2025_EML Capstone Projects

Strengths: This approach is easy to audit and quite transparent, which aligns with compliance requirements. It does not take very long to develop and deploy, so it is suitable for government systems. Weaknesses: It might miss new insider threat patterns due to being less adaptable. Also, it can generate several false positives which increases workflow for security operations and creates unnecessary alerts. Opportunities: It provides an opportunity to build a foundation which can be evolved into more sophisticated systems. A working prototype can be delivered in the fastest way. Threats: It might reduce effectiveness of security operations with false positives which could be overwhelming. Risk assessment: Operational risks: This solution is easy to develop but may underperform against sophisticated threats due to rigid rules. Compliance risks: Because of its simplicity, it is easier than other approaches to demonstrate. More straightforward logic to implement. Financial risks: Low as it requires minimal resources and infrastructure. Mitigation: Continuous refinement on thresholds and reviewing feedback from test runs that are associated with insider threat. Solution #3: Hybrid rule-based and machine learning approach SWOT analysis: Strengths: This approach is a combination of smart detection (machine learning) and rules (explainability) which offers benefits. Weaknesses: It is quite complicated to build and validate this solution which can cause significant delays in project timelines. Opportunities: This could be a great showcase project for organization-wide systems. It displays tremendously innovative cybersecurity engineering. Threat: It can be considered ambitious for a capstone project, as it might exceed regular scope. Risk assessment: Operational risks: There might be significant delays with progress due to complexities that may occur during the integration. Compliance risks: As machine learning is involved, this must be carefully explained to auditors how it interacts with rules. Financial risks: This approach has the highest costs because of the maintenance. Building costs of two systems requires a significant amount of money as well. Mitigation: Development can be phased out by starting with rule-based and adding machine learning.

Back to Table of Contents