Cybercare Work Placement Review

Cybercare Work Placement Review Ignacio Fernà ¡ndez De Arroyabe The work placement for this module, Work Related Module II, was at Cybercare UK. From October 2016, I have been developing this activity. Cybercare UK is an organisation in London, which offers one-stop-shop to support victims of cyber crimes. The goal of the organisation is to assist victims of cyber crimes in detecting and protecting themselves. In fact, the aims of this company are advocacy for the protection of the individual, respecting rights and responsibilities to ensure security and freedom, in consultation with government, legal and technical services, and charitable agencies. During the time spent at Cybercare, I have worked in a group called Cybercare Business Research Team. The objective of this team has been to identify products for the security of computer systems. For this task, we have followed the work methodology DESP, which consists in detecting problems and vulnerabilities, customer education, and in supporting and offering protection for victims of cyber crime. In this report, we synthesise both the activities carried out and the assessment of the learning outcomes. Thus, we firstly conduct a review of the activities performed, placing special emphasis in the work methodology. Secondly, we evaluate the activities carried out in terms of learning. This learning has been evaluated at three levels: (i) the acquisition of knowledge, (ii) the improvement of capabilities, and finally (iii) the improvement of skills (not only personal skills but also interrelational and leadership skills). In the following sections, I present the review of activities, the academic context in which they have been developed, the evaluation of activities and finally, the conclusion explaining the achievements with this Module. I enclose as Annexes the presentations that I have elaborated for the organisation. 2. Review of Activities As a member of the Cybercare Business Research Team, the work we have done has been to find products for the security of computer systems. Our role was to educate and provide victims of cyber crime with measures (software or procedures) to protect systems; For example, antivirus and search engines that provide you privacy, or network sniffers, for users with more computer skills. As members of the Cybercare Business Research Team, we took care of everyday software, for example, encrypted mail, secure VPN, secure payment methods, etc. The Table 1 shows the activities developing. Table1: Activities performed during the work with Cybercare Research Type Main Duties Research on Antivirus and Secure Browsers -Find the best Cost/Security Antivirus. -Find the best Secure browsers that do not slow down the system. -Compatible with multiple O.S. Research on Network Sniffers -Research for Network Sniffers. -Tutorials to show how to use the Software. Research on Network Ports -Tutorials in explaining what Network Ports are. -Research on how to close ports. 2.1 Dealing with the client needs In the context of my activities in Cybercare Business Research Team, we note that Cybercare is a peculiar organisation in the relationship with its clients since it is not only necessary to provide a service, but also it is necessary to consider the psychological state of the client, as these people have suffered a cybercrime. Therefore, this makes our work affected in several ways: First of all, when finding solutions or helping a client, we have to lead with clear and simple ideas to help them. We assume that their knowledge of computer tools does not necessarily correspond to an expert level. Second, the psychological situation, since apart from customers, they are victims of cybercrime. This means that we have to be especially sensitive, both in the provision of the service and in the relationship with them. These two aspects have been the reason for the first meetings with the company since the relationship with the clients is fundamental. 2.2 Working Methodology: DESP approach. For the accomplishment of our work, and considering the framework of the relationship with the clients, the methodology used in the company is DESP approach. This methodology work consists of four phases: Detect, Educate, Support, and Protect. Through it, we provide an integral service to our clients, following the guidelines of work of the main international regulations, on the implementation of information security systems (Boehm, 1991; CLUSIF, 2008[1]; Infosec Institute, 2016; ISO, 2016). Below we describe the main aspects of the work methodology: The first stage of the work is the detection (Detect). This is probably the most difficult task because when a client needs help, you have to find the possible vulnerabilities or mistakes that they have made and that have allowed the hacker to enter to the system. It is a crucial step, as all the solutions that might be applied depend on finding the problem. If the vulnerability exploited by a hacker is not detected, it will not be possible to implement a solution. To make a good detection analysis, it is crucial to meet with clients, with the aim of identifying and recreating the steps followed by the hacker. For the realisation of this work, we use technical diagnostic toolkits, such as CrystalDiskInfo, which monitors the hard disks and reports the state of their health, then it returns all the S.M.A.R.T. information and shows how many times the disk has been turned on and off (Hiyohiyo, 1998), or even the help of legal agencies (for example, the metropolitan police). The second stage of our methodology is education (Educate). At this stage, we develop an educational programme, suitable for each client. The purpose of this is to instruct the client so that he/she can understand why it happened (identification of vulnerabilities), and how to remedy it (development of information security systems). As we pointed out above, for the development of this educational phase, we must be patient with the client, and very clear and didactic in the teachings, as well as in the recreation of the computer attack. Therefore, for this task, it is necessary both, the understanding and empathy of the employee as the interest towards the client. Moreover, we have to consider, that in many cases the client does not have a high knowledge in IT, for which is essential that it is explained in a language and context that the client can understand and apply later what has been learned, always taking into account that the most important thing is that the user can apply the se remedies or the solutions taught. As a means to accomplish this task, we have used digital and blended training tools and e-learning tutorials. These educational systems have helped customers learn the use of some software, for example, Zenmap. Zenmap is software from the company Nmap[2], which adds an interactive GUI so that the user can easily see the networks to which it is connected, the open ports and all the interactions between the computer and the network. The third stage of our methodology is Support. This stage is intended to help the client in future questions or doubts about what has been learned to protect themselves. Fui-Hoon et al. (2001), Boehm (2008) and ISO (2016) point out that this task is critical for the development of a computer security system. Cybercare considers this stage to be fundamental, unlike other consulting companies that do not give so much importance to the phase of support, in Cybercare we ensure that the customer has the best support possible. This is because if the client does not remember how to apply what they have learned to protect their System, they will repeat the same mistakes made previously. For the accomplishment of this stage, telephone support is usually the most used medium, and combined with online assistance, in the clients system. The last step is protection (Protect). This is the stage in which the system is already protected and the customer has already applied the recommended guidelines to keep the System safe. Normally this is the last process, unless it is necessary to repeat any of the above, either due to new system vulnerabilities or bad habits and/or forgetting to follow practices to defend it. If this is successfully completed it can be said that the system is protected and that the user is out of risk. 2.3 Working within a team environment For the development of our work and the performance of the same, it has been done by working on a team. The importance to the business success of teamwork is well known in the literature (McDonough, 2000; Bakker and Schaufeli, 2008). In this sense, in Cybercare, we work as a Research Team, being team work the second pillar on which the methodological work is supported. In this context, the coordination and interaction between the team members were very important, with the aim of finding solutions for our clients, which can satisfy them in all aspects both economic and practical security. My working group was Cybercare Business Research Team. The goal was to work on finding cybersecurity solutions for each client. The assignment of the tasks in our work team was based on the type of products needed. Thus, each member of the group specialised in one type of product. In my case, I was responsible for the antivirus software. For this task, I elaborated a list with all the antivirus that were on the market and classified them considering two conditions, the price and the operating system of the client; also for mobile devices, such as smartphones, PDAs, etc. The second product I had to research in my working group, was secure browsers. In order to perform this assignment, I had to find the best secure browsers that offered the most security and privacy to the user, for the various operating systems, which could allow them to navigate the network with the highest security possible. However, in our situation as students with not much experience in the organisation environment, it was difficult at first to be able to coordinate and divide the assignments properly. This is a fundamental element since in any professional environment the coordination of workers is a critical element, which is why we try hard to learn from it. The situation among the teammates, given that we all have the same background (IT), made communication between us easier since in technical terms we all understood each other. 2.4 Presentations for employers, clients and team members In the implementation of our work methodology, a key element is the presentation of our results to employers, clients and members of the others groups. This methodology followed in Cybercare was considered critical, as Fincham (1999) points out, it facilitates the learning, the interaction and the trust between the company and the clients (Fincham, 1999; Nah et al. 2003). In addition, teamwork required that each member of the Research Business Team had to present at the meetings our results and recommendations, both in terms of solutions and products. Hence, I have made several presentations during my work with Cybercare. In these presentations I showed the characteristics, the prices and the time that would take to get the software or product to be in operation for the company. 2.5 Find the right products for customers As a member of the Cybercare Research Business Team, our work was based on the search for products that offered security for our clients. For this, we looked for products the most affordable as possible, preferably free, since in many cases the user or customer prioritises the software to be free or very low cost. One of the products to look for the clients was an antivirus and secure browsers. For this, we elaborated a comparative spreadsheet (Annexe 1), in which we explain the features of the antivirus and the secure browsers. We also prioritise the cost, thus obtaining two antiviruses per operating system (one free and another low cost but with features better than the free), and secure browsers by Operating System. For the realisation of this work, apart from the Internet search, we had to contact companies to ask about their products specification, for example, Panda Security. The objective was to clarify the various products and classify them both in security level and in cost. 3. Academic Context The work placement is related to my course in many ways. Firstly, it has allowed me to put into practice the knowledge acquired in the modules developed in my Bachelor. Especially, I would like to point out that the knowledge acquired in the CC6004: Network and Cloud Security, CS5001: Networks and Operating Systems and CC5004: Security in Computing modules, have been useful in the accomplishment of my work at Cybercare. Secondly, I had the possibility of interacting with other colleagues, of whom I have acquired knowledge in other areas, which I did not have prior knowledge, or in which my knowledge was superfluous. This is the case, for example, network security or software security. In addition to the implementation of the knowledge acquired in my BSc, I have had the opportunity to improve my capabilities and skills. Working in a company has helped me to gain first-hand in-depth knowledge, not only on customers needs but also on new working methodologies and learned to interact with other colleagues. 4. Activities Evaluation 4.1 Dealing with the client needs Since my experience in a company environment was not as extensive as some of my colleagues, I did not have the opportunity in prior working occasions to deal with clients needs. This, in turn, resulted in that I had to learn many things, which helped me develop my skills and abilities. Specifically, I have developed my client orientation competencies, as the relationship with them was oriented towards the search for adequate protection solutions, in terms of money and time of implementation. Furthermore, I have improved my skills of interrelating with people, especially in dealing with clients. In this respect, we have to consider not only the classic supplier-customer interaction but also we had to qualify the clients psychological state, as the victim of a cyber-attack. This was helpful to see what the requirements in company environment are. As a result of this, I developed my personal skills, such as work and time management and organisational capabilities. 4.2 DESP approach As pointed out earlier, DESP approach follows the standards of consulting in the information sector. This system is very effective in solving cyberattack problems, which has required being able to detect, educate, implement and assist the client, developing and learning to better analyse systems and problems derived from malware or intrusion to the system. This has allowed me to assimilate this methodology, as well as to know how and when to implement it properly and to learn the international standards of computer security. This experience has opened me the doors to a learning process and therefore an increase in my personal skills and abilities, which will allow me in the future to work in the consultancy sector. Windolf (1986) and Sparrow (2007) point out that in the recruitment of personnel in the consultancy sector the most valued capacities are: to detect, educate, implement and help the client. 4.3 Working within a team environment The next challenge for me has been group work. Although at university we have experiences in group work, for example, the elaboration of coursework. However, the experience of a professional job has enriched me in my skills both in a personal relationship and in management. The group work, has in first place, meant the need to plan and organise the tasks in the team. This interaction has been a very interesting experience, for example, analysing the criteria for dividing tasks and adjusting a work plan to the needs of the client. Additionally, in some tasks, I have developed the coordination role. This has allowed me to gain experience in the management of work teams. Having to learn, listen, coordinate, motivate, and lead a team. 4.4 Presentations for employers, clients and team members Personally, before working at Cybercare, I did not have much experience in presentations in a business environment, outside the strictly academic. This experience has, therefore, helped me greatly to improve my presentation skills, in presentations with employers, clients, and team members. More in detail, the presentations meant the implementation of our communication skills, especially in the transmission of ideas, which have to be especially good to be able to express and convince the possible client about the solutions or products more suitable for their Computer security problems. In addition, considering that clients were not IT experts, we had to make a communication effort, to simplify some terms, for example, VPN, Network Sniffer, etc. In addition, attending presentations of other teams helped me to increase my knowledge in areas in which I had not much prior knowledge, such as Networks Sniffers products (this is the case of Wireshark, Nmap or Zenmap). 4.5 Find the right products for customers As already mentioned, much of the time working for the company was spent looking for the products and applications most appropriate to the needs of customers. The best example has been to search, analyse and classify the best antivirus that can be found on the market. This has required looking at all the antivirus for all operating systems, their functions, and features, considering aspects such as the price and the number of licenses that can be obtained for that price. So make a chart with the main features and prices. In order to be able to find products to recommend to customers, we had to acquire an exhaustive knowledge about the product and the market, besides identifying the needs of the customer or user. As a conclusion to this work, this helped me to understand that each customer has different necessities and therefore the product has to be adapted to these needs, thereby increasing my analytical skills greatly improved after this situation (see Table 2). Also, gain a thorough knowledge of antivirus. Table 2: Skills, Knowledge and Capabilities gather. Skills Capabilities Knowledge Clients Personal Interaction Orientation to the clients Client treatment DESP Personal Consultant Work Methodology Working Team Personal Interaction Direction Define and eradicate the problem Networks Team Work Solutions Personal Analytics Anti-Virus, Secure Browsers Network Sniffers 5.   Challenges As in all jobs, motivation is always a great ally in order to perform a task properly. At first you are very motivated to have achieved that position, but then irremediably with the passage of time is just falling into a routine, which ends up gradually losing your motivation, and instead of being something special that put one hundred percent, You end up just putting what you think is just necessary to complete the task. In my case, I always try to be motivated, with ideas, with previously read material to extend my knowledge on the field. But sometimes it is impossible to keep that motivation all the time. For example in my case, to get down to work, I have to travel an hour and a half between trains and the underground. At the beginning, I used that time to read the extra material, that could give me a better idea of à ¢Ã¢â€š ¬Ã¢â‚¬ ¹Ãƒ ¢Ã¢â€š ¬Ã¢â‚¬ ¹the topic that was going to be working that day, but in the end, I end up not reading on trains, usually for lack of motivation. This I think has been one of the great challenges for me, to keep the motivation to one hundred percent, to be able to take full advantage of the experience of working in the company Cybercare. Another great challenge that I had when it comes to successfully carry out the work with the organisation Cybercare, has been the product presentations. This was due to my lack of experience in professional presentations (not academic, since I have had numerous presentations at the University), since professional presentations require a more practical knowledge of the products (such as cost of a product, the availability, the time it would take to have such a product), plus you have to present only what is important, since the rest of the things you say will not serve to the company at all, therefore, they would not pay attention. This has been from my point of view the most difficult challenge, getting the audience (employers and clients) to pay attention and being able to convey the main characteristics of the product. Compared to presentations at an academic level, in which data, such as the history of the product, origin, how you ended up reaching that product, etc., are very imp ortant. In the presentations at a business level, the important thing is: why would the company invest in this product, which is what it makes it better than the rest of the product, and when will they have it. 6. Conclusion In conclusion, after working with Cybercare since last October (2016), I have noticed that I have improved in my personal, interrelation and leadership skills. Being in a business environment the demand by the employers is maximum, so you have to do your best to be able to meet deadlines, and correctly perform the tasks ordered. The Learning outcomes (LO) have helped me to set goals to meet. With the logbooks, I have been able to summarise what I have done during this time, and it has helped me to review the feedback of the employees so that I was able to improve every week. In general terms, the Work Related Module II module has helped me to put into practice my theoretical knowledge learned in the University and has prepared me for the business world for when I finish my bachelor. References Bakker, A.B. and Schaufeli, W.B. (2008). Positive organisational behavior: Engaged employees in flourishing organizations. Journal of Organizational Behavior, 29(2), 147-154. Boehm, B.W.   (1991). Software risk management: principles and practices. IEEE Software Journal,8, 32-41. Boehm, B.W. (2008). Appraisal of the Effectiveness and Efficiency of an Information Security Management System Based on ISO 27001. SECURWARE, 8, 224-231. CLUSIF (2008). Risk Management. Concepts and Methods. Club de la Securite Infomatique, Paris, France. Fincham, R. (1999). The consultant-client relationship: Critical perspectives on the management of organizational change. Journal of Management Studies, 36(3), 335-351. Fui-Hoon Nah, F., Lee-Shang Lau, J. and Kuang, J. (2001). Critical factors for successful implementation of enterprise systems. Business Process Management Journal, 7(3), 285-296. Hiyohiyo (1998) CrystalDiskInfo software crystal dew world. Available at: http://crystalmark.info/software/CrystalDiskInfo/index-e.html (Accessed: 12 January 2017). Infosec Institute (2016). IT Auditing and Controls Planning the IT Audit. Infosec Institute. http://resources.infosecinstitute.com/itac-planning/#gref ISO (2016). ISO/IEC 27001 Information security management. ISO. http://www.iso.org/iso/iso27001 McDonough, E. F. (2000). Investigation of factors contributing to the success of crossà ¢Ã¢â€š ¬Ã‚ functional teams. Journal of Product Innovation Management, 17(3), 221-235. Nah, F.H., Zuckweiler, K.M.and Lee-Shang Lau, J. (2003). ERP implementation: chief information officers perceptions of critical success factors. International Journal of Human-Computer Interaction, 16(1), 5-22. Sparrow, P.R. (2007). Globalization of HR at function level: four UK-based case studies of the international recruitment and selection process. The International Journal of Human Resource Management, 18(5), 845-867. Windolf, P. (1986). Recruitment, selection, and internal labour markets in Britain and Germany. Organization Studies, 7(3), 235-254. Annexe 1: Presentation on Antivirus and Secure browsers Annexe 2: Presentation on Network Sniffers Annexe 3. Presentation on Network Ports (Windows) [1] CLUSIF: Club de la Sà ©curità © de lInformation Franà §ais (https://clusif.fr/). [2] Nmap Security   (NMAP.ORG, https://nmap.org/zenmap/).