Cyber Risk Afstudeerstages

Cyber Risk afstudeerstages bij Deloitte

Wil jij afstuderen bij Deloitte Cyber Risk Services? Geweldig! Wij vinden dat je scriptie moet gaan over iets wat jou drijft en wat door je docenten wordt ondersteund. Het is ons doel om jou optimaal te ondersteunen in je onderzoek en ervoor te zorgen dat je een kwalitatief hoogstaand onderzoek aflevert en op tijd afstudeert.

Wat je van ons kunt verwachten:

• Toegang tot een uitgebreid netwerk van cybersecurity professionals
• Toegewijde begeleiding om je te coachen bij je scriptie en om je weg te helpen vinden binnen Deloitte
• Extra ondersteuning van onze experts om de kwaliteit van je onderzoek verder te verbeteren

Tijdens je stage word je onderdeel van het team en krijg je de kans om te zien wat we doen, hoe we werken en ervaar je een echt divers team. Daarnaast moedigen we je aan om deel te nemen aan onze teamevenementen, zoals onze trainingen, vrijdagborrels, LAN-party's, pizzasessies en onze teamweekenden. Dus naast het focussen op je scriptie, kun je onze cultuur ervaren, drive en zelfs wat plezier hebben terwijl je dit doet!

Wat wij van jou verwachten:

• Enthousiasme en toewijding om een kwalitatief hoogwaardige scriptie af te leveren binnen een afgesproken tijdsbestek
• Een goed onderwerp gerelateerd aan cybersecurity en een haalbare onderzoeksaanpak

Tijdens je stage krijg je de volgende voordelen:

• Laptop
• Stagevergoeding
• Vergoeding voor reiskosten

Tijdens je stage krijg je de kans om te werken aan een scriptie-onderwerp dat past bij jouw interesses. Hieronder staan enkele voorbeelden van mogelijke scriptie-onderwerpen, gecategoriseerd volgens onze teamstructuur. Dit is slechts een indicatie van mogelijke onderwerpen, dus voel je er niet door beperkt. Wij moedigen je aan je eigen onderwerp vorm te geven en deze voorbeelden als inspiratie te gebruiken. Voel je vrij om een onderwerp te kiezen dat gerelateerd is aan cyberbeveiliging en wij zullen ons best doen om een match te vinden tussen jouw voorkeur en onze expertise!

Strategy

Cyber Risk Management

Cyber security governance enables organizations to make informed decisions about cyber security risk management, security measures, cyber security investment and other. There are various methodologies that can be used to define and implement strategies addressing cyber security and risk associated with it. To what extent are cyber security strategies integrated with other organizational strategies? How far do cyber security strategies go beyond the organization itself? What lies at heart of an effective cyber security governance and how can cyber security governance be improved?

Examples of thesis topics regarding cyber security governance might include, but are not limited to:

• Quantifying the impact of cybersecurity investments
• Managing security in various types of organizational models
• Standardization versus agility of cybersecurity decision making

Cyber Security Awareness

Human actions often contribute negatively to security incidents. People fall victim to social engineering campaigns, phishing or other tactics of cyber criminals. Cyber security awareness and training have been proven to increase chances of catching a scam or attack before it leaves a full impact. But how effective is the cyber security awareness training really? And what can be done to improve current cyber security awareness among people?

Examples of thesis topics regarding cyber security governance might include, but are not limited to:

• Quantification of the effectiveness of cyber security awareness activities on human behavior
• Gamification of Cyber Security
• Human perception of cyber security-related risks

Vigilant

Security Automation

Conventional SIEM platforms capture tons of information and warnings which are supposed to be pursued and reviewed by the SOC team manually. Consequently, this had led to many challenges ranging from shortage of resources, time-consuming-repetitive tasks that leaves no time for focusing on value-adding work, and alert fatigue that could lead to slower response times and possible human error. The answer to these problems is automation. However, to what extent could automation go? Could there be a point in time where human input is completely dispensable?

Examples of thesis topics regarding cyber security governance might include, but are not limited to:

• Adoption and value of Security Orchestration, Automation and Response platforms
• Endpoint Detection and Response solutions and the automation of threat hunting
• Malware analysis methods
• Intrusion detection/Prevention systems
• Cloud Monitoring solutions

Cyber Threat Intelligence

In this digital era where hacker sophistication is rising rapidly, ensuring that an organization is adequately protected against a wide range of cyber threats and vulnerabilities was never more essential. Cyber threat intelligence can help organizations gain valuable knowledge about these threats, build effective defense mechanisms and mitigate the risks that could damage their bottom line and reputation.

Examples of thesis topics regarding cyber security governance might include, but are not limited to:

• TIBER framework effectiveness and limitations
• MITRE based threat hunting methodologies and effectiveness

Secure

Strategy of Industrial Control Systems (ICS)

Industry is going through its fourth revolution right now due to ever growing introduction of IT into factories. However, the IT requirements for factories are much different than for other businesses. How to deal with these changes and with the changes of the fourth industrial revolution?

Examples of thesis topics regarding cyber security governance might include, but are not limited to:

• Current state of digital security of different industry sectors
• Usage of safety culture in awareness campaigns
• Effective governance structures in ICS (OT vs IT)

Technical approach to the ICS

How does the interaction between ICS and IT systems works? Do we need changes in way we approach ICS systems? And if so, what would these changes be?

Examples of thesis topics regarding cyber security governance might include, but are not limited to:

• ICS malware analysis
• Hardware hacking (PLC, SIS, etc.)
• Intrusion detection systems / monitoring for ICS systems

Development of hacking challenges

One way how to stimulate young generation about cyber security is to provide a challenge-based, exciting learning experience which is freely accessible to all. But how do we optimally reach the right target audience? How to ensure that the challenges are at the right difficulty level? Many practical questions can be answered around this subject, both technical and non-technical.

Examples of thesis topics regarding cyber security governance might include, but are not limited to:

• General development of our online Hackazon portal
• Creation of various CTF challenges
• Development of hacking training for non-technical audience

Privacy

Privacy

It is difficult for organizations to function without trust and safety. How are the personal information and other data handled? What are legal obligations related to data handling? How do you ensure privacy in every part of the design process? Privacy is a very broad topic, that reaches further than just the legal aspects.

Examples of thesis topics regarding cyber security governance might include, but are not limited to:

• The influence / effectiveness of Privacy by Design
• Privacy governance and strategies
• ePrivacy and GDPR analysis
• Possible usage of Privacy Technology
• Privacy crisis management challenges

Heb je andere interessante ideeën? Laat het ons weten!

Neem contact op met onze recruiter: kgroenewold@deloitte.nl