Cyber Security And Risk Management
Added on 2022-07-28
11 Pages2332 Words89 Views
Running head: CYBER SEURITY AND RISK MANAGEMENT
1
Cyber security and risk management
Institutional affiliation
Date
1
Cyber security and risk management
Institutional affiliation
Date
CYBER SEURITY AND RISK MANAGEMENT 2
Table of Contents
Introduction................................................................................................................ 2
Risk management principles...................................................................................... 2
Risk identifying........................................................................................................... 2
Risk analysis............................................................................................................... 3
Risk treatment............................................................................................................ 4
Risks categories......................................................................................................... 4
Data breach................................................................................................................ 5
Malware...................................................................................................................... 6
Internet of things attacks........................................................................................... 7
Sources of data threats.............................................................................................. 7
Conclusion.................................................................................................................. 7
References................................................................................................................. 8
Table of Contents
Introduction................................................................................................................ 2
Risk management principles...................................................................................... 2
Risk identifying........................................................................................................... 2
Risk analysis............................................................................................................... 3
Risk treatment............................................................................................................ 4
Risks categories......................................................................................................... 4
Data breach................................................................................................................ 5
Malware...................................................................................................................... 6
Internet of things attacks........................................................................................... 7
Sources of data threats.............................................................................................. 7
Conclusion.................................................................................................................. 7
References................................................................................................................. 8
CYBER SEURITY AND RISK MANAGEMENT 3
Introduction
Security is vital in every organization regardless of its size. The impact of the occurrence
of risk is subject to percentage loss, and therefore the effect of the risk does not only profoundly
affect big organizations but also the small ones. Security is one of the foremost things any
organization cannot afford to gamble with. While physical organization security involves hiring
a guard, electrical fence installation, and fixing strong doors, cyber and information security
dwells on security software and firewalls: this document details cyber security and risk
management.
Cyber security is a term that encompasses the technologies, processes, and designs
adopted and used in the protection of data in networks, devices, or files from malicious attacks
and access by unauthorized persons or programs (Alali, Almogren, Hassan, Rassan, & Bhuiyan,
2018). Cyber security has exponential importance in the protection of not only intellectual but
also financial or any other important piece of information owned by the military, government, or
any private corporate. It is crucial to appreciate every piece of information on a subject is a threat
if accessed by unauthorized persons since it can be used maliciously.
Risk management principles
Risk identifying
Risk management is a process, not an event; hence a strategy with robust principals is
used to effectively manage the risks that are likely to occur in as long as computing is concerned.
The first principle of effective cyber security risk management is the identification of the risk
(Bakar, Ramli, & Hassan, 2019). It is challenging to fight or defend oneself from unknown
enemies. The risks that are likely to be listed under this principle include but not limited to the
Introduction
Security is vital in every organization regardless of its size. The impact of the occurrence
of risk is subject to percentage loss, and therefore the effect of the risk does not only profoundly
affect big organizations but also the small ones. Security is one of the foremost things any
organization cannot afford to gamble with. While physical organization security involves hiring
a guard, electrical fence installation, and fixing strong doors, cyber and information security
dwells on security software and firewalls: this document details cyber security and risk
management.
Cyber security is a term that encompasses the technologies, processes, and designs
adopted and used in the protection of data in networks, devices, or files from malicious attacks
and access by unauthorized persons or programs (Alali, Almogren, Hassan, Rassan, & Bhuiyan,
2018). Cyber security has exponential importance in the protection of not only intellectual but
also financial or any other important piece of information owned by the military, government, or
any private corporate. It is crucial to appreciate every piece of information on a subject is a threat
if accessed by unauthorized persons since it can be used maliciously.
Risk management principles
Risk identifying
Risk management is a process, not an event; hence a strategy with robust principals is
used to effectively manage the risks that are likely to occur in as long as computing is concerned.
The first principle of effective cyber security risk management is the identification of the risk
(Bakar, Ramli, & Hassan, 2019). It is challenging to fight or defend oneself from unknown
enemies. The risks that are likely to be listed under this principle include but not limited to the
CYBER SEURITY AND RISK MANAGEMENT 4
data breach, insecure application user, cloud abuse, malware attacks, data loss, single-factor
password, and shadow IT systems.
Risk analysis
Identifying these possible risks is followed by an evaluation and analysis of the impact of
the risk. The occurrence of some risks has moderate risks. In contrast, others have high impact;
hence this classification is critical, and it helps in giving priority on the risks that have high
chances of occurrence, and those have high impact when they occur. Analysis of these risks
leads to the third principle of risk management, that is, the formulation of the techniques to
control and prevent the risks as well as developing mechanisms of recovery in case the risk has
already occurred (Hemilä, Mikkola, & Salonen, 2019). It is essential to acknowledge that the
occurrence of cyber security risks is a subject with little control since the technologies in the
threats are evolving daily.
(Peterson, Adams, Sanders, & Sanford, 2018).
data breach, insecure application user, cloud abuse, malware attacks, data loss, single-factor
password, and shadow IT systems.
Risk analysis
Identifying these possible risks is followed by an evaluation and analysis of the impact of
the risk. The occurrence of some risks has moderate risks. In contrast, others have high impact;
hence this classification is critical, and it helps in giving priority on the risks that have high
chances of occurrence, and those have high impact when they occur. Analysis of these risks
leads to the third principle of risk management, that is, the formulation of the techniques to
control and prevent the risks as well as developing mechanisms of recovery in case the risk has
already occurred (Hemilä, Mikkola, & Salonen, 2019). It is essential to acknowledge that the
occurrence of cyber security risks is a subject with little control since the technologies in the
threats are evolving daily.
(Peterson, Adams, Sanders, & Sanford, 2018).
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Cyber Security in Corporate Governance: Ways to Improve Cyber Resilience and Integration with Cyber Securitylg...
|12
|3215
|375
Securing the Enterprise Infrastructure Report 2022lg...
|4
|772
|15
Developing Information Security Policies for Xerolg...
|14
|4396
|167
MGMT6013 Managing Information System | Security Policylg...
|14
|4311
|36
Saving The Organizational Datalg...
|8
|2189
|13
Cyber Security Concepts Documentlg...
|5
|976
|16