This repository contains a comprehensive cybersecurity risk assessment of the 2021 Colonial Pipeline ransomware attack. The analysis applies industry-standard frameworks including NIST, PCI DSS, and CISA directives to evaluate threats, vulnerabilities, and mitigation strategies for critical infrastructure.
- Analyze the Colonial Pipeline ransomware breach using structured risk assessment methodologies
- Apply NIST Cybersecurity Framework and other compliance standards to real-world incidents
- Develop actionable prevention measures and incident response plans
- Create asset-based risk matrices for prioritization and remediation
- NIST Cybersecurity Framework: Guides the overall risk assessment structure
- PCI DSS Compliance: Ensures secure handling of payment data
- CISA Directives: Follows government guidelines for critical infrastructure protection
- Weak authentication mechanisms enabled credential theft and ransomware execution
- Insufficient network segmentation allowed attack propagation across systems
- Inadequate incident response planning delayed recovery efforts
- Lack of multi-factor authentication (MFA) and security awareness training
- Customer Database
- Network Infrastructure
- Billing System
- Operational Technology (OT)
- Employee Workstations
- Billing System - Ransomware: Risk Score 25 (Likelihood 5, Impact 5)
- Operational Technology - SCADA Exploit: Risk Score 20 (Likelihood 4, Impact 5)
- Implement Multi-Factor Authentication (MFA) across all systems
- Conduct regular security awareness training for employees
- Deploy network segmentation between OT and IT environments
- Establish comprehensive incident response plans with defined roles
- Maintain secure offline data backups for rapid recovery
This assessment demonstrates practical application of:
- Risk matrix development and scoring methodologies
- Compliance framework implementation (NIST, PCI DSS, CISA)
- Critical asset identification and prioritization
- Incident response planning and team role definition
- Prevention strategy development for critical infrastructure
- Introduction: Assessment purpose and breach background
- Risk Assessment Team: Team composition and consultation details
- Scope and Context: Internal/external factors and compliance alignment
- Asset-Based Assessment: Detailed analysis of five critical assets
- Prevention and Response: 10-point prevention plan and incident response structure
- Risk Matrices: Visual risk scoring and prioritization tables
- Conclusion and References: Key takeaways and regulatory framework citations
This project is for academic and educational purposes only. The analysis is not affiliated with Colonial Pipeline or any real-world organization. All risk assessments and recommendations are theoretical applications created for cybersecurity education.
© 2025 Ahndre Walters · Created as part of the Cyber Nation x Protexxa Cybersecurity Bootcamp (Cohort 1 - Grenada) · Risk Assessment Framework Assignment · Colonial Pipeline Ransomware Case Study