Cyber Secruity Concept Risk Managment in a Swiss Small Enterprise

A swiss micro enterprise active in the technology sector must review their cyber security measures and adjust these measures where required. With a risk assessment their current vulnerabilities were evaluated and actions to mitigate the risks were recommended.

Villar, Victoria, 2019

Art der Arbeit Bachelor Thesis
Auftraggebende Digital Improvments
Betreuende Dozierende Schneider, Bettina
Keywords Information Security, Cybersecurity, Riskmanagment
Views: 11
With the impending growth in number of employees and potential for new contracts, the client company has become more aware of their cyber security processes. Therefore they require recommendations on the necessary measures to be undertaken.
With the means of an literature analysis the procedure was chosen. An As-Is analysis was conducted in the form of an interview, resulting in the derivation of the company’s assets. The interview questions were based on the MELANI Framework. By means of a workshop a risk analysis was done to determine the threats and vulnerabilities of the assets. As a next step the risks were assessed in regard to their likelihood of occurrence and impact on the company. Based on the results the most pressing risks were addressed and mitigations were defined.
This project resulted in more transparency in regard to the company’s cyber security measures. The three most pressing concerns were addressed which were the lack of a proper identity and access management processes, employee cyber security awareness and insufficient use of the companies password management tool. The client received three recommendations on how to mitigate these risks. The end product resulted in a User Manual for their Password Manager Keeper, security guidelines for the employees and recommendations for tools that ensure the automation of their access management process. By implementing these measures the company will further imbed cybersecurity into their company culture as well as automate processed thus saving time and effort however keeping a high level of cyber security.
Studiengang: Business Information Technology (Bachelor)
Vertraulichkeit: vertraulich
Art der Arbeit
Bachelor Thesis
Digital Improvments, Liestal
Autorinnen und Autoren
Villar, Victoria
Betreuende Dozierende
Schneider, Bettina
Sprache der Arbeit
Business Information Technology (Bachelor)
Standort Studiengang
Information Security, Cybersecurity, Riskmanagment