Cybersecurity Risk Assessment and Threat Landscape Analysis Report

Verified

Added on 2022/10/01

AI Summary

This report delves into the crucial domain of cybersecurity risk assessment, emphasizing its significance in safeguarding organizational assets. It begins by highlighting the importance of risk assessment and the current limitations of existing methods. The report then transitions to identifying critical information assets through targeted questions and the use of a WFA template to rank assets based on their criticality. Furthermore, it analyzes the threat landscape, focusing on various cyber threats like viruses, worms, malware, spyware, and ransomware, and their potential impact on organizational assets. The assessment of vulnerabilities, particularly concerning data confidentiality, integrity, and availability, is discussed, along with the vulnerabilities of datacenters and databases. The conclusion underscores the need for cybersecurity experts to evaluate these threats and provide solutions to protect sensitive information and organizational credentials.

Running head: ASSESSMENT OF RISKS
RISK ASSESSMENT IN CYBER SECURITY
[Enter Name of the Student:]
[Enter Name of the University:]
[Author Note:]

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1ASSESSMENT OF RISKS
EXECUTIVE SUMMARY
The below report emphasises on the risk assessment in cyber security and how various
organizations are vulnerable to the attacks of the intruders and how the data and other credentials
can be maintained and secured from such attacks and threats.

2ASSESSMENT OF RISKS
Table of Contents
Discussion........................................................................................................................................3
Importance of Risk Assessment...................................................................................................3
Risk assessment.......................................................................................................................3
Risk assessment in cyber security............................................................................................3
Difficulties in risk assessment.................................................................................................3
Effects on decision making......................................................................................................4
Identification of critical assets.....................................................................................................4
Critical asset information.........................................................................................................4
WFA template..........................................................................................................................4
Identification of threats................................................................................................................5
Assessment of threats..................................................................................................................6
Vulnerabilities..........................................................................................................................6
Conclusion.......................................................................................................................................6
References........................................................................................................................................8

3ASSESSMENT OF RISKS
Discussion
Importance of Risk Assessment
Risk assessment
The assessment of risks have become an important aspect in these sectors. The cyber
security risk assessment has become important due to the use of services over the internet and
various processes are used in order to assess the risks. The risk assessment can be described as
the process of identifying various risks and other risk factors which can cause potential harm in
any organization and also to analyze such risks and provide appropriate solutions to those risks
or problems.
Risk assessment in cyber security
The risks in cyber security are generally associated with the assets of a company and this
report states the risks such as security threats and incidents that are associated and also identifies
the vulnerabilities of the assets. The process of risk assessment is also associated with the results
of the identification of threats and also the severity of the risks is also considered. The risk
assessment in cyber security is the assessments of threats related to the information assets of a
company.
Difficulties in risk assessment
An estimation and evaluation of the risks are done and appropriate measures are taken to
resolve the threats. In the risk assessment process of cyber security the identification of the risks
in case of complex attacks or threats is difficult to obtain as complex cyber-attacks can occur
anytime and it is difficult to obtain the risk assessment beforehand. The results of such risk

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4ASSESSMENT OF RISKS
assessments can be used to manage cyber security in many organizations as the risk assessment
reveals the vulnerabilities of the assets of an organization and the concerned authorities can
upgrade or fix them prior to the attacks (Refsdal, Solhaug and Stølen 2015).
Effects on decision making
Therefore the results of the risk assessment can be used to manage and develop the cyber
security of an organization and the results also effect the decision making process in a company
as because the results may predict any concern which might change the decisions taken by the
supervisors and managers.
Identification of critical assets
Critical asset information
The critical assets of an organization can be defined as the various information assets
which are managed and organized into a single entity. The information assets of a company has
significant amount of financial value and this value increases with the increase in the number of
people accessing the information. The identification of the critical assets of a company includes
financial data, copyrights and other sales information and scientific research. Along with risk
assessment many other methods can be used to identify the critical assets of a company (Hughes
and Cybenko 2013). The important data and credentials of the company that effects the company
are termed as critical.
Identification of threats
The threats that are related to the cyber security consists of software attacks which affect
the security of a company and such threats can be avoided if they are identified well in advance
and necessary steps should also be taken. Such threats consists of mainly virus, worms and

5ASSESSMENT OF RISKS
various malware devices which causes the threats. The cyber security officer or department is
mainly responsible for the identification of such threats and such individuals are responsible for
the amendment of the threats caused. Various viruses and worms are associated with the threats
and they are sometimes self-replicating in nature which makes them more harmful for the
organizations (Rausand 2013). The most common threats that effect the private and government
organizations, denies the service of the company to its clients and thus effects the overall
structure of the company. The spyware and ransom ware are also two such threats identified
from various research articles that has affected the government and private sectors across the
globe. These attacks also stops the service of the companies until some ransom or similar things
are not given to the attackers .These hazards and attacks have an immense effect in the
organizational structure and the working mechanism of these threats are basically over the
internet. The malicious worms are distributed via various websites and email services and when
downloaded from the individual computers effects the computer and can also spread into various
other networks without the intervention of humans.
WFA template
The WFA template to rank the assets of a company according to the criticality can be
done by the below mentioned template –
Assets Ranks

6ASSESSMENT OF RISKS
Assessment of threats
Vulnerabilities
The threats that are imposed over the internet in various companies directly impacts the
assets of a company as because these assets possesses many vulnerabilities or weaknesses. Many
security models and process are associated with the identification of such threats however, the
confidentiality, availability and integrity of the assets make the entire system vulnerable to such
attacks. The risk of cyber-attacks by worms and malwares can affect the database asset of the
company and thus can also directly affect the clients and employees. The attacks by spyware and
ransom ware is also an important aspect in terms of asset vulnerability and thus the hardware and
software assets of the company can be affected. The malicious softwares that are spread via
internet or email service also affects the asset of the company. The potential vulnerabilities
include confidentiality of the asset which include highly confidential data of the clients and the
organizations that are available easily to the attackers. The most affected part in an organization
is the datacenters and databases of the organization as because sometimes the integrity of such
data is not maintained which makes it vulnerable to the attacks (Meszaros and Buchalcevova
2017). The weakness of assets include availability of the data to the clients as because the data
are often exposed to the clients and as a result the datacenters often get attacked by intruders.
Thus the attacks and threats that are associated with the critical assets of an organization are
mainly because of many vulnerabilities in the organization and such threats can be avoided by
the cyber security experts on basis of various researches.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7ASSESSMENT OF RISKS
Ranks of the threats
1. Ransom ware
2. Spyware
3. Virus and worms
4. Malware software spread via internet
5. Malwares which affect the hardware infrastructure
Conclusion
The risks in cyber security are generally associated with the assets of a company and this
report states the risks such as security threats and incidents that are associated and also identifies
the vulnerabilities of the assets. According to the above discussed risk assessment and cyber
security risks that are associated with an organization, many weakness and vulnerabilities can be
stated and the credentials of the clients are exposed to such threats and attacks. Thus it can be
concluded that a cyber-security expert is the one who needs to assess such threats and provide
some solution or assessment to the organizations in order to protect the company and the client’s
important credentials.

8ASSESSMENT OF RISKS
References
Hughes, J. and Cybenko, G., 2013. Quantitative metrics and risk assessment: The three tenets
model of cybersecurity. Technology Innovation Management Review, 3(8).
Meszaros, J. and Buchalcevova, A., 2017. Introducing OSSF: A framework for online service
cybersecurity risk management. computers & security, 65, pp.300-313.
Rausand, M., 2013. Risk assessment: theory, methods, and applications (Vol. 115). John Wiley
& Sons.
Refsdal, A., Solhaug, B. and Stølen, K., 2015. Cyber-risk management. In Cyber-Risk
Management (pp. 33-47). Springer, Cham.