Risk Management in IT Sector
Added on 2023-04-07
13 Pages2155 Words446 Views
Running head:RISK MANAGEMENT
RISK MANAGEMENT
Name of student
Name of university
Author’s note:
RISK MANAGEMENT
Name of student
Name of university
Author’s note:
1
RISK MANAGEMENT
Table of Contents
Introduction....................................................................................................................2
Discussion......................................................................................................................2
Vulnerabilities............................................................................................................2
Threats faced by the organisation..............................................................................3
Assets of the organisation..........................................................................................4
Weighted factor analysis............................................................................................5
Risk register...............................................................................................................6
Risk control strategy..................................................................................................8
Conclusion..................................................................................................................9
Bibliography.................................................................................................................11
RISK MANAGEMENT
Table of Contents
Introduction....................................................................................................................2
Discussion......................................................................................................................2
Vulnerabilities............................................................................................................2
Threats faced by the organisation..............................................................................3
Assets of the organisation..........................................................................................4
Weighted factor analysis............................................................................................5
Risk register...............................................................................................................6
Risk control strategy..................................................................................................8
Conclusion..................................................................................................................9
Bibliography.................................................................................................................11
2
RISK MANAGEMENT
Introduction
This report aims to discuss the prospects of risk management of ABC organisation in
the IT sector.A brief discussion of the vulnerabilities of the organisation isdiscussed in this
report with a detailed explanation of the vulnerabilities. The threats that are faced by the
organisation are briefly stated in this report. A brief discussion of the assets of the
organisation is provided in this report. A risk register is provided in this report. A brief
discussion of the risk control strategy for the identified risks is provided in this report. Lastly,
this report concludes with an appropriate conclusion for the report.
Discussion
Vulnerabilities
The organisations in the IT sector face several vulnerabilities in working. Some of the
common vulnerabilities are:
SQL injections: This is critical for the operations of the organisation,and the cyber
attackers could exploit this for their own advantage. The penetration testing for the SQL
breaches are significantly imperative (Aven and Zio 2014). As most of the web developers in
the present business situations confounded by the idea of how the cyber attackers manage the
exploitation and the tampering of the SQL for their own advantage, this is the most
significant vulnerability for the organisation.
Vulnerabilities due to the reuse of the passwords: the reusing of the passwords could
create vulnerability in the computing system of the organisation. It might lead to the exposure
of the passwords of any individual to any unauthorised user who could exploit these
passwords and gain sensitive information from the database of the organisation.
RISK MANAGEMENT
Introduction
This report aims to discuss the prospects of risk management of ABC organisation in
the IT sector.A brief discussion of the vulnerabilities of the organisation isdiscussed in this
report with a detailed explanation of the vulnerabilities. The threats that are faced by the
organisation are briefly stated in this report. A brief discussion of the assets of the
organisation is provided in this report. A risk register is provided in this report. A brief
discussion of the risk control strategy for the identified risks is provided in this report. Lastly,
this report concludes with an appropriate conclusion for the report.
Discussion
Vulnerabilities
The organisations in the IT sector face several vulnerabilities in working. Some of the
common vulnerabilities are:
SQL injections: This is critical for the operations of the organisation,and the cyber
attackers could exploit this for their own advantage. The penetration testing for the SQL
breaches are significantly imperative (Aven and Zio 2014). As most of the web developers in
the present business situations confounded by the idea of how the cyber attackers manage the
exploitation and the tampering of the SQL for their own advantage, this is the most
significant vulnerability for the organisation.
Vulnerabilities due to the reuse of the passwords: the reusing of the passwords could
create vulnerability in the computing system of the organisation. It might lead to the exposure
of the passwords of any individual to any unauthorised user who could exploit these
passwords and gain sensitive information from the database of the organisation.
3
RISK MANAGEMENT
Outdated patches: The hackers fishes around the computing systems in the ongoing
quest for the outdated patches (Aven 2016). This vulnerability is faced when the employees
and the employers of the organisation do not update the patches upon release.
Custom crafted URL queries and the misconfigured settings of the servers: The
vulnerability caused due to this reason is very difficult to intercept,but it could be discovered
using the constant pen tests in the servers.
Developed software and in-house designing: There could be significant vulnerability
due to the development of personalised applications and software by the organisation. It
could contain any kind of bugs and gateways that could be exploited by the cyber attackers
(Bessis 2015).
Threats faced by the organisation
Technology with weaker security:modern technology is being provided to common
people almost everyday. The new gadgets that are utilised by the organisation might comprise
of bugs and malware gateways that could be exploited by the cyber attackers.
Social media attacks: In recent times, social media is extensively exploited for
executing cyber attacks (Bromiley et al. 2015). The social media websites are used for
increasing the traffic on the websites that could damage the mainwebsites of the organisation.
The competitive organisation might attempt to damage the reputation of the organisation by
posting several bad things on the social media platform.
Cyber criminals: According to a recent survey, there have been almost one attack in
the IT organisations in the recent times (Chance and Brooks 2015). It leads to the utilisation
of the resources of the organisation by any unauthorised user. The programmers who are the
cyber criminals might write the codes for exploiting the vulnerabilities of the systems of the
organisations. The distributors might attempt to distribute,andsell the stolen data along with
RISK MANAGEMENT
Outdated patches: The hackers fishes around the computing systems in the ongoing
quest for the outdated patches (Aven 2016). This vulnerability is faced when the employees
and the employers of the organisation do not update the patches upon release.
Custom crafted URL queries and the misconfigured settings of the servers: The
vulnerability caused due to this reason is very difficult to intercept,but it could be discovered
using the constant pen tests in the servers.
Developed software and in-house designing: There could be significant vulnerability
due to the development of personalised applications and software by the organisation. It
could contain any kind of bugs and gateways that could be exploited by the cyber attackers
(Bessis 2015).
Threats faced by the organisation
Technology with weaker security:modern technology is being provided to common
people almost everyday. The new gadgets that are utilised by the organisation might comprise
of bugs and malware gateways that could be exploited by the cyber attackers.
Social media attacks: In recent times, social media is extensively exploited for
executing cyber attacks (Bromiley et al. 2015). The social media websites are used for
increasing the traffic on the websites that could damage the mainwebsites of the organisation.
The competitive organisation might attempt to damage the reputation of the organisation by
posting several bad things on the social media platform.
Cyber criminals: According to a recent survey, there have been almost one attack in
the IT organisations in the recent times (Chance and Brooks 2015). It leads to the utilisation
of the resources of the organisation by any unauthorised user. The programmers who are the
cyber criminals might write the codes for exploiting the vulnerabilities of the systems of the
organisations. The distributors might attempt to distribute,andsell the stolen data along with
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Cyber Security Prevention and Detectionlg...
|9
|1711
|42
Internet Security Threatlg...
|4
|721
|361
Summary of Attack | Computer and Network Securitylg...
|7
|1353
|29
CS 255 - Cryptography - Data Securitylg...
|6
|738
|148
Assignment | Cyber Securitylg...
|23
|2174
|14
Cyber Security Management Framework for PeopleSharzlg...
|10
|3873
|488