Security and Risk Management
Added on 2023-01-18
22 Pages4725 Words55 Views
Running head: SECURITY AND RISK MANAGEMENT
Security and Risk Management
Name of the student:
Name of the university
Author note:
Security and Risk Management
Name of the student:
Name of the university
Author note:
1SECURITY AND RISK MANAGEMENT
Abstract
The following report is prepared so as to point out the importance of Cyber security risk
analysis for every business field. The report presents a brief description of the cyber security
analysis procedure and following that, the cyber security risk assessment is prepared based on
three different scenarios. For each and every scenario, the respected cyber security threats are
identified and their impacts are analyzed and rated depending in its likelihood and value.
Abstract
The following report is prepared so as to point out the importance of Cyber security risk
analysis for every business field. The report presents a brief description of the cyber security
analysis procedure and following that, the cyber security risk assessment is prepared based on
three different scenarios. For each and every scenario, the respected cyber security threats are
identified and their impacts are analyzed and rated depending in its likelihood and value.
2SECURITY AND RISK MANAGEMENT
Table of Contents
Introduction:...............................................................................................................................3
Discussion:.................................................................................................................................4
Cyber security analysis for-.......................................................................................................4
Scenario 1: Cyber Security Risk Assessment for Commonwealth Bank...............................4
Scenario 2: Cyber Security Risk Assessment for Target Australia........................................9
Scenario 3: Cyber Security Risk Assessment for ABC organisation:..................................14
Conclusion:..............................................................................................................................18
References:...............................................................................................................................19
Table of Contents
Introduction:...............................................................................................................................3
Discussion:.................................................................................................................................4
Cyber security analysis for-.......................................................................................................4
Scenario 1: Cyber Security Risk Assessment for Commonwealth Bank...............................4
Scenario 2: Cyber Security Risk Assessment for Target Australia........................................9
Scenario 3: Cyber Security Risk Assessment for ABC organisation:..................................14
Conclusion:..............................................................................................................................18
References:...............................................................................................................................19
3SECURITY AND RISK MANAGEMENT
Introduction:
Cyber space is defined as the interconnected world of digital technology. Cyberspace
is often used by security professionals, in the military fields and by technology strategists in
order to describe the global domain of technology. Cyber space forms the heart of our
modern technology-based society and has its impact on almost all parts of our lives including
service centers and business fields. As almost all parts of our modern life are connected with
the cyberspace hence the growing threat with it is also increasing. Any threat in cyber space
affects both the private and public sector of the society. The increased threat in the cyber
space allows some black hat people to use the cyber space for malicious activity, exploiting
the operational activity of the computer networks that area used in the cyber space. With the
increased amount of cyber risks in modern organisation, the information assets of every
organisation are at the verge of cyber risks (Ali and Awad 2018). The different types of cyber
threats that are emerging as a result of it includes phishing, Ransomware attacks, crypto
jacking, cyber physical attacks, state sponsored attacks, IoT attacks and third-party attacks
(Nurse, Creese and De Roure 2017). Most of the employees within organisations are unaware
of the different cyber space threats and cyber risks that are often taking up major of the
credential information from the organization’s database (Sadgrove 2016). As a result of the
potential cyber risks in organization’s information assets, cyber attackers are enabled with
stealing user logins, personal financial information and many more (Latif et al. 2014) Thus,
for all these reasons it is necessary that organisations should take up and implement cyber
security risk assessment with in their organizational system in order to plan, develop and
finally implement effective measures to secure the information assets of the organisation
from the potential cyber threats (Shameli-Sendi, Aghababaei-Barzegar and Cheriet 2016.). In
this respect, organisations besides implementing a proper cyber risk assessment, should also
follow the cyber security principles to safeguard the information assets (Fenz et al. 2014).
Introduction:
Cyber space is defined as the interconnected world of digital technology. Cyberspace
is often used by security professionals, in the military fields and by technology strategists in
order to describe the global domain of technology. Cyber space forms the heart of our
modern technology-based society and has its impact on almost all parts of our lives including
service centers and business fields. As almost all parts of our modern life are connected with
the cyberspace hence the growing threat with it is also increasing. Any threat in cyber space
affects both the private and public sector of the society. The increased threat in the cyber
space allows some black hat people to use the cyber space for malicious activity, exploiting
the operational activity of the computer networks that area used in the cyber space. With the
increased amount of cyber risks in modern organisation, the information assets of every
organisation are at the verge of cyber risks (Ali and Awad 2018). The different types of cyber
threats that are emerging as a result of it includes phishing, Ransomware attacks, crypto
jacking, cyber physical attacks, state sponsored attacks, IoT attacks and third-party attacks
(Nurse, Creese and De Roure 2017). Most of the employees within organisations are unaware
of the different cyber space threats and cyber risks that are often taking up major of the
credential information from the organization’s database (Sadgrove 2016). As a result of the
potential cyber risks in organization’s information assets, cyber attackers are enabled with
stealing user logins, personal financial information and many more (Latif et al. 2014) Thus,
for all these reasons it is necessary that organisations should take up and implement cyber
security risk assessment with in their organizational system in order to plan, develop and
finally implement effective measures to secure the information assets of the organisation
from the potential cyber threats (Shameli-Sendi, Aghababaei-Barzegar and Cheriet 2016.). In
this respect, organisations besides implementing a proper cyber risk assessment, should also
follow the cyber security principles to safeguard the information assets (Fenz et al. 2014).
4SECURITY AND RISK MANAGEMENT
The three security objectives of information security principles include confidentiality,
Integrity and Availability (Soomro, Shah and Ahmed 2016). Implementation of Cyber
Security principles in organisation helps in identifying the security issues before hackers can
get hold of it and use it for the purpose of hacking and stealing information for the company’s
datacenter (McIlwraith 2016). This report is prepared so as to highlight the importance of
implementing a response plan towards inevitable cyber threats and the application of cyber
security principals to the real world organisations.
Discussion:
Performing the cyber security risk assessment is an important part of any
organization’s information security management (Ahmad, Maynard and Park 2014). In every
organisation, there are some level of security risks that are present for which the critical data
sets of the information assets are at the risk of cyber issues (Farooq et al. 2015). For this
reason, organisations need to prepare a cyber risk assessment report so as to address the
security risks and to protect the information assets of the organisation.
Cyber security analysis for-
Scenario 1: Cyber Security Risk Assessment for Commonwealth Bank
Characterization of the system:
Commonwealth bank is one of the important and well-known banks in Australia, with
its wide spreading business across united states, United Kingdom and New Zealand. It was
founded in the year 1911 as a government bank and I the year 1991 as a public company. It
has its headquarters at Darling Harbor, Sydney, Australia. The Commonwealth Bank has
about 1,100+ branches with about 4300+ ATM services worldwide. Its total assets range to
about A$933.078 billion.
The three security objectives of information security principles include confidentiality,
Integrity and Availability (Soomro, Shah and Ahmed 2016). Implementation of Cyber
Security principles in organisation helps in identifying the security issues before hackers can
get hold of it and use it for the purpose of hacking and stealing information for the company’s
datacenter (McIlwraith 2016). This report is prepared so as to highlight the importance of
implementing a response plan towards inevitable cyber threats and the application of cyber
security principals to the real world organisations.
Discussion:
Performing the cyber security risk assessment is an important part of any
organization’s information security management (Ahmad, Maynard and Park 2014). In every
organisation, there are some level of security risks that are present for which the critical data
sets of the information assets are at the risk of cyber issues (Farooq et al. 2015). For this
reason, organisations need to prepare a cyber risk assessment report so as to address the
security risks and to protect the information assets of the organisation.
Cyber security analysis for-
Scenario 1: Cyber Security Risk Assessment for Commonwealth Bank
Characterization of the system:
Commonwealth bank is one of the important and well-known banks in Australia, with
its wide spreading business across united states, United Kingdom and New Zealand. It was
founded in the year 1911 as a government bank and I the year 1991 as a public company. It
has its headquarters at Darling Harbor, Sydney, Australia. The Commonwealth Bank has
about 1,100+ branches with about 4300+ ATM services worldwide. Its total assets range to
about A$933.078 billion.
5SECURITY AND RISK MANAGEMENT
Data contained in it:
The common wealth bank facilitates a wide variety of services such as financial
services in the field of business, retail, institutional banking and areas involving funds
management.
Vendors of the bank:
The vendors who were utilized under the Commonwealth Bank in Australia includes-
Workday a leading cloud service provider, Algosec- a well-known service provider to
manage the security in business process and many more. Over and about 20 million of
customers uses the services provided by the Commonwealth bank of Australia.
Data access method:
The Common wealth bank of Australia uses the open data access method in order to
access its data sets. Customers are provided with full right to access their data. Like all other
banking systems, the data flow procedure of the common wealth bank is similar.
Data storage method:
All the information that get transferred within the system of the Common wealth
bank related to transfer of money or account details of customers are stored in a huge data
center that is owned by the organisation.
Threats that are faced in the organisation:
It has been reported that the data center of the Common wealth bank of Australia, recently
faced some threats at their data center where the majority of the information of the
organisation gets stored (Jouini, Rabai and Aiss 2014). The different types of risks that gets
associated with data centers of any organization includes-
Data contained in it:
The common wealth bank facilitates a wide variety of services such as financial
services in the field of business, retail, institutional banking and areas involving funds
management.
Vendors of the bank:
The vendors who were utilized under the Commonwealth Bank in Australia includes-
Workday a leading cloud service provider, Algosec- a well-known service provider to
manage the security in business process and many more. Over and about 20 million of
customers uses the services provided by the Commonwealth bank of Australia.
Data access method:
The Common wealth bank of Australia uses the open data access method in order to
access its data sets. Customers are provided with full right to access their data. Like all other
banking systems, the data flow procedure of the common wealth bank is similar.
Data storage method:
All the information that get transferred within the system of the Common wealth
bank related to transfer of money or account details of customers are stored in a huge data
center that is owned by the organisation.
Threats that are faced in the organisation:
It has been reported that the data center of the Common wealth bank of Australia, recently
faced some threats at their data center where the majority of the information of the
organisation gets stored (Jouini, Rabai and Aiss 2014). The different types of risks that gets
associated with data centers of any organization includes-
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Cyber Security Risk Assessmentlg...
|32
|3158
|92
EU CYBER-SECURITY POLICIES REPORT 2022lg...
|16
|4030
|13
Information Security and Managementlg...
|13
|3312
|278
Big Data Analytics and Cyber Security: An Overviewlg...
|5
|1514
|180
IT Security Risks and Risk Mitigation Approaches : Reportlg...
|7
|2906
|188
Cyber Security Countermeasureslg...
|13
|3136
|67