IT Risk Management: Threats, Vulnerabilities and Prevention Methods
21 Pages4785 Words434 Views
Added on 2023-06-05
About This Document
This report explains different types of threats and vulnerabilities of cyber security and methods to reduce this type of problems in the gigantic corporation. It also provides recommendations and prevention methods to reduce IT risk for a gigantic corporation.
IT Risk Management: Threats, Vulnerabilities and Prevention Methods
Added on 2023-06-05
ShareRelated Documents
1. Cover page
IT Risk Management
Name of the Student:
Name of the University:
IT Risk Management
Name of the Student:
Name of the University:
1IT RISK MANAGEMENT
2. Table of contents
1. Cover page.........................................................................................................................0
2. Table of contents................................................................................................................1
3. Executive Summary...........................................................................................................3
3.1 Statement of the technology project............................................................................3
3.1.1 Outline of the company- Gigantic Corporation........................................................3
3.1.2 Role and responsibility.........................................................................................3
3.1.3 Technology used in company....................................................................................4
3.2 Overview of your recommendations................................................................................4
4.0 Risk assessment based on threats, vulnerabilities and consequences..................................4
4.1 IT control framework.......................................................................................................7
4.1.1 Policy and procedure.................................................................................................8
4.2 Key threat agents............................................................................................................10
4.2.1 List of threat agents.................................................................................................11
4.2.2 Issues.......................................................................................................................12
4.3.3 Consequences..........................................................................................................12
4.3 Mitigation of risks and their impact on the system........................................................13
5.0 Literature review................................................................................................................14
5.1 Safeguards......................................................................................................................14
5.2 Security mechanisms......................................................................................................15
2. Table of contents
1. Cover page.........................................................................................................................0
2. Table of contents................................................................................................................1
3. Executive Summary...........................................................................................................3
3.1 Statement of the technology project............................................................................3
3.1.1 Outline of the company- Gigantic Corporation........................................................3
3.1.2 Role and responsibility.........................................................................................3
3.1.3 Technology used in company....................................................................................4
3.2 Overview of your recommendations................................................................................4
4.0 Risk assessment based on threats, vulnerabilities and consequences..................................4
4.1 IT control framework.......................................................................................................7
4.1.1 Policy and procedure.................................................................................................8
4.2 Key threat agents............................................................................................................10
4.2.1 List of threat agents.................................................................................................11
4.2.2 Issues.......................................................................................................................12
4.3.3 Consequences..........................................................................................................12
4.3 Mitigation of risks and their impact on the system........................................................13
5.0 Literature review................................................................................................................14
5.1 Safeguards......................................................................................................................14
5.2 Security mechanisms......................................................................................................15
2IT RISK MANAGEMENT
5.3 Change in key principle of information by which employees can secure their
information...........................................................................................................................16
6.0 Conclusion..........................................................................................................................16
6. References........................................................................................................................18
5.3 Change in key principle of information by which employees can secure their
information...........................................................................................................................16
6.0 Conclusion..........................................................................................................................16
6. References........................................................................................................................18
3IT RISK MANAGEMENT
3. Executive Summary
Cyber security is a type of protection system for computing devices and it is also called as
IT security. In this advanced generation, the problem of cyber-crimes is growing very fast
and many originations are facing this type of problem. Cyber security provides a platform
where consumers can protect their personal information and they can avoid the problem of
cyber-attacks. The main purpose of this report is to understand the fundamental concept of
cyber security and their potential threats or risks. This report is explaining different types of
threats and vulnerabilities of cyber security and methods to reduce this type of problems in
the gigantic corporation. It is a very serious issue for any organization because hackers can
easily encrypt user’s computer devices with the help of botnet and malware. In the field of
computer science, physical security and cyber security both are very important parts to
protect data from unauthorized access and servers. Information security is a subset of cyber
security which is developed to maintain the integrity, availability, and confidentiality of
consumer’s private data.
3.1 Statement of the technology project
3.1.1 Outline of the company- Gigantic Corporation
Gigantic Corporation is an information and technology organization which provides
telecommunication services to their consumers and it also develops many software and
hardware. This organization is facing various IT risks like security threats, data breach and
other cyber-crimes.
3.1.2 Role and responsibility
Gigantic Corporation is an information and communication organization and in which I
am IT risk lead consultant. The main role of an IT consultant in the field of a computer
3. Executive Summary
Cyber security is a type of protection system for computing devices and it is also called as
IT security. In this advanced generation, the problem of cyber-crimes is growing very fast
and many originations are facing this type of problem. Cyber security provides a platform
where consumers can protect their personal information and they can avoid the problem of
cyber-attacks. The main purpose of this report is to understand the fundamental concept of
cyber security and their potential threats or risks. This report is explaining different types of
threats and vulnerabilities of cyber security and methods to reduce this type of problems in
the gigantic corporation. It is a very serious issue for any organization because hackers can
easily encrypt user’s computer devices with the help of botnet and malware. In the field of
computer science, physical security and cyber security both are very important parts to
protect data from unauthorized access and servers. Information security is a subset of cyber
security which is developed to maintain the integrity, availability, and confidentiality of
consumer’s private data.
3.1 Statement of the technology project
3.1.1 Outline of the company- Gigantic Corporation
Gigantic Corporation is an information and technology organization which provides
telecommunication services to their consumers and it also develops many software and
hardware. This organization is facing various IT risks like security threats, data breach and
other cyber-crimes.
3.1.2 Role and responsibility
Gigantic Corporation is an information and communication organization and in which I
am IT risk lead consultant. The main role of an IT consultant in the field of a computer
4IT RISK MANAGEMENT
network is to maintain risks and threats of any information security and improve security
systems by which users can secure their private information.
3.1.3 Technology used in company
Gigantic Corporation uses various kinds of information technologies, for example, the
Internet of thing, wireless networks, cloud computing, network protocols, and information
technologies (Chakhchoukh & Ishii, 2015). With the help of these entire technologies, the
gigantic corporation provides communication services to many companies and consumers.
3.2 Overview of your recommendations
Lack of security is the very common problem for the gigantic organization and it is
observed that many consumers use a simple password-based system and hackers can easily
block their peripheral devices by using a complex algorithm process. This report is divided
into two parts such as potential threats of cybersecurity and prevention methods to reduce IT
risk for a gigantic corporation. This organization can adopt security architecture or steps to
reduce various problems and risk such as password-based systems, use of antivirus and
firewall, control and monitor unwanted traffic signals, detect spam emails and messages by
encryption method and cryptography process.
4.0 Risk assessment based on threats, vulnerabilities and consequences
Cyber threats are defined as circumstance with the potential to cause harm and it is
very harmful to human-computer systems. There are many examples of cyber threats such as
flooding process for data systems, an administrator accidentally wiping a production process,
political activities of DDOS attacks (Cherdantseva, et al., 2016) Attackers produce various
malware and botnet by which they can enter into gigantic websites and block their authentic
servers. Vulnerabilities mean weakness in a computer system and the main drawback of the
gigantic corporation is that it does not use any security policy and strategy by which they lost
network is to maintain risks and threats of any information security and improve security
systems by which users can secure their private information.
3.1.3 Technology used in company
Gigantic Corporation uses various kinds of information technologies, for example, the
Internet of thing, wireless networks, cloud computing, network protocols, and information
technologies (Chakhchoukh & Ishii, 2015). With the help of these entire technologies, the
gigantic corporation provides communication services to many companies and consumers.
3.2 Overview of your recommendations
Lack of security is the very common problem for the gigantic organization and it is
observed that many consumers use a simple password-based system and hackers can easily
block their peripheral devices by using a complex algorithm process. This report is divided
into two parts such as potential threats of cybersecurity and prevention methods to reduce IT
risk for a gigantic corporation. This organization can adopt security architecture or steps to
reduce various problems and risk such as password-based systems, use of antivirus and
firewall, control and monitor unwanted traffic signals, detect spam emails and messages by
encryption method and cryptography process.
4.0 Risk assessment based on threats, vulnerabilities and consequences
Cyber threats are defined as circumstance with the potential to cause harm and it is
very harmful to human-computer systems. There are many examples of cyber threats such as
flooding process for data systems, an administrator accidentally wiping a production process,
political activities of DDOS attacks (Cherdantseva, et al., 2016) Attackers produce various
malware and botnet by which they can enter into gigantic websites and block their authentic
servers. Vulnerabilities mean weakness in a computer system and the main drawback of the
gigantic corporation is that it does not use any security policy and strategy by which they lost
5IT RISK MANAGEMENT
their privacy. SQL injection is the very common example of vulnerabilities and to reduce this
problem SQL certificate has been developed (Deshmukh & Devadkar, 2015). There are many
threats and risks of cyber security are detected which are describing below-
Malware
Ransom ware
Phishing
SQL injection attack
Cross-site Scripting
DOS attack
Man in the middle attacks
Malware
Malware is a complex algorithm process which is used by attackers to hack data or
information of any organization. Gigantic Corporation is facing from this problem and they
can lose their private details. It is a type of software which detects detail of authentic servers
and once malware enters into computer device then it can control and monitor
communication systems and other activities (Isozaki et al., 2016) Aggressors will utilize an
assortment of techniques to get malware into your PC, yet at some stage it regularly requires
the client to make a move to introduce the malware. This can incorporate clicking a
connection to download a record, or opening a connection that may look safe (like a Word
report or PDF connection), however really has a malware installer covered up inside.
Phishing
their privacy. SQL injection is the very common example of vulnerabilities and to reduce this
problem SQL certificate has been developed (Deshmukh & Devadkar, 2015). There are many
threats and risks of cyber security are detected which are describing below-
Malware
Ransom ware
Phishing
SQL injection attack
Cross-site Scripting
DOS attack
Man in the middle attacks
Malware
Malware is a complex algorithm process which is used by attackers to hack data or
information of any organization. Gigantic Corporation is facing from this problem and they
can lose their private details. It is a type of software which detects detail of authentic servers
and once malware enters into computer device then it can control and monitor
communication systems and other activities (Isozaki et al., 2016) Aggressors will utilize an
assortment of techniques to get malware into your PC, yet at some stage it regularly requires
the client to make a move to introduce the malware. This can incorporate clicking a
connection to download a record, or opening a connection that may look safe (like a Word
report or PDF connection), however really has a malware installer covered up inside.
Phishing
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Risk Assessment based on Cloud Securitylg...
|11
|4088
|214
Risk Assessment based on Cloud Securitylg...
|13
|4730
|351
IT Risk Assessment and Cyber Security Lead Consultant for Gigantic Corporationlg...
|10
|3551
|91
Network Security Analysis: Cyber Securitylg...
|10
|1925
|30
IT Risk Management: Cyber Securitylg...
|20
|4610
|231
iT Securitylg...
|17
|5127
|60