Cyber Security Report: Risk Assessment and Threats
VerifiedAdded on 2022/09/22
|10
|2116
|38
Report
AI Summary
This report addresses cyber security concerns, focusing on risk assessment as a critical step in developing and managing cyber security within an organization, such as SCU. It identifies limitations in current risk assessment methods and emphasizes the identification of critical information assets. The report includes a template for ranking assets and analyzes the threat landscape, particularly for websites, highlighting threats like ransomware, denial-of-service attacks, and outdated security policies. It also provides a risk assessment template and discusses various threats, including their potential impact on the organization. The report concludes with a discussion on the importance of data backup and security measures to mitigate cyber threats. This report is a comprehensive analysis of cyber security challenges and solutions.

Running head: CYBER SECURITY
CYBER SECURITY
Name of the Student
Name of the Organization
Author Note
CYBER SECURITY
Name of the Student
Name of the Organization
Author Note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1
CYBER SECURITY
Table of Contents
Huge importance of the risk assessment....................................................................................2
Identification of the Critical asset..............................................................................................3
Template.....................................................................................................................................4
Identification of all the Threats..................................................................................................5
Threat Landscape for the Website..............................................................................................6
References..................................................................................................................................7
CYBER SECURITY
Table of Contents
Huge importance of the risk assessment....................................................................................2
Identification of the Critical asset..............................................................................................3
Template.....................................................................................................................................4
Identification of all the Threats..................................................................................................5
Threat Landscape for the Website..............................................................................................6
References..................................................................................................................................7

2
CYBER SECURITY
Huge importance of the risk assessment
Risk assessment is basically a specific term which is seen to have been used for the
purpose of describing the total or rather the entire process or even the particular method
where all the various hazards as well as risk factors are easily identified which basically
possess the great strength of causing damage or harm (Arachchilage and Love 2014). It can
be well said that the particular assessment of the cyber security is mainly a process of
identification, evaluation and the proper analysis of the risk.
This is thought of to be the only possible way of making sure that various cyber
security controls, which will be actually opted, must be very appropriate to all the various
kinds of risks, which the institute of education of SCU may be facing. An assessment of the
risk of the cyber security will be capable of proper identification of the different assets of data
and information that will be greatly affected by a specific type of dangerous cyber-attacks
like that of various systems of computer, student’s data or information and hardware as well
(Conteh and Schmick 2016). It becomes a slight tougher in providing an appropriate training
to the entire team that will be actually handling all the various activities associated with risk
or the risk assessment.
The evaluation of the various kinds of risks and the estimation as well are considered
to be very much important to be performed very much nicely that will be actually followed
by the particular procedure of the selection of various controls for the treatment of all the
various risks which are to be ultimately identified (Hartmann and Steup 2013). It is very
much important to review and properly monitor the particular environment of the institute of
education of SCU which remains concerned regarding all the different kinds of risks for the
detection of various kinds of changes or alternations inside the organization and also for the
proper maintenance of the overview of the total process of the risk management.
CYBER SECURITY
Huge importance of the risk assessment
Risk assessment is basically a specific term which is seen to have been used for the
purpose of describing the total or rather the entire process or even the particular method
where all the various hazards as well as risk factors are easily identified which basically
possess the great strength of causing damage or harm (Arachchilage and Love 2014). It can
be well said that the particular assessment of the cyber security is mainly a process of
identification, evaluation and the proper analysis of the risk.
This is thought of to be the only possible way of making sure that various cyber
security controls, which will be actually opted, must be very appropriate to all the various
kinds of risks, which the institute of education of SCU may be facing. An assessment of the
risk of the cyber security will be capable of proper identification of the different assets of data
and information that will be greatly affected by a specific type of dangerous cyber-attacks
like that of various systems of computer, student’s data or information and hardware as well
(Conteh and Schmick 2016). It becomes a slight tougher in providing an appropriate training
to the entire team that will be actually handling all the various activities associated with risk
or the risk assessment.
The evaluation of the various kinds of risks and the estimation as well are considered
to be very much important to be performed very much nicely that will be actually followed
by the particular procedure of the selection of various controls for the treatment of all the
various risks which are to be ultimately identified (Hartmann and Steup 2013). It is very
much important to review and properly monitor the particular environment of the institute of
education of SCU which remains concerned regarding all the different kinds of risks for the
detection of various kinds of changes or alternations inside the organization and also for the
proper maintenance of the overview of the total process of the risk management.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.

Trusted by 1+ million students worldwide

3
CYBER SECURITY
One things must be remembered that the particular feasibility of the use of the risk
assessment actually acts like an appropriate aid to the specific process of the making of
various decisions.
Identification of the Critical asset
An information asset is basically a particular knowledge body that is to be well
managed and organized as one single unit. It can be properly managed as a particular unit in
such a way that it becomes very much well understandable, shared as well as secured. It is
also to be known that all the various assets of the information will be possessing the
particular value that will be well manageable (Shamala, Ahmad and Yusoff 2013). It can also
be well said that all the various assets of information are basically those specific assets of the
entire University of SCU that is known to be actually possessing the financial value and some
other kinds of value as well.
That some kinds of value may be involving the specific types of assets which will be
totally physical. Therefore, it is really very much important to properly identify them
wherever all of them will be kept and who will be actually totally responsible for all of those.
It is to be well remembered that the University of SCU as a whole must be developing a
proper kind of register of the information asset for providing help both for the purpose of
tracking and the management of the various assets of information.
Asset of information is actually considered to be highly critical because the University
of SCU has to possess a particular database, a proper collection of a huge number of contracts
and agreements or rather some of the samples of the researches in a careful manner
(Cherdantseva et al. 2016). It has to be kept in mind that the maintenance will be very much
important but very much tough at the same time. Therefore, the Register of the asset of
Information is really very much essential.
CYBER SECURITY
One things must be remembered that the particular feasibility of the use of the risk
assessment actually acts like an appropriate aid to the specific process of the making of
various decisions.
Identification of the Critical asset
An information asset is basically a particular knowledge body that is to be well
managed and organized as one single unit. It can be properly managed as a particular unit in
such a way that it becomes very much well understandable, shared as well as secured. It is
also to be known that all the various assets of the information will be possessing the
particular value that will be well manageable (Shamala, Ahmad and Yusoff 2013). It can also
be well said that all the various assets of information are basically those specific assets of the
entire University of SCU that is known to be actually possessing the financial value and some
other kinds of value as well.
That some kinds of value may be involving the specific types of assets which will be
totally physical. Therefore, it is really very much important to properly identify them
wherever all of them will be kept and who will be actually totally responsible for all of those.
It is to be well remembered that the University of SCU as a whole must be developing a
proper kind of register of the information asset for providing help both for the purpose of
tracking and the management of the various assets of information.
Asset of information is actually considered to be highly critical because the University
of SCU has to possess a particular database, a proper collection of a huge number of contracts
and agreements or rather some of the samples of the researches in a careful manner
(Cherdantseva et al. 2016). It has to be kept in mind that the maintenance will be very much
important but very much tough at the same time. Therefore, the Register of the asset of
Information is really very much essential.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4
CYBER SECURITY
There are some of the questions for the identification of all the various assets which
are greatly critical within the organization of education of SCU. Some of them are as follows:
What are all the various types of risks which will be associated with the inaccurate
information?
Does the information will be possessing a specific kind of lifecycle which will be
easily manageable?
Will be information asset be possessing a kind of special value to that of the SCU?
Will the information asset be costing a huge amount of money for the information
requiring?
What will be the kind of effect on the efficiency of the operation if somebody will not
be able to access the information very much easily?
Template
Information Asset Rank Description
Information regarding all the
details of the student
1
Information about both
teaching and learning
2
Specific information
regarding any kind of
research
3
Required information of the
facility management
4
Needed information
regarding the particular
5
CYBER SECURITY
There are some of the questions for the identification of all the various assets which
are greatly critical within the organization of education of SCU. Some of them are as follows:
What are all the various types of risks which will be associated with the inaccurate
information?
Does the information will be possessing a specific kind of lifecycle which will be
easily manageable?
Will be information asset be possessing a kind of special value to that of the SCU?
Will the information asset be costing a huge amount of money for the information
requiring?
What will be the kind of effect on the efficiency of the operation if somebody will not
be able to access the information very much easily?
Template
Information Asset Rank Description
Information regarding all the
details of the student
1
Information about both
teaching and learning
2
Specific information
regarding any kind of
research
3
Required information of the
facility management
4
Needed information
regarding the particular
5

5
CYBER SECURITY
management of finance
Various kinds of
information regarding
strategic intelligence and
also regarding reporting
6
Information regarding policy
or rather governance
7
Alumni and engagement 8
Identification of all the Threats
There are a various kinds of threats to that of the specific information of the
organization of education of SCU which will be actually including some of the types of
various attacks on software or even some types of malware as well (Love et al. 2014). It has
been observed that above all others, the five threats which can be really very much dangerous
for the entire educational organization of SCU will be actually including the ransomware,
attacks of denial of service, huge lack of proper security controls and various policies of
security which are fully outdated.
All the various threats can be easily considered to be something which can be very
highly beneficial of a specific kind of vulnerability for specifically the security breaching and
altering of any kind of objet in a fully negative manner. It has been well observed that the
specific kind of threats which are actually considered to be very much harmful for the entire
organization of SCU are as follows:
Security threats Rank depending upon the impact
Outdated policies of security 5
CYBER SECURITY
management of finance
Various kinds of
information regarding
strategic intelligence and
also regarding reporting
6
Information regarding policy
or rather governance
7
Alumni and engagement 8
Identification of all the Threats
There are a various kinds of threats to that of the specific information of the
organization of education of SCU which will be actually including some of the types of
various attacks on software or even some types of malware as well (Love et al. 2014). It has
been observed that above all others, the five threats which can be really very much dangerous
for the entire educational organization of SCU will be actually including the ransomware,
attacks of denial of service, huge lack of proper security controls and various policies of
security which are fully outdated.
All the various threats can be easily considered to be something which can be very
highly beneficial of a specific kind of vulnerability for specifically the security breaching and
altering of any kind of objet in a fully negative manner. It has been well observed that the
specific kind of threats which are actually considered to be very much harmful for the entire
organization of SCU are as follows:
Security threats Rank depending upon the impact
Outdated policies of security 5
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.

Trusted by 1+ million students worldwide

6
CYBER SECURITY
Attacks of denial of service 1
Phishing 3
Lack of appropriate controls of security 4
Ransomware 2
Threat Landscape for the Website
The outcome of a generalised survey that has been performed on the official websites
of the educational institute of SCU, is that in majority of the cases, the websites employed by
the educational institute of SCU for the purpose of educating the students about the required
criterions and testimonials, are simplified and user friendly (Öğütçü, Testik and
Chouseinoglou 2016). It is a well-known fact that the malicious software like ransom ware
disperses over from system to system through the malicious attachments linked with the
emails and sent to the official email id of the concerned organization of SCU. For the purpose
of safeguarding the educational institute of SCU from being compromised, there is the utter
necessity to render tight protection to the website of it.
Cyber security is a pre-requisite for the educational institute of SCU, fetching the
purpose of safeguarding the necessary credentials. Ransom ware attack not only deforms the
infrastructure of the system, this also compels the organization to retain back the
authorization of the website in lieu of bulk of capital demanded as a ransom (Peltier 2016).
Often the attack facilitated via the propagation through email, incorporates the phishing
activities. In such a scenario, the attackers intend to gain access over the password and the
user id credentials required for the log in purpose and in due course of this entire procedure
becomes capable enough to alter the confidential information. They manipulate the same and
CYBER SECURITY
Attacks of denial of service 1
Phishing 3
Lack of appropriate controls of security 4
Ransomware 2
Threat Landscape for the Website
The outcome of a generalised survey that has been performed on the official websites
of the educational institute of SCU, is that in majority of the cases, the websites employed by
the educational institute of SCU for the purpose of educating the students about the required
criterions and testimonials, are simplified and user friendly (Öğütçü, Testik and
Chouseinoglou 2016). It is a well-known fact that the malicious software like ransom ware
disperses over from system to system through the malicious attachments linked with the
emails and sent to the official email id of the concerned organization of SCU. For the purpose
of safeguarding the educational institute of SCU from being compromised, there is the utter
necessity to render tight protection to the website of it.
Cyber security is a pre-requisite for the educational institute of SCU, fetching the
purpose of safeguarding the necessary credentials. Ransom ware attack not only deforms the
infrastructure of the system, this also compels the organization to retain back the
authorization of the website in lieu of bulk of capital demanded as a ransom (Peltier 2016).
Often the attack facilitated via the propagation through email, incorporates the phishing
activities. In such a scenario, the attackers intend to gain access over the password and the
user id credentials required for the log in purpose and in due course of this entire procedure
becomes capable enough to alter the confidential information. They manipulate the same and
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7
CYBER SECURITY
utilize the same business strategy for other organizations, thereby demolishing the business
strategy and the protocols of the compromised website of SCU.
The DoS attack has also gained potential ground in this scenario, possessing all the
necessary qualities pre-requisite for the accomplishment of the sole purpose of gaining
unauthorized access over the compromised website of SCU and thereby implementing the
credentials for the fulfilment of the business requirements of their own organizations, through
acquisition of the persisting policies and procedures. The ransom demanded in the case of a
DoS attack may be as high as up to 5 dollars.
The deficit of a proper security system for the purpose of safeguarding the
confidential information accounts for the vulnerability of the website of SCU and exposes the
system to external attacks by the cyber predators (Shamala, Ahmad and Yusoff 2013). Even
in some worse scenarios, the fulfilment of the demanded ransom also fails to regain the
authority over the compromised website of SCU owing to the fact that the decrypting code
will not be shared by the cyber attackers to the concerned organization of SCU.
For the security purpose, there should be the provision for the appropriate back up of
the confidential information of the organization of SCU that could be turned out to be useful
in the case of a cyber-attack. In this scenario, the data could be successfully backed up from
the back up file and hence even if the compromised data is tampered, the organization would
not be affected. Even, this would reduce the chance and probability of the provision of
rendering the denuded huge ransom to the cyber attackers to avail the decrypting code,
necessary for the purpose of decrypting the encrypted information. Hence, the provision for
the backup of the data is very crucial to mitigate the risks and threats imposed by the cyber-
attacks.
CYBER SECURITY
utilize the same business strategy for other organizations, thereby demolishing the business
strategy and the protocols of the compromised website of SCU.
The DoS attack has also gained potential ground in this scenario, possessing all the
necessary qualities pre-requisite for the accomplishment of the sole purpose of gaining
unauthorized access over the compromised website of SCU and thereby implementing the
credentials for the fulfilment of the business requirements of their own organizations, through
acquisition of the persisting policies and procedures. The ransom demanded in the case of a
DoS attack may be as high as up to 5 dollars.
The deficit of a proper security system for the purpose of safeguarding the
confidential information accounts for the vulnerability of the website of SCU and exposes the
system to external attacks by the cyber predators (Shamala, Ahmad and Yusoff 2013). Even
in some worse scenarios, the fulfilment of the demanded ransom also fails to regain the
authority over the compromised website of SCU owing to the fact that the decrypting code
will not be shared by the cyber attackers to the concerned organization of SCU.
For the security purpose, there should be the provision for the appropriate back up of
the confidential information of the organization of SCU that could be turned out to be useful
in the case of a cyber-attack. In this scenario, the data could be successfully backed up from
the back up file and hence even if the compromised data is tampered, the organization would
not be affected. Even, this would reduce the chance and probability of the provision of
rendering the denuded huge ransom to the cyber attackers to avail the decrypting code,
necessary for the purpose of decrypting the encrypted information. Hence, the provision for
the backup of the data is very crucial to mitigate the risks and threats imposed by the cyber-
attacks.

8
CYBER SECURITY
References
Arachchilage, N.A.G. and Love, S., 2014. Security awareness of computer users: A phishing
threat avoidance perspective. Computers in Human Behavior, 38, pp.304-312.
Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H. and Stoddart, K.,
2016. A review of cyber security risk assessment methods for SCADA systems. Computers
& security, 56, pp.1-27.
Conteh, N.Y. and Schmick, P.J., 2016. Cybersecurity: risks, vulnerabilities and
countermeasures to prevent social engineering attacks. International Journal of Advanced
Computer Research, 6(23), p.31.
Hartmann, K. and Steup, C., 2013, June. The vulnerability of UAVs to cyber attacks-An
approach to the risk assessment. In 2013 5th international conference on cyber conflict
(CYCON 2013) (pp. 1-23). IEEE.
Love, P.E., Matthews, J., Simpson, I., Hill, A. and Olatunji, O.A., 2014. A benefits
realization management building information modeling framework for asset
owners. Automation in construction, 37, pp.1-10.
Öğütçü, G., Testik, Ö.M. and Chouseinoglou, O., 2016. Analysis of personal information
security behavior and awareness. Computers & Security, 56, pp.83-93.
Peltier, T.R., 2016. Information Security Policies, Procedures, and Standards: guidelines for
effective information security management. Auerbach Publications.
Safa, N.S., Sookhak, M., Von Solms, R., Furnell, S., Ghani, N.A. and Herawan, T., 2015.
Information security conscious care behaviour formation in organizations. Computers &
Security, 53, pp.65-78.
CYBER SECURITY
References
Arachchilage, N.A.G. and Love, S., 2014. Security awareness of computer users: A phishing
threat avoidance perspective. Computers in Human Behavior, 38, pp.304-312.
Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H. and Stoddart, K.,
2016. A review of cyber security risk assessment methods for SCADA systems. Computers
& security, 56, pp.1-27.
Conteh, N.Y. and Schmick, P.J., 2016. Cybersecurity: risks, vulnerabilities and
countermeasures to prevent social engineering attacks. International Journal of Advanced
Computer Research, 6(23), p.31.
Hartmann, K. and Steup, C., 2013, June. The vulnerability of UAVs to cyber attacks-An
approach to the risk assessment. In 2013 5th international conference on cyber conflict
(CYCON 2013) (pp. 1-23). IEEE.
Love, P.E., Matthews, J., Simpson, I., Hill, A. and Olatunji, O.A., 2014. A benefits
realization management building information modeling framework for asset
owners. Automation in construction, 37, pp.1-10.
Öğütçü, G., Testik, Ö.M. and Chouseinoglou, O., 2016. Analysis of personal information
security behavior and awareness. Computers & Security, 56, pp.83-93.
Peltier, T.R., 2016. Information Security Policies, Procedures, and Standards: guidelines for
effective information security management. Auerbach Publications.
Safa, N.S., Sookhak, M., Von Solms, R., Furnell, S., Ghani, N.A. and Herawan, T., 2015.
Information security conscious care behaviour formation in organizations. Computers &
Security, 53, pp.65-78.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.

Trusted by 1+ million students worldwide

9
CYBER SECURITY
Shamala, P., Ahmad, R. and Yusoff, M., 2013. A conceptual framework of info structure for
information security risk assessment (ISRA). Journal of Information Security and
Applications, 18(1), pp.45-52.
CYBER SECURITY
Shamala, P., Ahmad, R. and Yusoff, M., 2013. A conceptual framework of info structure for
information security risk assessment (ISRA). Journal of Information Security and
Applications, 18(1), pp.45-52.
1 out of 10
Related Documents

Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.