logo

Cybersecurity Framework Compliance and Risk Assessment

   

Added on  2022-11-28

6 Pages610 Words343 Views
Running head: CYBERSECURITY FRAMEWORK
Cybersecurity Framework
Name of the Student
Name of the University
Author’s Note

1
CYBERSECURITY FRAMEWORK
1. Current Framework Compliance Status
The current cybersecurity framework of ABC Software, Inc. Company is vulnerable to
different types of attack and the current framework is evaluated in terms of compliance
framework. The framework consists of guidelines and processes that is used by the organization
for maintaining accordance, legislations and regulations. Currently the business process follows
the IT governance and maintains a balance between the innovation and productiveness.
2. Future Cybersecurity Policy Implementations
In future the risk control measures and governance practice is needed to be applied such
that the redundancy can be eliminated and help the organization to develop a compliance
framework. An action plan is needed to be implemented that would consist of the task,
implementation manner and responsibility along with the time frame (Hubbard & Seiersen,
2016). Every security area is needed to be included such that the strategic goals can be met and
the protection level can be improved.
3. Operational Compliance and Risk Assessment
3.1. Cybersecurity Risk Assessment
Threat Vulnerabilit
y
Asset Impact Likelihoo
d
Risk Recommendatio
n Control
Failure of
System
Server
overheatin
Poor air-
conditioning
High
Server
Critica
l
Unavailabilit
y of email,
web and
other
High Loss of
$5000 for
each
occurrenc
Implementation
of new air
conditioner

2
CYBERSECURITY FRAMEWORK
g
High
services
Critical
e
High
Malicious
human
High
Firewall
configuratio
n and DDoS
mitigation
Low
Web
Servic
e
Critica
l
Unavailabilit
y of web
resources
Critical
DDOS is
discovere
d 1 in
every 2
year
Medium
Potential
loss due
to
downtime
Medium
Firewall
monitoring
Natural
Disaster
High
Server room
should be
on upper
floor
Medium
Server
Critica
l
Unavailabilit
y of the
service
Critical
Flood
occurred
lastly 10
years ago
Low
Low No need of
action
3.2. Privacy Risk Management
Privacy risk can cause loss of control on the customer’s personal information that can
cause financial injury and unwanted intrusion in the system. The risk of data breach is needed to
be mitigated and the personal information is needed to be encrypted and stored in the secured
location such that it cannot be misused and economic loss can be mitigated.
3.3. Compliance Gaps
The gap analysis is performed in the planning stage for analyzing the degree or level of
compliance of data protection laws and the gaps.

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Information Security Audit: Trump Hotel
|18
|2377
|269

ISO/IEC 27001 Cybersecurity Framework for Riot Games, Inc. 1.
|2
|406
|70

Security Assessment: Risk Assessment and Security Vulnerabilities in XYZ Organisation
|14
|2277
|186

Cybersecurity Business Profile
|8
|1244
|418

System Security Management
|6
|1504
|37

Computer and Network Security Content
|21
|1055
|20