Task $3($for SIT$284$ students only$)(30$ marks$)$

This task is about cyber security vulnerabilities, threats, and attacks in collaborative mixed

reality $($CMR$),($or say immersive technologies$)$ which is gaining popularity in a variety of

fields, including gaming, social interaction, design, healthcare, etc.

Identify and list some potential threats, weak points, and attack surfaces in the CMR

domain.

What are some of non$-$technical aspects of the attacks in the CMR landscape? List and

discuss few non$-$technical features of the attacks.

How may the cyber risk to CMR be reduced? Discuss high level opinions to mitigate

the risk in accordance with the ISO$27$k standard.

$[($Answer in $750-1000$ words, marks $30(10$ each$)]$

Task $3($for SIT$763$ students only$)(30$ marks$)$

The General Data Protection Regulation $($GDPR$)$ is implemented and adopted in the European

Union $($EU$)$ since $2018.$ The vast amount of data increased its vulnerability and raised

concerns about the protection of personal data. The transborder flow of personal data is

inevitable and this has increased the data protection concerns to a great and concerning level.

This is the reason that some countries $($member states of EU$)$ pay attention to the transfer of

personal data to recipients in the third countries and foresee that such transfers may only be

carried out in full compliance with the EU's GDPR regulation. This is a good aspect but at the

same time too many restrictions and regulations may impede trade and commerce.

Assume that your organisation is a small scale Australian$-$based, and this is an EU$-$

regulation, do you think GDPR applies to you. Explain your answer with an example.

Following this in your opinion, what are the key challenges of GDPR poses on your

organisation in context of transborder flow of personal data? Explain any $3$ challenges

in detail.