Application of Risk Mitigation and Planning Tools

Verified

Added on 2023/03/23

AI Summary

This article discusses the application of risk mitigation and planning tools in different scenarios, including data breaches, natural disasters, and disruptions. It explores the importance of Computer Incident Response Teams (CIRT) and Disaster Recovery Plans (DRP) in preventing and mitigating risks. It also highlights the need for Business Continuity Plans (BCP) and appropriate security measures in the face of cyber attacks and physical intrusions. The article emphasizes the role of cyber security in defending against advanced persistent threats and the challenges of implementing cyber security practices.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Application of Risk mitigation and planning tools
The intrusion to the Epsilon email address database:
On 30th march 2011 Epsilon was hit by one of the most costly data breaches, where the data of their
client’s customers was exposed by malicious attackers. The attackers intruded into the email database
and obtain the information of the customers such as their names and email addresses. To avoid such
type of attacks in future Epsilon should appoint Computer Incident Response Team (CIRT), to respond
towards such security risk to the company and its clients in future. In addition to dealing with specific
security risk they should appoint a team of experts to guide organization with appropriate
communication during such incidents (Prince)
Tsunami in Northeastern Japan
To prevent and mitigate the risk of occurrence of Tsunami in future it is important to prepare a Disaster
Recovery Plan (DRP). A DRP can help to know how nations can be prepared for the disasters, how they
can respond to the disasters so that there is minimum loss of the property and human lives and how can
industries resume their working after the disasters in a degraded operating environment.
Disruption of Amazon Cloud Servers
During debugging of an issue in the billing system a member of S# team accidentally made a typing
mistake and large number of servers was removed from the cloud than intended. The server that was
removed also supported other two S3 subsystem. This led down with them many big services such as
Quora, Trello and others. Fortunately the company has Business Continuity Plan in place that helped in
lessening the impact of this disruption. The BCP of the company had operational details on the steps
that has to be taken during and after the occurrence of this disruption (AWS).
Hacking into SONY databases
The hackers said they gained access to Sony's networks from inside Sony. The hackers introduced
malware into the databases and stole and removed important data from there. Sony should have in
place appropriate Business Continuity and Disaster Recovery plans to emerge from these attacks (Bort).
Physical Intrusion of SEALS into Pakistan hideout
Computer Incident Response Team.
Con Ed brownouts over this coming summer months
During brownouts, water is warm, incandescent lights are dimmer and electric equipment moves
slower, such as elevator, lifts, motors and so on. Business continuity plans BCP should be in place during
this brownouts to avoid disruption in the various functions in organizations.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

Cyber security fundamentals and adoption.
Cyber-security Domains: Cyber security is the development, governance and management of
information security, It security and OT security techniques and tools to achieve regulatory compliance,
compromising the assets of adversaries and defending assets. On the other hand conventional security
focus mainly on the prevention and blocking techniques for example anti-virus to block threats
Cyber-security Controls: The cyber security and the traditional security both of them are applied to
reduce vulnerabilities within the organizational assets and resources and increase counterattack
capabilities against the attackers
Defense in Depth: Cyber security provides defense in-depth as compared to the traditional security. This
is because of the deeper aspects of the security are covered in the Cyber-security approach. Thus
traditional security practices are possibly prevalent as compared to the Cyber-security in providing deep
defense.
Network Security: For cyber-security practices to secure network the traditional practices are not so
advance and less costly as compared to the cyber security practices. Thus cost can be a challenge in the
implementation of the of Cyber security approach (Galinec, Možnik & Guberina).
Security Incident Response: The Cyber security program along with OT and IT security allows for more
holistic response to threat in an organization as compared to the traditional approach.
Advanced Persistent Threats: The Cyber security practices are more prominent against prevention of
some advance threats such as DoS and DDoS which traditional practices are not so prominent.

References:
AWS. Data Center Control. Web 15 May 2019.
https://aws.amazon.com/compliance/data-center/controls/
Bort, Julie. How the Hackers Broke Into Sony And Why It Could Happen To Any Company. 2014. Web 15
May 2019. https://www.businessinsider.in/How-The-Hackers-Broke-Into-Sony-And-Why-It-
Could-Happen-To-Any-Company/articleshow/45581200.cms?
utm_source=contentofinterest&utm_medium=text&utm_campaign=cppst
Galinec, Darko Možnik, Darko and Guberina, Boris. “Cybersecurity and cyber defence: national level
strategic approach” Automatika.58. 3 (2017). 273-286, DOI: 10.1080/00051144.2017.1407022
Prince, Brian. Recent Data Breaches Show Responses Matter. 2017. Web 15 May 2019.
https://www.crn.com/news/security/229401373/recent-data-breaches-show-responses-
matter.htm
Newton, C. How a typo took down S3, the backbone of the internet. 2017. Web 15 May 2019.
https://www.theverge.com/2017/3/2/14792442/amazon-s3-outage-cause-typo-internet-server

1 out of 3

+13062052269

info@desklib.com

Application of Risk Mitigation and Planning Tools

Contribute Materials

Secure Best Marks with AI Grader

Related Documents

CST 610 9043 Cyberspace and Cyber security Foundation

IT Security Management Program for a Shipping Agency Database

Design and Implementation of Security Policy

Data Structure and Algorithms Report 2022