ITC596: IT Risk Management Assessment of Cyber Security System
VerifiedAdded on 2024/07/01
|22
|6864
|181
Report
AI Summary
This report presents an IT risk assessment conducted for Gigantic Corporation's cyber security system. It translates technical risks into business language to facilitate decision-making, addressing the interface between technical experts and stakeholders. The assessment covers risk management policies, procedures, and the overview of technology associated with the cyber security project. It describes the purpose, scope, and potential risks, threats, and vulnerabilities of the system. The report includes a detailed risk assessment based on threats, vulnerabilities, and consequences, identifying key threat agents and proposing mitigation strategies. Recommendations are provided to enhance organizational growth and improve the cyber security network system, including regular updates, adherence to company rules, and proactive measures like firewalls and data backups. The report concludes with a summary of protection mechanisms, such as data encryption and intrusion detection, and emphasizes the importance of continuous risk control and management for organizational data protection. This document is available on Desklib, a platform offering a wide range of study tools and solved assignments for students.
ITC 596: IT RISK MANAGEMENT
ASSESSMENT 3
Cyber security
1
ASSESSMENT 3
Cyber security
1
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Table of Contents
Executive summary......................................................................................................................... 3
1. Introduction..................................................................................................................................6
2. Overview of risk assessment....................................................................................................... 8
3. Risk Assessment based on Threat, Vulnerability, and Consequences.........................................9
3.1 Risk Assessment.................................................................................................................... 9
3.2 Key threat agents..................................................................................................................10
3.3 Mitigating the risks.............................................................................................................. 16
3.4 Recommendations................................................................................................................ 16
4. Summary....................................................................................................................................18
4.1 Literature review of protection mechanism.........................................................................18
5. Conclusion................................................................................................................................. 20
6. References..................................................................................................................................21
2
Executive summary......................................................................................................................... 3
1. Introduction..................................................................................................................................6
2. Overview of risk assessment....................................................................................................... 8
3. Risk Assessment based on Threat, Vulnerability, and Consequences.........................................9
3.1 Risk Assessment.................................................................................................................... 9
3.2 Key threat agents..................................................................................................................10
3.3 Mitigating the risks.............................................................................................................. 16
3.4 Recommendations................................................................................................................ 16
4. Summary....................................................................................................................................18
4.1 Literature review of protection mechanism.........................................................................18
5. Conclusion................................................................................................................................. 20
6. References..................................................................................................................................21
2
Executive summary
The report is reflected by an IT risk assessment lead consultant to the Gigantic Corporation’s
management system. This report describes a cyber security system which aims to provide
security and protection from cyber attacks and crimes. The report also involves the translation of
technical risks in the form of business language for facilitating effectual decision making. The
report also describes the interfacing between technical experts and stakeholders. The report is
based on management of risks that occur due to an implementation of cyber security project. The
report discusses policies and procedures of an organization in the context of cyber security.
The main part of report covers the purpose, scope, overview of technology and risk assessment.
In this report, the cyber security system is described as the risk assessment project which
involves various pros and cons. An overview of risk assessment is described along with their
cause and effects. The risk management approaches and methods also provided with some risks
and threats. The impact of threats and vulnerabilities are also described in the below report along
with threat agents. The losses of confidential data and information are also described in risk
assessment project report. The report also explains a cyber security system of an organization
which leads to some risks and difficulties. The threats and their description are presented by a
table that defines different threats of cyber security. The vulnerabilities due to threat agents are
shown in a tabular form. The risk assessment area involves various factors with mitigation and
management procedures. The legal term and policies of company are also included for
initializing the risk assessment project.
The cyber security system is a design and practices which protects the networks and data from
the attack, damages, and authorized access. The effective cyber security reduces the threats of
attacks and protects businesses from unauthorized exploitation with respect to networks and
devices. This report provides a solution to identify attackers and criminals by using this risk
assessment approach. There are also some recommendations provided that impact the growth of
an organization. At last, a solution is provided along with some recommendations based on a risk
assessment report. A summary is described in the context of an overall report on the cyber
security of an organization. The overview of cyber security is explained as follows:
The cyber security plays a vital role in IT industry that manages network system to protect
information and data. The increasing technology and smart devices create complexity for
protection. The organization faces many challenges and risks with cyber security that decays the
potential growth as well as reputation. The internet connected systems include hardware and
software tools and data that might be protected through cyber security approach. The
organization leads to loss of computational data and physical data due to cyber attacks. The
unauthorized access of data and information can be protected through both physical and cyber
security system. The cyber system involves data loss and information theft due to external and
internal attacks. The cyber security comprises the information security that maintains the
confidential data and information of company which included in the risk management report.
Some recommendations are included in this report as mention below:
Information update
Follow the company's rules and procedures
Updating the software version
Insurance of cyber data
Website protection with security layers
3
The report is reflected by an IT risk assessment lead consultant to the Gigantic Corporation’s
management system. This report describes a cyber security system which aims to provide
security and protection from cyber attacks and crimes. The report also involves the translation of
technical risks in the form of business language for facilitating effectual decision making. The
report also describes the interfacing between technical experts and stakeholders. The report is
based on management of risks that occur due to an implementation of cyber security project. The
report discusses policies and procedures of an organization in the context of cyber security.
The main part of report covers the purpose, scope, overview of technology and risk assessment.
In this report, the cyber security system is described as the risk assessment project which
involves various pros and cons. An overview of risk assessment is described along with their
cause and effects. The risk management approaches and methods also provided with some risks
and threats. The impact of threats and vulnerabilities are also described in the below report along
with threat agents. The losses of confidential data and information are also described in risk
assessment project report. The report also explains a cyber security system of an organization
which leads to some risks and difficulties. The threats and their description are presented by a
table that defines different threats of cyber security. The vulnerabilities due to threat agents are
shown in a tabular form. The risk assessment area involves various factors with mitigation and
management procedures. The legal term and policies of company are also included for
initializing the risk assessment project.
The cyber security system is a design and practices which protects the networks and data from
the attack, damages, and authorized access. The effective cyber security reduces the threats of
attacks and protects businesses from unauthorized exploitation with respect to networks and
devices. This report provides a solution to identify attackers and criminals by using this risk
assessment approach. There are also some recommendations provided that impact the growth of
an organization. At last, a solution is provided along with some recommendations based on a risk
assessment report. A summary is described in the context of an overall report on the cyber
security of an organization. The overview of cyber security is explained as follows:
The cyber security plays a vital role in IT industry that manages network system to protect
information and data. The increasing technology and smart devices create complexity for
protection. The organization faces many challenges and risks with cyber security that decays the
potential growth as well as reputation. The internet connected systems include hardware and
software tools and data that might be protected through cyber security approach. The
organization leads to loss of computational data and physical data due to cyber attacks. The
unauthorized access of data and information can be protected through both physical and cyber
security system. The cyber system involves data loss and information theft due to external and
internal attacks. The cyber security comprises the information security that maintains the
confidential data and information of company which included in the risk management report.
Some recommendations are included in this report as mention below:
Information update
Follow the company's rules and procedures
Updating the software version
Insurance of cyber data
Website protection with security layers
3
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Data backup on regular basis
Enable firewall network and firewall applications
Follow cyber security term and conditions
Check network authorization and protection
Installation of cameras and scanners at organizations
Prevention from data loss
The report also contains a brief summary of the risk management report which involves the
implementation of security processes. The result finds some methods for prevention and
mitigations that controls the cyber risks of an organization. The techniques and recommendations
are useful for financial growth as well as business growth.
The mitigation steps and recommendations are described for improvement in cyber security
network system which can identify the threats and risk. The risk measures and their controls also
implemented with the help of some mitigation strategies and recommendations.
System maintenance and physical security
Identify external and internal attackers
Improve the security policies
Password generation and layer prevention
Documentation for legal policies and accessing of information
Protect website and information with the segmentation method
Develop a training system for employees
Employ strict policies for vendor and outsiders
Monitoring of cyber prevention system
Use IPS and IDS for protection
Installation of the latest version of the software
Detection of malware and hackers
Use antivirus applications for strong security
Identify the criminal activity through spam emails and unauthorized user
Risk prevention devices and planning
Prevent organization information from unauthorized access
Plan a risk management regarding IT industry
The cyber security risk assessment report also includes the summary of the overall report which
depicts some protection mechanisms. The protection mechanisms are introduced for increasing
the network security of an organization. Some key points are included in the protection
mechanism that allows the user to develop in the cyber system.
The protection mechanism overview involves some key methods for improvement as shown
below:
Encryption of data
Enabling firewalls
Employ a protection layer and protection sphere
Use of intrusion prevention and intrusion detection
Scanning and auditing process
Vulnerability scanners
Backup of data
4
Enable firewall network and firewall applications
Follow cyber security term and conditions
Check network authorization and protection
Installation of cameras and scanners at organizations
Prevention from data loss
The report also contains a brief summary of the risk management report which involves the
implementation of security processes. The result finds some methods for prevention and
mitigations that controls the cyber risks of an organization. The techniques and recommendations
are useful for financial growth as well as business growth.
The mitigation steps and recommendations are described for improvement in cyber security
network system which can identify the threats and risk. The risk measures and their controls also
implemented with the help of some mitigation strategies and recommendations.
System maintenance and physical security
Identify external and internal attackers
Improve the security policies
Password generation and layer prevention
Documentation for legal policies and accessing of information
Protect website and information with the segmentation method
Develop a training system for employees
Employ strict policies for vendor and outsiders
Monitoring of cyber prevention system
Use IPS and IDS for protection
Installation of the latest version of the software
Detection of malware and hackers
Use antivirus applications for strong security
Identify the criminal activity through spam emails and unauthorized user
Risk prevention devices and planning
Prevent organization information from unauthorized access
Plan a risk management regarding IT industry
The cyber security risk assessment report also includes the summary of the overall report which
depicts some protection mechanisms. The protection mechanisms are introduced for increasing
the network security of an organization. Some key points are included in the protection
mechanism that allows the user to develop in the cyber system.
The protection mechanism overview involves some key methods for improvement as shown
below:
Encryption of data
Enabling firewalls
Employ a protection layer and protection sphere
Use of intrusion prevention and intrusion detection
Scanning and auditing process
Vulnerability scanners
Backup of data
4
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Software updating process and installation
Secure customer data and information
The conclusion also included in the risk management report which describes the overall project
implementation process in IT risk assessment control framework. The risk control techniques
and methods also defined regarding in an organization. Cyber security risk assessment and
management helps the corporation from data and information loss.
5
Secure customer data and information
The conclusion also included in the risk management report which describes the overall project
implementation process in IT risk assessment control framework. The risk control techniques
and methods also defined regarding in an organization. Cyber security risk assessment and
management helps the corporation from data and information loss.
5
1. Introduction
The risk with technology is increasing day by day as mentioned in the IT risk assessment report.
The report is based on Risk assessment in IT Corporation with cyber security. As a lead
consultant of ‘IT risk assessment’ in Gigantic Corporation cyber security, the management report
is described. The detail information of cyber security in Gigantic Corporation has been presented
with management report. The term cyber security defines the management and mitigation of risk
assessment in organizations to protect their critical assets. The cyber security is a priority for any
organization to protect their data and information form hacking. The cyber risk is increasing
rapidly in few organizations that impact the organization’s assets. The risk management of cyber
security system describes threats and vulnerabilities.
The cyber security plays a vital role in IT industry that manages network system to protect
information and data. The increasing technology and smart devices create complexity for
protection. The internet connected systems include hardware and software tools and data that
might be protected through cyber security approach. The organizations face many difficulties
due to loss of computational data and physical data. Cyber system creates several risks in
transferring and receiving the data that can mitigate through cyber security model and
approaches (Ashibani, et. al., 2107). Cyber security also involves the cyberspace which utilizes
electronic communication medium for online global network system with the help of virtual
networks. The Cyberspace is a big platform of computer networks which provide facility to
employ IP and TCP protocols for exchanging the worldwide information through
communication. The virtual world and interactive environment is the main feature of cyberspace
which provides a wide range of network over the worldwide.
A cyberspace helps user to provide different communication medium via various methods and
techniques. It also permits users to exchange the information, interaction, switches ideas,
engagement of social activities; develop business ideas and other communication activity (Chen,
et. al., 2018). The cyberspace helps to control the risk and overcome the threats through an
interactive environment.
Purpose
The purpose of the report is to provide a risk assessment report on management by interfacing
between stakeholders of company and technologists. The report will explain the technical
difficulties in Gigantic Corporation with the cyber security. Apart from this, the threats,
vulnerabilities, and consequences also will be discussed on the behalf of IT control framework.
The impact of risk assessment with the result also will be identified for mitigation plan.
Project scope
The project scope includes some benefits of cyber security system in an organization where some
factors affect the security. The risk assessment is developed for interfacing of web applications
in a business environment. The risk management covers all policies and procedures of
organization which help to maintain the data and information. The assessment includes various
methods and models which lead to improving that cyber security system. It will help to protect
legal and confidential information of company. The cyber security risks impact the
organizational security and protection which identifies some threats and vulnerabilities. The
assessment report collects the all affecting factors to resolve the management issues.
6
The risk with technology is increasing day by day as mentioned in the IT risk assessment report.
The report is based on Risk assessment in IT Corporation with cyber security. As a lead
consultant of ‘IT risk assessment’ in Gigantic Corporation cyber security, the management report
is described. The detail information of cyber security in Gigantic Corporation has been presented
with management report. The term cyber security defines the management and mitigation of risk
assessment in organizations to protect their critical assets. The cyber security is a priority for any
organization to protect their data and information form hacking. The cyber risk is increasing
rapidly in few organizations that impact the organization’s assets. The risk management of cyber
security system describes threats and vulnerabilities.
The cyber security plays a vital role in IT industry that manages network system to protect
information and data. The increasing technology and smart devices create complexity for
protection. The internet connected systems include hardware and software tools and data that
might be protected through cyber security approach. The organizations face many difficulties
due to loss of computational data and physical data. Cyber system creates several risks in
transferring and receiving the data that can mitigate through cyber security model and
approaches (Ashibani, et. al., 2107). Cyber security also involves the cyberspace which utilizes
electronic communication medium for online global network system with the help of virtual
networks. The Cyberspace is a big platform of computer networks which provide facility to
employ IP and TCP protocols for exchanging the worldwide information through
communication. The virtual world and interactive environment is the main feature of cyberspace
which provides a wide range of network over the worldwide.
A cyberspace helps user to provide different communication medium via various methods and
techniques. It also permits users to exchange the information, interaction, switches ideas,
engagement of social activities; develop business ideas and other communication activity (Chen,
et. al., 2018). The cyberspace helps to control the risk and overcome the threats through an
interactive environment.
Purpose
The purpose of the report is to provide a risk assessment report on management by interfacing
between stakeholders of company and technologists. The report will explain the technical
difficulties in Gigantic Corporation with the cyber security. Apart from this, the threats,
vulnerabilities, and consequences also will be discussed on the behalf of IT control framework.
The impact of risk assessment with the result also will be identified for mitigation plan.
Project scope
The project scope includes some benefits of cyber security system in an organization where some
factors affect the security. The risk assessment is developed for interfacing of web applications
in a business environment. The risk management covers all policies and procedures of
organization which help to maintain the data and information. The assessment includes various
methods and models which lead to improving that cyber security system. It will help to protect
legal and confidential information of company. The cyber security risks impact the
organizational security and protection which identifies some threats and vulnerabilities. The
assessment report collects the all affecting factors to resolve the management issues.
6
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Apart from this, the cyber security model is useful for maintaining, transmitting and receiving
the data and information with control measures and these are also useful for prevention of loss
and damage. The organizational security system analyses some threat agents and attackers but
according to provided scenario, the technologist and stakeholders will discuss some
recommendations. These recommendations will helpful for enhancing security in Gigantic
Corporation and prevent financial loss.
7
the data and information with control measures and these are also useful for prevention of loss
and damage. The organizational security system analyses some threat agents and attackers but
according to provided scenario, the technologist and stakeholders will discuss some
recommendations. These recommendations will helpful for enhancing security in Gigantic
Corporation and prevent financial loss.
7
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
2. Overview of risk assessment
The IT risk assessment in an organization identifies and controls the technical difficulties and
risks that occur due to cyber attacks. The risk assessment and their management are useful for
prevention form loss of data and security. The management of risk will help in improving the
cyber security in organizations that will also save both time and money (Alali, et. al., 2018).
Figure 1: Model for risk assessment
Source: (Mani, et. al., 2015)
The risk assessment model presents the several threats and source which creates some threat
event. The benefit of this model involves some security controls and their vulnerabilities that
affect the organizational growth.
The strategies and plans for identifying and removing the cyber risks in an organization with an
opinion of decision makers & technologists:
Identifying cyber risk an organization's assets that could be affected form attacks.
Identify the cyber risks and their impact on organization so the decision makers can
implement their ideas (Abdo, et. al., 2018).
Analyze the risk management and security plans for the protection of assets and values.
Evaluate security threats and challenges that can be occurred due to cyber attacks.
Plan a strategy of security risk management that can prevent form losses of data.
Recognize the threats in a particular system and plan a strategy for execution with
recommendation.
Recognize the vulnerability of the cyber security system and find out the solutions.
Provide security measures and controls, bug fixes and mitigations for risk management in
IT sector.
Design a protocol for minimizing the risk assessment and cyber security system.
The management of IT risk includes the appropriate methods for execution the cyber risk with
technical team (Mayer, et. al., 2018). Some threats and vulnerabilities can be identified through
cyber security components.
8
The IT risk assessment in an organization identifies and controls the technical difficulties and
risks that occur due to cyber attacks. The risk assessment and their management are useful for
prevention form loss of data and security. The management of risk will help in improving the
cyber security in organizations that will also save both time and money (Alali, et. al., 2018).
Figure 1: Model for risk assessment
Source: (Mani, et. al., 2015)
The risk assessment model presents the several threats and source which creates some threat
event. The benefit of this model involves some security controls and their vulnerabilities that
affect the organizational growth.
The strategies and plans for identifying and removing the cyber risks in an organization with an
opinion of decision makers & technologists:
Identifying cyber risk an organization's assets that could be affected form attacks.
Identify the cyber risks and their impact on organization so the decision makers can
implement their ideas (Abdo, et. al., 2018).
Analyze the risk management and security plans for the protection of assets and values.
Evaluate security threats and challenges that can be occurred due to cyber attacks.
Plan a strategy of security risk management that can prevent form losses of data.
Recognize the threats in a particular system and plan a strategy for execution with
recommendation.
Recognize the vulnerability of the cyber security system and find out the solutions.
Provide security measures and controls, bug fixes and mitigations for risk management in
IT sector.
Design a protocol for minimizing the risk assessment and cyber security system.
The management of IT risk includes the appropriate methods for execution the cyber risk with
technical team (Mayer, et. al., 2018). Some threats and vulnerabilities can be identified through
cyber security components.
8
3. Risk Assessment based on Threat, Vulnerability, and Consequences
3.1 Risk Assessment
The term threat to cyber security defines a serious or possible danger that causes harm to the
network system. Some threats of cyber security system that may or may not occur in corporation
are mentioned below:
Unauthorized access of data - The unauthorized access in the cyber security system of a
company can be harmful to information leakage. Unauthorized access includes the access
to websites, systems, server and programs with the help of another ID and account. The
hackers can easily detect or identify the pin or password for access the confidential data
(Shin, et. al., 2017).
Spoofing of credentials- The malicious person or party is the main cause of spoofing
that loss the data. A spoofing attack occurs in a cyber security system when a suspicious
or unauthorized user attacks on the network system. It may be in any form such as
website spoofing, e-mail spoofing, password spoofing, and IP spoofing.
Jamming- The jamming attack on cyber security impacts the security system of an
organization that leads to loss of information. Jamming breaks the signal and information
that impacts the communication system of an organization.
Denial-of-service (DoS) attack- Hackers and attackers send request to network for
authentication of accessing legal data. In cyber security system, the DoS prevent service
from attack but it interrupts a specific system.
Malicious attack- In cyber security system, a malicious code is used to theft data and
damages the security system. It generates vulnerabilities in the system that causes the
potential damage to security.
Man-in-the-middle attack- In cyber security system, the man-in-the-middle attack uses
to interrupt connection between the two-person or parties. The attackers relay the
communication and steal the confidential information through a conversation between
two parties.
The threats and risks are identified through evaluation of a cyber security framework which
describes different stages of risk and threat occurrence. The frame involves the steps to identify
the risk to their recovery mechanisms. The below framework describes the process of cyber
security which will be helpful for risk assessment project and risk management. The cyber
security in organization utilizes the below framework to execute the project in risk management
which will help in dealing with technical difficulties that occurs due to physical or non-physical
risk (Chen, et. al., 2018).
9
3.1 Risk Assessment
The term threat to cyber security defines a serious or possible danger that causes harm to the
network system. Some threats of cyber security system that may or may not occur in corporation
are mentioned below:
Unauthorized access of data - The unauthorized access in the cyber security system of a
company can be harmful to information leakage. Unauthorized access includes the access
to websites, systems, server and programs with the help of another ID and account. The
hackers can easily detect or identify the pin or password for access the confidential data
(Shin, et. al., 2017).
Spoofing of credentials- The malicious person or party is the main cause of spoofing
that loss the data. A spoofing attack occurs in a cyber security system when a suspicious
or unauthorized user attacks on the network system. It may be in any form such as
website spoofing, e-mail spoofing, password spoofing, and IP spoofing.
Jamming- The jamming attack on cyber security impacts the security system of an
organization that leads to loss of information. Jamming breaks the signal and information
that impacts the communication system of an organization.
Denial-of-service (DoS) attack- Hackers and attackers send request to network for
authentication of accessing legal data. In cyber security system, the DoS prevent service
from attack but it interrupts a specific system.
Malicious attack- In cyber security system, a malicious code is used to theft data and
damages the security system. It generates vulnerabilities in the system that causes the
potential damage to security.
Man-in-the-middle attack- In cyber security system, the man-in-the-middle attack uses
to interrupt connection between the two-person or parties. The attackers relay the
communication and steal the confidential information through a conversation between
two parties.
The threats and risks are identified through evaluation of a cyber security framework which
describes different stages of risk and threat occurrence. The frame involves the steps to identify
the risk to their recovery mechanisms. The below framework describes the process of cyber
security which will be helpful for risk assessment project and risk management. The cyber
security in organization utilizes the below framework to execute the project in risk management
which will help in dealing with technical difficulties that occurs due to physical or non-physical
risk (Chen, et. al., 2018).
9
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Figure 2: Cyber security framework
Source: (www.threatprotect.co.uk, 2018)
Some threats and threat agents are defined in below table with their impact on risk assessment
project. The below threats depicts the losses and harms which are the main cause of cybercrime.
3.2 Key threat agents
The threat agent could be any human or malicious attacker or can say a system application and
software which create threats in cyber security. The threat agents are mentioned below:
Terrorists
Malicious codes
Hackers and attackers
Organization’s employees
Corporation competitor
Thieves and robbers
Software applications
Viruses
Malware
Table 1: Threat Agents
Threats Threat agents Description Impact
Buffer overflow or
Denial of service
attack
Professional
criminals and
terrorists
This kind of threat
leads to legal loss of
organizations data.
High
Bypass Thief and This leads to damage High
10
Source: (www.threatprotect.co.uk, 2018)
Some threats and threat agents are defined in below table with their impact on risk assessment
project. The below threats depicts the losses and harms which are the main cause of cybercrime.
3.2 Key threat agents
The threat agent could be any human or malicious attacker or can say a system application and
software which create threats in cyber security. The threat agents are mentioned below:
Terrorists
Malicious codes
Hackers and attackers
Organization’s employees
Corporation competitor
Thieves and robbers
Software applications
Viruses
Malware
Table 1: Threat Agents
Threats Threat agents Description Impact
Buffer overflow or
Denial of service
attack
Professional
criminals and
terrorists
This kind of threat
leads to legal loss of
organizations data.
High
Bypass Thief and This leads to damage High
10
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
authentication professional attackers to the security
system.
Unauthorized access Malicious attacker The unauthorized
access impacts on the
network system and
cause of data loss.
High
Jamming Professional hackers The system or
network requires the
large setup of
equipment and
communication
medium which
affects the
transmission of data.
High
Man-in-the-middle
attack
Attackers The attacker collects
information that
causes the
information & legal
loss.
High
Malicious code Malicious hacker and
coder
The malicious code
creates viruses in a
cyber system that
leads to corrupt files
and data.
High
Analysis:
The above table explains the various threats of cyber security that are the main cause of risks.
The threat agent is also described which creates threats in cyber security of an organization and
impacts of threats on system and network is also presented. The above table describes the threats
analysis with threat actors.
Table 2: Risk assessment, threats, and vulnerabilities
S. No. Risk asset Vulnerability Threat Value of asset
1. Networks Wrong identity Unauthorized
access to data
4
2. Networks Wrong identity Man-in-middle
attack
4
11
system.
Unauthorized access Malicious attacker The unauthorized
access impacts on the
network system and
cause of data loss.
High
Jamming Professional hackers The system or
network requires the
large setup of
equipment and
communication
medium which
affects the
transmission of data.
High
Man-in-the-middle
attack
Attackers The attacker collects
information that
causes the
information & legal
loss.
High
Malicious code Malicious hacker and
coder
The malicious code
creates viruses in a
cyber system that
leads to corrupt files
and data.
High
Analysis:
The above table explains the various threats of cyber security that are the main cause of risks.
The threat agent is also described which creates threats in cyber security of an organization and
impacts of threats on system and network is also presented. The above table describes the threats
analysis with threat actors.
Table 2: Risk assessment, threats, and vulnerabilities
S. No. Risk asset Vulnerability Threat Value of asset
1. Networks Wrong identity Unauthorized
access to data
4
2. Networks Wrong identity Man-in-middle
attack
4
11
3. Networks Wrong identity Spoofing of
credentials
4
4. Check in
procedure
Back up issue Malicious attack 4
5. Scanners and
detectors
Weak network
communication
Jamming 3
6. State databases Capacity of
device
Denial of service
attack
4
7. State databases Lack of
transparency
principle
Data access in
an unauthorized
way
4
Analysis:
The above table evaluates the risk assessment, threats, and vulnerabilities along with asset value.
Each threat explains the vulnerability and asset value and also defines which risk is assessed
according to threat.
Cyber security risks
Online transactions, emails, online marketing, social media, and other online activities are the
main causes of cyber security risk that affects the management and financial growth of company.
A ‘cyber risk’ in an organization occurs due to cyber security system errors and some threats.
The loss of data and damages in IT system affects the reputation of company as well as financial
growth. The value of threats and vulnerability explains the actual risk in which various harmful
elements are included. A risk in cyber security leads to cyber loss which affects the security,
trust, and information (Ganin, et. al., 2017).
Some common security risks and threats are described as follows:
Viruses- The viruses are any kind of software and program that transferred into a system for
corrupting the files and data. The virus can delete and corrupt the system and its program and
also damage the information.
Malicious spyware- This type of threat is generated by cyber attackers or criminals to discover
the information of victims. The Trojan application is useful for malicious spyware.
Botnet- Hackers and attackers create a group that connects each computer to internet with the
help of Trojan horse and it is called a zombie. These botnets increases virus attacks in the cyber
security system as well as denial of attack.
Spam- The spam is an unnecessary message that arrives in the email or email inbox. It is process
of sending and receiving information in unauthorized way and creates junk mails. It can cause
security and information loss due to frauds.
12
credentials
4
4. Check in
procedure
Back up issue Malicious attack 4
5. Scanners and
detectors
Weak network
communication
Jamming 3
6. State databases Capacity of
device
Denial of service
attack
4
7. State databases Lack of
transparency
principle
Data access in
an unauthorized
way
4
Analysis:
The above table evaluates the risk assessment, threats, and vulnerabilities along with asset value.
Each threat explains the vulnerability and asset value and also defines which risk is assessed
according to threat.
Cyber security risks
Online transactions, emails, online marketing, social media, and other online activities are the
main causes of cyber security risk that affects the management and financial growth of company.
A ‘cyber risk’ in an organization occurs due to cyber security system errors and some threats.
The loss of data and damages in IT system affects the reputation of company as well as financial
growth. The value of threats and vulnerability explains the actual risk in which various harmful
elements are included. A risk in cyber security leads to cyber loss which affects the security,
trust, and information (Ganin, et. al., 2017).
Some common security risks and threats are described as follows:
Viruses- The viruses are any kind of software and program that transferred into a system for
corrupting the files and data. The virus can delete and corrupt the system and its program and
also damage the information.
Malicious spyware- This type of threat is generated by cyber attackers or criminals to discover
the information of victims. The Trojan application is useful for malicious spyware.
Botnet- Hackers and attackers create a group that connects each computer to internet with the
help of Trojan horse and it is called a zombie. These botnets increases virus attacks in the cyber
security system as well as denial of attack.
Spam- The spam is an unnecessary message that arrives in the email or email inbox. It is process
of sending and receiving information in unauthorized way and creates junk mails. It can cause
security and information loss due to frauds.
12
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 22
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.