From: gxo120830@utdallas.edu Sent: Monday November 11, 2013 To: Chelsea Pope, Director Cc: <txd123230@utdallas.edu>; <axs131831@utdallas.edu> Subject: Proposal
Dear Ms. Pope:
Farah Trevor Gabrielle (FTG) Cyber Security System Solutions is pleased to provide our proposal to The Cyber Security Initiative. Our company recently became aware of the Dallas City of Commerces community service initiative to promote cyber security in the Dallas Forth Worth metroplex. We believe the enclosed information sets FTG apart in our ability to be the best resource for the Cyber Security System. We intend to be the leader in developing a community action plan to provide Dallas business leaders, school systems, and citizens with the highest level of cyber security.
As you may know, FTG Cyber Security System Solutions is a national consulting firm. We have officers throughout the U.S., but call Texas our home. FTG is based in Plano and we have several offices in the metroplex. Strategically, we plan to increase our presence in the DFW metroplex by giving back to our community through public education on the seriousness of cyber security.
We look forward to assisting you with this due diligence process and would be pleased to discuss our capabilities further. Funding for this initiative is very important to our firm and we look forward to the opportunity of partnering with you on this important matter. If there is any need for additional information, please contact me at 972-823-1111.
Best Regards,
Gabriel Okoye Software Manager and Public Director FTG Cyber Security System Solutions
4 Executive Summary FTG Cyber Security Solutions
Mission: Our mission is simple: we strive to make technology a tool to facilitate daily operations rather than a tool that hinders daily operations. We hope to make our consulting strategies as advantageous as possible for our customers while keeping them ethical. Business Description: FTG has a multitude of locations across the United States. While we are based across the United States, our headquarters are located in the Dallas Forth Worth metroplex. Company Background: FTG has roots in the Dallas Forth metroplex. In fact, three of the founding members attained their undergraduate degree at the University of Texas at Dallas. Due to networking at the university, the founding members were able to establish a foothold in the IT market in the Dallas Forth Worth metroplex. Products/Services: We offer numerous security-related services. Anywhere from physical security options to command and control centers. We make personalized security measures for our clients. FTG is known for engineering and executing projects valued at over $4,000,000 as well as using 3,100 devices per project. Markets: Our products appeal to small business owners, youth and school systems, as well as the everyday American citizens. Solution Management: Panel of cyber security specialists Panel of victims affected by cyber attacks Marketing Team Industry: We specialize in numerous areas of IT consultation. However, for this particular project, our scope will be primarily focused on computer security and informing the public on particular cyber-related risks. Number of Employees: We have five employees on our expert team. Financing Sought: We are seeking $237,340 in funds to proceed with the project. Use of Funds: Website creation, mailing, flyers, podcast development, local billboards., advertising.
FTG Cyber Security System Solutions
5 Introduction: Advances in technology are exploding word wide. We live in unique time where technology is rapidly changing to meet high demand. We seamlessly use technology to supplement our daily activities. Families and friends, no matter the distance, are able to communicate like if they are in the same room, online financial markets have provided new sources of revenue for millions of people worldwide. Although technology has proven to benefit most aspects of our everyday life with better communication, instantaneous information, and more efficient ways of doing business, technology has opened the door for new problems that could prove catastrophic. What would happen if the stock market was hacked and shut down for a day? How would investors react to the uncertainty? What would happen if our utility companies were infected with viruses? How would this affect everyday business and infrastructure? As different technologies multiply and its uses evolve, it is necessary that people are kept informed and up to date with its inner and outer workings. With every exciting new technology come various vulnerabilities. People are creative and are constantly discovering new methods of fraud to steal money and hurt our economy. In order to ensure that people stay up to date with technology and are able to protect themselves from different methods of cyber-attacks, we need to start educating on computer safety at a younger age to ensure that both small businesses and your average citizen are aware of the potential dangers they face. Today, we rely more on the internet and computers than any other time in history. Our long-term economic growth, personal safety, and national security all rely on the pliability of our cyber networks (Department of Homeland Security). There are more connected devices over computer networks than the total population. According to Ciscos 2011 International Business Study Group (IBSG), the number of devices per person is more than doubling every five-years (Davis, 2011). This rate is alarming because the internet is still in its early stages and hasnt reached its full potential. As the rate of devices per person increases so does the threat of online and computer based attacks.
Government agencies, business enterprises, personal computers, and the education system are all targets of malicious computer programs, or malware. Malware is defined as FTG Cyber Security System Solutions
6 software intended to damage, disrupt, or control a computer. With the increase of importance with computer networks worldwide, however it has proved to be fragile. To many the risks have been painfully obvious but to the others, whom arent very familiar with computer related threats, prove just the opposite. We have witnessed our personal information being identified and often times violated by unknown people, our competitive advantage in economic vitality and intellectual secrets being stolen by other countries, and small businesses being the number one target for fraudulent attacks. In order to better combat online terrorism the best way to fight against it is by educating our children early on and consistently informing the public. First, our children need to be given the proper tools so when they grow older they will be able to stay safe in the online realm. People need to understand that our children are the future. Parents need to ensure that their children are properly being taught the basics of how to stay safe online and the technologies of tomorrow. School systems have to do a better job of incorporating cyber-security curriculum so our children receive a reliable computer-based background. Cyber- security needs to be a basic life necessity, our children need to have a grasp of how to avoid phishing, malware, computer viruses, and understand the basics of keeping their information guarded by passwords (Gal, Kantor, Lesk, 2009). The children of tomorrow are important because the future will be much different than what it is today. According to the World Economic Forum, they recently observed, more than 70 percent of the worlds citizens live in societies that have just begun their digitization journey (World Economic Forum). Although the United States has been online for almost twenty years the rest of the world is just getting started. As more people are operating online, the greater the risk of people being able to find imperfect technologies, and manipulate malicious software. Another sector of society where technology is rapidly expanding its uses would be the domain of small businesses. Small businesses use technology for wide variety of reasons, which may be for daily operations, monthly staff meetings, or to store intellectual property. Small businesses are imperative to the survival of the economy due to the fact that they employ the majority of workers in the labor force. In fact, according to the Dallas Fort Worth Chamber of Commerce 97% of Establishments in the DFW Region Have Fewer Than 100 Employees (DFW Chamber of Commerce, 2010), this means that only 3% of workers in the labor force are employed by businesses with 500 or more employees. This being said, big businesses often times have more resources to guard against online attackers but small businesses are equipped with fewer resources. According to Protecting Small Businesses against Emerging and Complex Cyber- Attacks by the House Committee on Small Business, These attacks can be catastrophic, leaving many small businesses unable to recover. A recent report shows that nearly 60 percent of small businesses will close within six months of a cyber-attack. The recent string of cyber- attacks on high profile companies is a stark reminder of the current threat, and although small businesses do not make the headlines regularly. Small businesses generally have fewer resources available to monitor and combat cyber threats, making them easy targets for expert cyber- FTG Cyber Security System Solutions
7 criminals. In addition, many of these firms have a false sense of security, and believe they are immune from possible cyber-attacks77 percent of small firms believe they are safe from a cyber-attack, even though 87 percent of those firms do not have a written security policy in place (Salley, Sass, Pineles & Day, 2013, p.2). Another report given by the National Counter Intelligence Executive estimates a loss of several billion dollars a year due to cyber espionage on businesses throughout the United States (NCIX, 2011). Another major area of society where technology is rapidly changing our course would be in our personal lives with our at home networks. Today, most people use technology to complement activities in their daily activities. Whether the at-home-user enjoys using email and instant-messaging for communication, or social networks for information throughout their social circles, basic online activities are some of the most dangerous in the cyber-sphere. Many people know that the dangers of cybercrime exist within big entities, yet fail to comprehend what is going on inside their at home network. Crimes to personal computers can range from identity theft, harassment, peer pressure, target for spam, phishing, and malware. Cyber-criminals have started using social media websites as a method of carrying out real crimes. A survey of 2,000 home-owners stated that 35 percent of the social media users posted their vacation plans online. Even with modifications such as setting your profile on private, intelligent hackers can still access your private information. Adding to these reasons, the money associated with the malware market is also a motivation for criminals to attack using social media (Cyberoam, 2013).
Background: Cyber-Security is a current issue that we see affecting many sectors in everyday life. The problem is many people are unaware and uneducated on the topic and the consequences can be devastating. Since the invention of the computer and Internet, people have sought to penetrate these systems for economic gain and ultimately to cheat others for their work. In the past few years, there has been a dramatic increase in the amount of online cyber-attacks on government agencies, small businesses, and personal computers. In fact, The Wall Street Journal states, about 72% of the 855 data breaches world-wide involves companies of less than 100 or fewer employees (Wall Street Journal, 2012). In recent years, Cybercrime has inflicted our society. According to Nir Ksheteri, in The Global Cybercrime Industry, a cybercrime is defined as a criminal activity in which computers or computer networks are the principle means of committing an offense or violating laws, rules, or regulations (Ksheteri, 2010). Lately, businesses have been penetrated by foreign entities and competitors to reveal business secrets and trade information, while normal citizens have been targets of fraudulent scams, malware and viruses. In our technology driven culture and the introduction to various new Internet reliant systems there are more vulnerabilities than ever before. For example, in 2011, Citi Groups credit card customer database was hacked and 3,400 accounts were breached, causing a $3 million dollar loss (CNN, 2011). When Citi group got hacked, they not only lost sensitive customer information but also the confidence of banking FTG Cyber Security System Solutions
8 customers worldwide. In todays competitive marketplace keeping the trust of the consumer is the number one priority. Although Citi Group is one of the worlds largest banking and lending institutions, they have the most technologically advanced security features and all the resources available to protect against cybercrime. If this is happening to big businesses what can be said about the small ones that dont have the capital to protect against these threats? We have seen education systems and business enterprises making the switch to cloud computing for storage, governments relying on smart power operating systems, and our utility companies and other services relating to our energy and water supply are switching to automated machines. Although much of the new technology is helping to cause better efficiency, they create more problems then before. Recently, an Illinois water distribution plant was hacked by foreign hackers. These hackers were able to get inside the master account, with the ability to turn the pumps on and off. How much damage can water cause? Its more of matter of fact. Most of the same software that is used to power nuclear power plants, factories, and oilrigs is the same operated in this Illinois Water Plant (ABS CNS, 2011). With the ever-evolving role computers are coming to play in our society, not enough is being done to keep up with the trend. People of all ages need to be better aware of the effects cyber-related crimes can have on our society. Without the proper knowledge on the subject we all risk being effected in one way or another. As local residents of the DFW area we are taking matters into our own hands. We realize that the government is having a difficult time writing legislation to include cyber-criminals without effecting ethical business practices. People in the past have often times relied on the government to help protect them from serious threats but recently Governments all over the world have failed to work together to help curb global cyber- attacks. Even with government help, its impossible to stop this issue when the Internet has no boundaries. People need to know that the lack of defining cyber-security globally will never make them fully safe and the best method to protect against online penetration is prevention awareness (Littlejohn Shinder & Cross, 2008). To ensure the safety of our families and generations to come, we believe the resolution begins with information. Businesses, schools, and people generally need to be better educated about cyber-related issues and the risks we face. Without the proper knowledge on the subject and security tactics in place, nobody can expect to be exempt from the dangers we face.
Proposal: In order to increase the awareness of the severity of cyber-attacks as well as the necessity of cyber security FTG will promote National Cyber Security Awareness Month. We understand that this is already a national program. However, we plan to open a Dallas Forth Worth branch of the National Cyber Security Alliance. By doing so, we will begin educating the youth, small businesses, as well as other constituents of the Dallas Forth Worth metroplex on how to better combat this threat. With the establishment of our awareness program, we hope to empower FTG Cyber Security System Solutions
9 Dallas Forth Worth residents to no longer operate the Internet out of fear for the unknown but rather the confidence of what to look out for. The first thing we plan to do is establish a website that will serve as our centerpiece to informing Dallas residents, small business members, and students on how to stay safe online. Included in our website will be podcasts, informational videos, and a glossary of computer related terms. Every week, we will team up with various technological leaders in the Dallas area to deliver an informational talk session regarding current topics in the cyber-world and keep our followers up to date with trends locally and nationally. Next, we will post videos on our website ranging from general tips on ways to protect yourself at work, in video games, and at home. The videos will serve to educate on the basic fundamentals of using computers safely and various methods to combat current frauds and schemes. Our goal is to target three main groups through our National Cyber Security Initiative: 1. Local schools 2. Small businesses 3. Local residents. For the webpage, we will create a simple layout that is easily accessible for all ages. We will give each category its own drop down menu and under each menu will be the topics we want our followers to know. We understand that cyber-security is a pressing issue and everyone can learn something. For each category the methods by which we will reach our audience will differ slightly, however, each participant will understand the importance of this subject and better be able to protect themselves from cyber-threats. For the three groups above we will break it down by category and specifically explain what we plan to do other than our webpage to help combat the issue. For local schools in the Dallas area, we plan on targeting k-12 education. We will speak at school assemblies and depending on the age group we will determine the topics to focus on. For k-2 nd grade, we will reinforce that they should only be online when a parent/guardian is present, to not share personal information with strangers, and follow the rules their parents have set. 3 rd -5 th grade we will reiterate that they should never share personal information including- name, address, phone number, birth date etc. and stress the importance of talking openly with their guardian about things that occur online. Most of our school presentations will take the form of grades 6-12 because they have more experience using computers. During these presentations we will elaborate on the dangers of social media and what is/isnt proper to share online, cyber- bullying, and we will introduce various security measures they can take to help combat malware, spam, and other viruses. We strongly believe the knowledge gained on how to fight against online fraud and scams will put these children ahead of the game and give them tools to use in case of a cyber-emergency. Next, we will focus on local small businesses by organizing and presenting seminars to further educate these men and women on the damage cyber-security could do to their business and the things they can do to prevent it from happening to their business. We plan to mail flyers FTG Cyber Security System Solutions
10 to 30,000 small businesses in the Dallas area and placing a radio advertisement on the radio to further increase awareness of our upcoming seminar dates. During our seminar, we will host a Panel of Victims of major cyber-attacks and two Cyber Security Specialists. The Cyber-Security Specialists will discuss current legislation relating to cyber-security and inform these small business members about what Washington is doing to combat the risks. We will discuss the biggest trends in what hackers and computer criminals are doing and how they are doing it by giving previous examples of notorious companies that were breached. Our Panel of Victims will be composed of small business owners whom have been affected by different forms of cyber- attacks. We invited this panel to make sure the people that attend would get an emotional appeal. The best way to inform a group of people who dont believe they are at risk is to show them people just like themselves who failed to act proactively. Lastly, to target local citizens, we will advertise on billboards across the Dallas metro area. By placing our ads in high traffic volume areas, we will strive to create a sense among the people to want to learn more about the subject. Our goal is to get people talking about the subject and understand the facts. The more people know, the more that can be done to help. Our advertisements will consist of startling facts about cyber crime and will relate back to our webpage for more information. Also, we will encourage local media to spread our message. We will place ads in The Dallas Morning News and The Dallas Observer. Similarly, to how interest groups in the past have posted about check fraud and identity fraud, we plan on exposing cyber- security. The more thats done to advertise on this subject will allow for a greater debate among leaders and help promote a permanent solution. To reach the general public, we will provide information via word-of-mouth. Our top two priorities are to make sure the youth and small businesses become aware of the threats facing them today and encourage people to learn the basic requirements of safety.
Budget: The budget needed chosen to implement this project fits well with FTG Cyber Solutions, our sponsor. Modern technology is making information easier to store and convenient for people to access. A majority of our expenses will come from methods of targeting people outside the online sector. Considering we are a software firm, we have access to a lot of the tools and materials to promote ourselves online, but advertising off-line will require us to higher a marketing team that will allow us to reach appropriate audiences. In order to put this plan into motion we have estimated it will cost $237,340 for one fiscal year. We have simplified the usage of funds in order to make sure money is distributed on time and kept within the parameters we have set. Items that have been implemented in our budget are cost effective and are aimed at maximizing total program awareness among local Dallas residents. The marketing team will consist of 3 members and require a salary of $35,000 per year. This salary will be based on 5 days a week, eight hours a day work-week. To start up our webpage, we already possess the FTG Cyber Security System Solutions
11 resources necessary to build it. $500 will be used to secure our domain name and online contract for a 5-year agreement. Since our webpage will serve as one of the most important pieces to relay information to our audience we have allocated $50 a month in servicing fees to account for changes such as new features, uploads, and upgrades to operating systems. To correctly implement a podcast feature on our webpage that will allow for the creation of new high quality podcasts will cost $300. This will make sure we are licensed to use the program for two years. We have also included $60 a month for podcast servicing. Much of the cost allocated will remain the responsibility of the marketing team to properly reach our audience. Set aside is $5,000 for two thirty second advertisements on the radio, $20,000 for 10 billboards held for one month at a time, and $15,000 for the printing of 30,000 color flyers with a cost of $30,000 for each flyer to be mailed via USPS First Class Priority Mail. Next, to pay for the Cyber Security Specialists, we will pay two specialist a salary of $20,000. This number will be based on two days of work a week (part-time position). Our Panel of Victims will consist of five people valued at $5,000 for the entire year. (See budget on the following page).
2014 Projected Costs
Item
Cost Web Startup $500 Web Recurring (12 months) $300 Podcast Startup $300 Podcast Recurring (12 months) $240 Radio Advertising (2) $5,000 Billboard Advertisement (10) $20,000 Flyers (30,000) $15,000 Mailing (30,000) $30,000 Cyber Security Specialists (2-$20,000 per year) $40,000 Panel of Victims affected by Cyber Attacks (5) $25,000 Marketing Team (3-$35,000 per year) $105,000
Total amount projected for 2014 $237,340
FTG Cyber Security System Solutions
12 Staffing: For our expert team we have chosen to enlist the help of cyber security specialists, a panel of victims affected by cyber-attacks, and marketing team. Our panel of cyber security specialists will need to be well qualified and meet certain criteria in order to be considered. The cyber security specialists that we chose to enlist are from our own company and have been trained to meet our specifications for this project. They are necessary to show exactly how the cybercrime takes place with their expertise. As odd as it may sound, we hired a panel of victims that were affected by cyber-attacks. This adds clout to the seriousness of our goal to help the community with this issue we are hiring people that were directly affected to help give the presentations. People will take the threat of cyber-attacks more seriously if they hear it from the horses mouth themselves so to speak. Without having a human interaction throughout our awareness program, people will not take us seriously and probably will not take anything away from our program. Last but not least we chose to enlist the help of a marketing team. This team is essential in the planning as well as the delivery of the product. This team is overly qualified having being trained at one of the best business schools in the state of Texas. Because the members of this group have local roots they will be able to better advertise the product thus bringing a higher turnout for our awareness program.
Conclusion: Technology is rapidly changing our lives and expanding its uses to meet high demand. Although technology has changed our life for the good, technology has opened the door for cyber-crime. Cybercrime can be malware, viruses, and other fraudulent scams; or cyber-crime can consist of breaching computer networks for economic, intellectual, and personal gain. Either way, cyber-crime is a pressing issue that may not have an exact answer. Instead, of covering up an issue and allowing people to think they are operating a safe internet, FTG Solutions and The Cyber Initiative want to give small businesses, education systems, and normal constituents the tools they need to operate online with confidence. We want to provide the people who run our economy the resources necessary for consistent economic growth and job security. Small businesses dont always have the resources or the knowledge to protect against such attacks nor do they realize that one attack could cost thousands. By securing funds requested for this project, we will maximize the amount of people we are able to reach and aid in stabilizing an economy that could catastrophically be impacted with increased number of cyber-attacks. By introducing the public, businesses, and youth to various cybercrimes and establishing National Cyber- Security Awareness Month, we are contributing to making Dallas a safer place to live, work, and operate online. Cyber-crime wont stop overnight, but we want to invest in our people to help make our world safer than it was before.
FTG Cyber Security System Solutions
13 References Conner, C. (2013, September 14). Are you prepared? record number of cyber attacks target small business. Retrieved from http://www.forbes.com/sites/cherylsnappconner/2013/09/14/are-you-prepared-71-of- cyber-attacks-hit-small-business/ Cyberoam. (2013, March 18). Why social networking sites are a favourite with cyber criminals today! - see more at: http://www.cyberoam.com/blog/why-social-networking-sites-are-a- favourite-with-cyber-criminals-today/ Department of Homeland Security. (n.d.). Cybersecurity overveiw. Retrieved from http://dhs.gov/cybersecurity-overview. Evans, D. (2011). The internet of things: how the next evolution of the internet is changing everything .Cisco, Retrieved from http://www.cisco.com/web/about/ac79/docs/innov/IoT_IBSG_0411FINAL.pdf France-Presse, A. (2011, November 19). Foreign cyber attack hits us infrastructure: expert. Cisco. Retrieved from http://www.abs-cbnnews.com/global- filipino/world/11/19/11/foreign-cyber-attack-hits-us-infrastructure-expert Kshetri, N. (2010). The global cybercrime industry: economic, institutional, and strategic perspectives. Greensboro, NC: Springer. Retrieved from http://books.google.com/books?id=dIixW8q1J58C&pg=PA3&dq=definition of cybercrime&hl=en&sa=X&ei=_FCYUp_yOeL92QXf1oCgAg&ved=0CEgQ6AEwAA. Littlejohn, Shinder, D., & Cross, M. (2008). Scene of the cybercrime. (2 nd ed.,pp 9-11). Burlington, MA: Syngress Publishing, Incorporated. National Counterintelligence Executive. (2011). Oncix reports to congress: Foreign economic and industrial espionage. Retrieved from http://www.ncix.gov/publications/reports/fecie_all/index.php Needleman, S. (2012). Cybercriminals sniff out vulnerable firms. The Wall Street Journal, Retrieved from http://online.wsj.com/news/articles/SB10001424052702303933404577504790964060610 Gal, C., Kantor, P., & Lesk, M. (2009). Protecting persons while protecting the people. (p. 28). Germany: Springer-Verlag Berlin Heidelberg. Kappos, D., Villasenor, J., Misrahi, T. (2013). Intellectual property rights in the global creative economy. World Economic Forum, Retrieved from http://www3.weforum.org/docs/GAC/2013/WEF_GAC_IntellectualPropertyRights_Glob alCreativeEconomy_Report_2013.pdf Salley, L. S., Sass, P. S., Pineles, B. P., & Day, M. D. House of Representatives, Committee on Small Business. (2013). Protecting small businesses against emerging and complex cyber-attacks(113-008). Retrieved from Authenticated U.S. Government Information website: http://www.gpo.gov/fdsys/pkg/CHRG-113hhrg80172/pdf/CHRG- 113hhrg80172.pdf Small Business Administration. (n.d.). Dallas Regional Chamber. Retrieved from http://www.dallaschamber.org/files/Fact.Sheets/2013DFWFactSheets/TheBusinessComm unity - Small Business - 094-095.pdf Smith, A. (2011, June 27). Citi: Millions stolen in may hack attack. Retrieved from http://money.cnn.com/2011/06/27/technology/citi_credit_card/
Cybersecurity: A Simple Beginner’s Guide to Cybersecurity, Computer Networks and Protecting Oneself from Hacking in the Form of Phishing, Malware, Ransomware, and Social Engineering