The requirements for the term project are set out below.
Your term project is the preparation and delivery of an individual case study.
The case study will involve the application of cybersecurity risk management principles to a recent breach incident, i.e. something which as occurred since January 1, 2025, and attempting to extract lessons learned and/or insights for improving one or more aspects of the discipline of cybersecurity. Finding an unusual or new type of breach will thus work to your advantage.
Your case study may also focus on a particular new kind of exploit, and providing a detailed analysis of how it works, and how its introduction affects cybersecurity risk management generally, or in a particular area.
Before you proceed with your term project, you must provide a proposal for my review, and obtain my approval to proceed. This is to optimize your success on this deliverable. For instance, I may place certain parameters/requirements around your case study to ensure the depth/scope is appropriate and not too broad, and is manageable for this course.
The proposed event which will be the subject of your case study.
A short summary of what you have learned about the incident so far.
Your methodology and "vision" for your case study and your sense of your anticipated insights or outcomes.
Please submit your proposal on or before February 27th.
Please review the class slides on how to analyze a breach for guidance on the various deliverable components
Your final submission should contain at least the following sections:
Include a concise abstract summarizing your main "thesis", your approach, findings, and conclusion(s).
Clearly contextualize the case study. Provide background information on when, where, and how the incident occurred, and what its immediate effects were. Identify what aspects you will study.
Conduct a thorough review of any relevant academic and other available information regarding the key aspects of the incident you will examine. For example, the history of the exploit used, the novelty of any strategies used by the perpetrators, etc.
Describe the methodology used in the case study, including data collection methods and tools, if any.
Discuss the findings or results of the case study.
Discuss the implications of your analysis or findings and how they provide insights for better cybersecurity risk management in the applicable breach scenario you have studied. Assess any new/novel risks and explore potential controls for these risks.
Summarize the key findings and their significance.
Suggest avenues for future research or improvements in cybersecurity risk management practices.
Provide a comprehensive list of all sources cited in the case study.
Your paper must be neatly written using any word processor or type setting tool (such as Latex). Convert your final paper into a PDF.
Use consistent section and subsection formatting. Use an 11 or 12 pt font. Use 1 inch margins.
Use footnotes where appropriate.
Include a bibliography and apply a consistent formatting approach (you can use IEEE-alphabetic). (Latex makes this very easy.)
Your case study should be at least 3,000 words in length.
Your case study will be graded on the following criteria:
Report structure and content quality: Have you followed a logical path in writing your report? Does your "story" have a beginning, a middle, and an end? Did you present a well-structured, sufficiently detailed, thorough, and readable analysis in pursuing the case study? Have you produced a report with a focused theme, question or issue and not just a factual summary? – 50%
Independent thinking, novelty, and thoroughness: Have you tackled a unique topic or incident? Did you demonstrate original thinking and/or a thoroughness in your approach to the case study? Have you demonstrated a sufficient amount of research around the critical cybersecurity aspects of your incident? – 30%
Effective writing: Have you followed proper style and grammar rules, have you conquered all typos, are your tenses consistent and compatible, etc.? – 10%
Aesthetics: Does your paper look nice? Are you using an attractive font? Have you used white space to your advantage? Is it well laid out? Have you used tables and illustrations effectively? Have you used headings correctly? - 10%
Have a look at these slide decks from James McClure of the UNB Writing Centre to help advance your work towards these outcomes:
Start working on this early. Apply consistent weekly effort.
Learn as much as you can about the technical aspects of your case study. Understand how the applicable technologies work.
Have others proofread your drafts and use their feedback.
Make your writing easy to read, use white space effectively, and add illustrations to help explain or illustrate concepts or ideas.
Add your personal thoughts and perspectives to the topic judiciously. Ensure your perspective is well developed, supported, and presented.
Ensure that your key factual or interpretive statements are supported and there are no unsubstantiated claims. Quotations, quoted information, data, or statistics are all properly sourced.
There are no exaggerated statements without any support.
All issues mentioned are addressed and covered.
Your conclusions follow from previous arguments.
You are not using any undefined terms.
The bibliography, citations, and footnotes are properly formatted, complete, consistent, and permit easy lookup of references. Don’t just cite a URL, but do add a URL if possible.
There are no missing, mismatching or inappropriate headings and section headings.There are no inappropriate mixtures of fonts.
There are no spelling mistakes, incomplete or run-on sentences, etc.