Project 3: Virtual Currency
Step 1: Examine the Terms Virtual and Digital Currency
The concepts of virtual currencyand digital currency can be difficult to comprehend. Since the financial industry is generally founded on physical assets, the thought of conducting business in a medium that cannot be carried in your pocket or put in a safe is unnerving. The underlying concerns are the standards by which the currency is measured.
Consider the characteristics of virtual currency and digital currency, and how they compare to one another. Additionally, think about these in regard to the context of virtualization and cloud computing. Remember that you must include technical content within your final report, but it is also important to be prepared to provide less technical explanations to decision makers, especially in the executive summary, conclusion, and the recommendations you provide. Once you are comfortable with these terms, consider these and their relationship to one another throughout the project and proceed to the next step, in which you will research virtual currency.
Links:
https://leocontent.umgc.edu/content/scor/uncurated/cmp/2218-cmp640/learning-topic-list/virtual-currency.html?ou=916071
https://leocontent.umgc.edu/content/scor/uncurated/cmp/2218-cmp640/learning-topic-list/digital-currency.html?ou=916071
https://leocontent.umgc.edu/content/scor/uncurated/cmp/2218-cmp640/learning-topic-list/cloud-computing.html?ou=916071
———————————————————————
Project 3: Virtual Currency
Step 2: Conduct Competitive Research of Virtual Currency
Even though Bitcoin is the best-known brand in the category, your interest in any virtual currency is being driven by the encryption method and if it is applicable to the institution’s cybersecurity policy requirements.
Develop a spreadsheet that will be used to gather your research. In the first column, list Bitcoin and other virtual currency options available, if any. In column 2, list the corresponding encryption method for that specific virtual currency. In column 3, assess what characteristics or cybersecurity technologies used by that virtual currency that makes it unique.
Proceed to the next step, in which you will take a look at virtualization and cloud computing, specifically the policy constraints of those elements.
Links:
https://leocontent.umgc.edu/content/scor/uncurated/cmp/2218-cmp640/learning-topic-list/encryption.html?ou=916071
———————————————————————
Project 3: Virtual Currency
Step 3: Identify Policy Constraints on Virtualization and Cloud Computing
You assessed cybersecurity technologies during your competitive research of virtual currency in the previous step. Now, take these technological elements and consider the policies that include aspects of virtualization and cloud computing. Consider the cybersecurity policies and constraints that affect these specific elements.
Make a fourth column in the spreadsheet for policy constraints and document the findings. Once this is completed, proceed to the next step, in which you will compile those findings.
———————————————————————
Project 3: Virtual Currency
Step 4: Summarize Virtual Currency Findings
In the previous step, you identified the technological elements of virtualization and cloud computing, and now it’s time to fully assess the inherent policy issues and challenges of these cybersecurity technologies. Discuss core concepts and developments in cryptography and cryptanalysis for the benefit of your financial audience from a cyber perspective and the financial implications of virtual currency. Also, consider information assurance needs for the business.
Provide a two- to three-page summary of the findings thus far and an overall assessment of virtual currencies, the encryption technology, and the subsequent policy issues that might arise.
Submit the Virtual Currency Overview, along with the spreadsheet of the recorded findings as an addendum for feedback, and proceed to the next step.
Links:
https://leocontent.umgc.edu/content/scor/uncurated/cmp/2218-cmp640/learning-topic-list/cryptanalysis.html?ou=916071
https://leocontent.umgc.edu/content/scor/uncurated/cmp/2218-cmp640/learning-topic-list/financial-implications-of-virtual-currency.html?ou=916071
———————————————————————
Project 3: Virtual Currency
Step 5: Assess Bitcoin Encryption (Blockchain) and Technological Capabilities
Bitcoin has become a successful globally appropriated form of virtual currency and digital currency (cryptocurrency) through its accomplished technology and practices. By many, it is still considered an emerging technology in the realm of cybersecurity.
Within the first few steps, you reviewed virtual currency and gained an overview of cybersecurity methods such as encryption methods and other technology traits associated with various virtual currencies. In the next few steps, you will investigate the cross-cutting effects in Bitcoin’s use of blockchain technology and perform an external Bitcoin and Blockchain Technology Audit for your company. You will scrutinize policy, budget, and technological capabilities (where they exist) to address cyberthreats, as well as how these effects are managed at the enterprise, national, and international levels. Feel free to pull items from your findings thus far to frame this assignment.
In this step, develop a record-keeping system specifically for blockchain. This can be in the form of a table, spreadsheet, or other format. Keep in mind that this will be submitted as an addendum to the final project, so it should be organized and easily understood by the instructor.
Determine variances from a cybersecurity perspective, consider Bitcoin’s encryption method, and other technological capabilities at the enterprise, national, and international level. Include other virtual currency technologies and reasons why they might have a better impact in these areas.
In the next step, you will determine any policy limitations of the use of blockchain technology.
Links:
https://leocontent.umgc.edu/content/scor/uncurated/cmp/2218-cmp640/learning-topic-list/blockchain-technology.html?ou=916071
———————————————————————
Project 3: Virtual Currency
Step 6: Determine Policy Limitations of Blockchain and Similar Technologies
As CISO, you direct the focus of the research into blockchain as the underlying encryption technology to the dominant virtual currency—Bitcoin. As you have learned, emerging alternatives tend to have a disruptive effect on current technology. Blockchain and other options would be expected to have similar results.
In this step, continue the comprehensive review of blockchain and related technologies regarding policy impacts. Review limitations which might be imposed or might involve other business affairs in the company’s cybersecurity arsenal. This should also include the perspective at the enterprise, national, and international levels.
Next, you will consider budget and resources for blockchain.
———————————————————————
Project 3: Virtual Currency
Step 7: Assess Blockchain Technology Budget and Resource Trade-Offs
In the last two steps, you have considered policy and technology capability impacts of blockchain and related technologies viewed from enterprise, national, and international levels. As you probably have found or predicted, budget and resource trade-offs now need to be acknowledged and will be the final piece of your External Bitcoin and Blockchain Technology Audit. This should also recognize and accommodate potential enterprise, national, and international constraints.
Provide a three- to five-page External Bitcoin and Blockchain Technology Audit. Incorporate what you have identified during your cross-functional analysis of blockchain and digital-currency technology alternatives in regards to technological capabilities, policy, and budget trade-offs relative to enterprise, national, and international restrictions. This should be directed to senior leaders about the pros and cons, the options, and the alternatives that would facilitate their strategic decision making in defense of cyberthreats.
Submit the External Bitcoin and Blockchain Technology Audit along with the recorded findings document as an addendum for feedback.
———————————————————————
Project 3: Virtual Currency
Step 8: Analyze the Risk Implications of Virtual Currency
Based on what you have learned about risk management, dust off your competitive research spreadsheet, add a final column, and address the cybersecurity risk in each alternative and how to manage it. Address the application of virtual currency and encryption to other aspects of the institution’s cybersecurity. Where do they fit?
Virtual currency could expand the attack vectors of cyber criminals. Include information on this expansion of cyberattack technologies.
Summarize the risk implications that were found during your research in a one-page summary for the category of risk from your research. The next step will focus on managing the potential risks.
———————————————————————
Project 3: Virtual Currency
Step 9: Classify Technical and Policy Risks
As you better define the information to be delivered in the final report, the Virtual Currency Applicability Report, you recognize the need to distinguish between the technology and policy issues that are involved. As an update to your ongoing analysis, categorize the risk as technical or policy.
The classification is based on risk, not the solution. In other words, you might have documented what appears to be a technical condition or change that actually triggers a policy risk. As such, for the purpose of this reporting, it would be classified on the policy risk side of the ledger.
Record the findings and proceed to the next step, in which you will come up with a strategy to mitigate risk.
———————————————————————
Project 3: Virtual Currency
Step 10: Develop a Virtual Currency Risk Mitigation Strategy
Now that you have categorized the risks, it’s time to consider risk management for virtual currency. Begin the process of addressing those risks from a strategic response perspective. What direction will be taken in the event of one or more of the identified risks occurring?
This brief, two- to three-page report is an integral part of the Virtual Currency Applicability Report. It is not intended as a play-by-play procedures manual in the event of a breach. It is intended, as is the final report, as an overview of a strategic response should risk mitigation be required.
Submit the Virtual Currency Risk Mitigation Strategy for approval and proceed to the final series of steps to complete the Virtual Currency Applicability Report.
———————————————————————
Project 3: Virtual Currency
Step 11: Compose Formal Presentation Elements
The next two steps will prepare you for the final submission of the Digital Currency Applicability Report. By now, you should have received feedback from the first three assignments.
To present this as a formal document to stakeholders, additional elements should be present in the final Virtual Currency Applicability Report. The table of contents should easily reflect both the submitted work and supplemental materials.
You should also provide an executive overview to set the stage and address concerns expressed and implied by the assignment. This will provide senior leadership streamlined information that you have found during the cybersecurity review of virtual currency and related concerns. This should include future opportunities and risks.
Finally, an abridged conclusion should be prepared for the mitigation.
It is now time to move to production of the final Virtual Currency Applicability Report.
———————————————————————
Project 3: Virtual Currency
Step 12: Construct the Virtual Currency Applicability Report and Recommendations
The final assignment for the project is the Virtual Currency Applicability Report. The completed report should be 12 to 15 pages.
Organize the report with a table of contents, executive overview, and conclusion. Also include the three assignments for this project and other supplementary materials as addendums.
Finally, provide recommendations on other issues that may have yet to be addressed. As the CISO, the primary issue and area of expertise is cybersecurity. Senior leadership is likely going to want answers to several questions, such as:
Can we use an encryption technology without virtual currency?
Has a cost-benefit analysis been conducted?
What would be the impact on our customers?
As you can see, the concerns are not simply technical. The decision includes financial and policy questions that must be addressed. The presentation should provide a strategic approach to addressing these concerns based on the research and CIO feedback.
