Risk management plan – single risk Company name: MyHealth.

Verified

Added on 2023/01/11

AI Summary

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Risk management plan – single risk
Company name: MyHealth Completed by: Student name
Work area: Cybersecurity management Date completed: date
Hazard identification
DoS Attack: Denial of service (DoS) attacks are types of cyberattacks by which malicious actors aim render
devices and computer systems unusable for the intended users through interruptions of normal functioning of the
device.
Risk assessment
What harm could the
hazard cause?
DoS attacks are observed to affect multiple components of the company and
are known to frequently affect systems. They can bring the entire network to a
halt and even lead to freezing of computers.
What is the likelihood
of this happening
DoS attacks are known to be the most popular approach of infecting computer
systems and hence are the most likely to affect MyHealth two of the assets
already have vulnerabilities.
Existing control
measure
Immediate removal of suspicious files followed by full system scan with proven
anti malware solutions.
Consequence Damages to systems might already have occurred
Likelihood Less likely to fully recover once already infected
Outcome Paralysis of assets once infected
Control measures
Detective controls
The identification of traffic flow deviations that may signal the buildup of a
DDoS assault. Effectiveness is measured by your ability to recognize an attack
as early as possible, with instantaneous detection being the ultimate goal.
Divertive controls
Traffic is rerouted away from its target, either to be filtered or completely
discarded.
Filtering
DDoS traffic discarded, by identification of patterns that immediately
differentiate between genuine traffic and malicious clients. Responsiveness is
key factor behind being able to block the attack in time.
Analysis
Security logs are reviewed to gather information about the attack, both to
identify the offender(s) and to improve future resilience. The process’s
effectiveness relies on the existence of detailed security logs that can offer
granular visibility into the attack traffic.
Preferred control
measure
Filtering - if conducted correctly can recover the system.
Implementation
Associated activities Resources
required
Person(s)
responsible Sign off and date
Configuring firewall policies on the fly Cisco ASA 5505 CISO name CISO signature
Date: 31.03.2019
REVIEW
Scheduled review date: 1 / 04 / 2019
Are the control measures in place?
No
Are the controls eliminating/minimising the risk?
No

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Are there any new problems with the risk?
Firewalls are present but, there is no defined role of the IT staff which can lead to ineffective handling of
situations

1 out of 2

+13062052269

info@desklib.com

Risk management plan – single risk Company name: MyHealth.

Contribute Materials

Secure Best Marks with AI Grader

Related Documents

Risk management plan – single risk Company name: MyHealth.

Risk management plan – single risk Company name: MyHealth.

Assignment on Risks and Risk Management

Network Threats: Understanding Internal and External Threats