Threat Modeling
A new medium-sized health care facility just opened and you are hired as the CIO. The CEO is somewhat technical and has tasked you with creating a threat model. The CEO needs to decide from 3 selected models but needs your recommendation. Review this week’s readings, conduct your own research, then choose a model to recommend with proper justifications. Items to include (at a minimum) are:
- User authentication and credentials with third-party applications
- 3 common security risks with ratings: low, medium or high
- Justification of your threat model (why it was chosen over the other two: compare and contrast)
You will research several threat models as it applies to the health care industry, summarize three models and choose one as a recommendation to the CEO in a summary with a model using UML Diagrams (Do not copy and paste images from the Internet). In your research paper, be sure to discuss the security risks and assign a label of low, medium or high risks and the CEO will make the determination to accept the risks or mitigate them.
Your paper should meet the following requirements:
- Be approximately four to six pages in length, not including the required cover page and reference page.
- Follow APA 7 guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.
- Support your answers with the readings from the course and at least two scholarly journal articles to support your positions, claims, and observations, in addition to your textbook.
Course Textbook: Chapter 8
Cagnazzo, M., Hertlein, M., Holz, T., & Pohlmann, N. (2018). Threat Modeling for Mobile Health Systesm. ResearchGate. http://10.1109/WCNCW.2018.8369033
Ruiz, N., Bargal, S.A., & Sclaroff, S. (2020). Disrupting DeepFakes: Adversarial Attacks Against Conditional Image Translation Networks and Facial Manipulation Systems.
- Be clearly and well-written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing.