through surveys and interviews
with digital transformation and cybersecurity experts, while secondary data was obtained from
reputable sources such as academic journals and reports from government. This approach allows
us to gather valuable insights Document
into the current
shared on cybersecurity landscape and potential
https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)
vulnerabilities. Following the risk assessment, we assessed the severity of each identified risk
and developed a comprehensive risk mitigation plan. This plan includes appropriate measures for
each risk, targeting technical, procedural and policy aspects. The plan emphasizes implementing
strict security measures, regular vulnerability assessments, and establishing protocols for incident
response and remediation.

• Implement and monitor risk mitigation plans:

Phase 2 includes implementing the risk mitigation plan and planning for risk mitigation
improvements. We have collected relevant information by interviewing and researching press
information. From there, we can analyze where the gaps are, and finally make plans to overcome
current risks. Throughout the project, we have identified the risks. have the ability to hinder
progress, and divide the severity of each risk to determine which is the most serious.
Additionally, we established a final report writing and presentation schedule to ensure timely
dissemination of our findings to stakeholders.

• Next is project planning assessment

• For this part, the project plan will include many different important components, have been thoroughly
evaluated and be well structured, comprehensive and consistent with the project goals. In this
detailed review, I will go deeper into the project plan including all the work that I did in the
above project. By applying research methods including quantitative data collection methods.
Quantitative and qualitative, we ensure a deep understanding of the current cybersecurity
landscape related to big data systems. Incorporating primary data obtained through surveys and
interviews with industry experts will enhance the reliability and validity of the findings. The
plan includes appropriate measures for each identified risk, covering a variety of aspects. This
multi-faceted approach ensures that mitigation measures can address many potential
vulnerabilities, thereby significantly improving the overall cybersecurity posture. Moving
forward Establishing a risk database dedicated risk, serving as a centralized repository to store
and track cybersecurity risks, facilitating systematic and organized monitoring and assessment.
By continuously monitoring and evaluating the measures implemented, our project underlines
our commitment to maintaining a strong and resilient cybersecurity framework.

• In summary, the project plan demonstrates high professionalism, strategic thinking and meticulous
attention to detail. Comprehensive risk assessment, appropriate risk mitigation plans, and
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

ongoing monitoring and evaluation. By following defined

Downloaded by: project(hoaibtbh01141@fpt.edu.vn)
bui-thi-hoai-btec-hn management processes
and leveraging our team's expertise, our projects are perfectly positioned to address the
environmental impact and cybersecurity risks associated with comprehensive, sustainable
and flexible digital transformation.
V. Discuss accuracy and reliability of the different research methods
applied (P8).

1. Overview of qualitative and quantitative research

Qualitative research:

Characteristic:

- Focuses on a deep understanding of the causes, relationships, and context of the problem.
- Use means such as interviews, observations, and content analysis.
- Great for capturing opinions, perspectives, and subjective insights.

Quantitative research:

Characteristic:

- Focus on measuring and analyzing numerical data to identify patterns and trends.
- Use means such as surveys, numerical experiments, and statistical analysis.
- Useful in measuring and comparing the influence of variables.

Advantages and disadvantages:

Qualitative research Advantage Defect

Suitable for Deep Understand Context and The Potential for Measurement
Understanding. Subjective Relationships. and Reconciliation Loss May
Be
Limited.
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

Focus on Opinions Providing Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)

Subjective Random Samples Are Not
and Perspectives. and Complex Representative of the Entire
Understanding. Population.
Use Flexible Means. Detect Unclear Elements. Difficulty in Rapid Synthesis
and
Analysis.
 Quantitative research Advantage Defect

Measurement and Results are easy to compare Important details in data may
Analysis of Digital and contrast. be missed.
Data.
Controlling Peripheral Enables Statistical Analysis. Potential Loss of Details
Variables. and Quality.
Accurate Calculation Easily Identify Data Difficulty in Understanding
and Fast Speed. Relationships Between Context and Subjective
Variables. Correlations.

Combining all two research methods in Assignment 1 helps provide a comprehensive

view of cybersecurity risks and large data storage, taking advantage of the advantages of
each method to minimize disadvantages and increase reliability. research reliability.

3. Advantages and disadvantages of the research method on assignment 1 (Observational

Research, Quantitative Analysis, Qualitative Analysis)

Research Methods Advantage Defect

Observational Study Observational Study Limited Interpretation Ability.

Suitable for Natural Events Depends greatly on the researcher's

observations.
Quantitative Analysis Measurement Data and Accuracy Limited Deep Understanding of
Problem.
Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/
Controlling Peripheral
Downloaded Variables.
by: bui-thi-hoai-btec-hn Risk of Loss of Details and Quality
(hoaibtbh01141@fpt.edu.vn)

Qualitative Analysis Deep Understanding of Opinion and Potential Loss of Measurement and
Context. Comparison.
Ability to Consensus. Random Samples Are
Representative of the Entire
Population.
 Summary:

Combination of All Three Methods:

The combination of observation, quantitative analysis, and qualitative in Assignment 1 provides

a multi-dimensional view of cybersecurity risks and big data storage.

Each method contributes a unique perspective, taking advantage of the advantages and
minimizing the disadvantages of each method.

In total, the use of all three methods increases the integrity and accuracy of the study.

VI. References:

Bhandari, P. (2023). What Is Qualitative research? Methods & Examples.

[online] Scribbr. Available at:
https://www.scribbr.com/methodology/qualitative-research/.

Document shared on https://www.docsity.com/en/unit-06-planning-a-computing-project/10871070/

Downloaded by: bui-thi-hoai-btec-hn (hoaibtbh01141@fpt.edu.vn)