Risk Management Plan for Cybersecurity at MyHealth Company - CMP73001

Verified

Added on 2023/01/11

AI Summary

This document presents a cybersecurity risk management plan developed for MyHealth Company, addressing the potential threat of Denial of Service (DoS) attacks. The plan includes hazard identification, risk assessment, and proposed control measures. The risk assessment evaluates the potential harm caused by DoS attacks, considering their likelihood and impact on MyHealth's systems, potentially leading to network outages and data breaches. The existing control measures, such as firewalls, are evaluated for their effectiveness. The plan proposes detective, corrective, and preventive control measures, including traffic filtering, security log analysis, and firewall configuration. The implementation section outlines associated activities, required resources, and responsible personnel, including the Chief Information Security Officer (CISO). The plan also includes a review schedule to ensure the ongoing effectiveness of the implemented controls.

Risk management plan – single risk
Company name: MyHealth Completed by: Student name
Work area: Cybersecurity management Date completed: date
Hazard identification
DoS Attack: Denial of service (DoS) attacks are types of cyberattacks by which malicious actors aim render
devices and computer systems unusable for the intended users through interruptions of normal functioning of the
device.
Risk assessment
What harm could the
hazard cause?
DoS attacks are observed to affect multiple components of the company and
are known to frequently affect systems. They can bring the entire network to a
halt and even lead to freezing of computers.
What is the likelihood
of this happening
DoS attacks are known to be the most popular approach of infecting computer
systems and hence are the most likely to affect MyHealth two of the assets
already have vulnerabilities.
Existing control
measure
Immediate removal of suspicious files followed by full system scan with proven
anti malware solutions.
Consequence Damages to systems might already have occurred
Likelihood Less likely to fully recover once already infected
Outcome Paralysis of assets once infected
Control measures
Detective controls
The identification of traffic flow deviations that may signal the buildup of a
DDoS assault. Effectiveness is measured by your ability to recognize an attack
as early as possible, with instantaneous detection being the ultimate goal.
Divertive controls
Traffic is rerouted away from its target, either to be filtered or completely
discarded.
Filtering
DDoS traffic discarded, by identification of patterns that immediately
differentiate between genuine traffic and malicious clients. Responsiveness is
key factor behind being able to block the attack in time.
Analysis
Security logs are reviewed to gather information about the attack, both to
identify the offender(s) and to improve future resilience. The process’s
effectiveness relies on the existence of detailed security logs that can offer
granular visibility into the attack traffic.
Preferred control
measure
Filtering - if conducted correctly can recover the system.
Implementation
Associated activities Resources
required
Person(s)
responsible Sign off and date
Configuring firewall policies on the fly Cisco ASA 5505 CISO name CISO signature
Date: 31.03.2019
REVIEW
Scheduled review date: 1 / 04 / 2019
Are the control measures in place?
No
Are the controls eliminating/minimising the risk?
No

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Are there any new problems with the risk?
Firewalls are present but, there is no defined role of the IT staff which can lead to ineffective handling of
situations