Identifying Potential Risk, Response, And Recovery

1817 words - 7 pages

With identifying potential malicious attacks, threats, and vulnerabilities, measures need to be taken to deal with the malicious activities. A strategy is needed to deal with each of the risk of the malicious attacks and threats in the previous memo. Also controls will need to be setup to help mitigate those risks of the attacks. A strategy and controls need to also be setup to mitigate each of the vulnerabilities from the previous memo to help protect the computers and network for the business.
There are different strategies that can be used for dealing with the risk of a malicious attacks and threats. The strategy used will depend on the type of attack and threat, the strategies are risk mitigation, risk assignment, risk acceptance, and risk avoidance. Risk mitigation uses controls to reduce the risk, the controls could be administrative, technical, or physical. “The wide variety of security threats demonstrates that traditional methods of protection, such as firewalls and anti-virus software, are not enough to shield companies from these new, complex and highly sophisticated threats. What is needed is a multi-layered approach to security that ranges from perimeter security to end-point systems through to the implementation of a security policy. This will ensure protection from unknown malware threats,” (King, 2005). Risk assignment allows the business to transfer the risk to another business, for example storing backup tapes off site by using another business. Risk acceptance is the business accepting the risk, but the damages from the risk is low and could cost the business more to reduce the risk than dealing with the loss. Risk avoidance is to avoid the risk by discontinuing using a software or hardware that causes the risk. There are also four controls that can be used to mitigate each risk which are administrative, preventative, detective, and corrective. Administrative controls are to ensure people understand and follow the policies and procedures. Preventative controls try to stop threats from trying to use a vulnerability to gain access to the network or computers. Detective controls identity a threat that has hit the network and computers and corrective controls reduces the effects of a threat on the system.
The most common malicious attack and threat are from viruses and other malware. There are different types of viruses to protect a network and computers from and viruses can get into the network in different ways, mostly by email and websites on the internet. The best strategy for dealing with the risk for viruses and other malware would be risk mitigation. Viruses and other malware cannot be avoided or transferred to another business since our computers and network is here in the business for people to utilize. Viruses are also not an acceptable risk, the damages from viruses will outweigh the money spent to protect the network and computers. For these reasons, the strategies of risk assignment, risk acceptance, and risk...

Find Another Essay On Identifying Potential Risk, Response, and Recovery

Vulnerabilities and Potential Improvements in China’s Crisis and Recovery Management Policy via Case Study on 2008 Wenchuan Earthquake

902 words - 4 pages ? Possible suggestions for the Master Plan China has been making great efforts in disaster risk reduction Through the analyze of the vulnerabilities in the China’s crisis response and recovery management policies, several improvements can be taken to enhance the effectiveness and efficiency of the rescue and recovery operations for the coming natural disasters. Risk Reduction: Disaster Response Plans and Preparedness Improvement at All Levels: As for

The Construction of Risk: 9/11 Terrorist Attack and the Response to It

2206 words - 9 pages The Construction of Risk: 9/11 Terrorist Attack and the Response to It On the 11th of September 2001 terrorists carried out suicide attacks on American soil. They killed over 3,000 people and shocked the world as people never really thought of the magnitude of the attacks and in particular the location of the attack, America where risk is calculated and anticipated. These events shed a light of a debate whether risk is an objective phenomenon

Starbucks Identifying the Corporate Missions Industry Structure Swot Analysis Core Competencies and Competitive Advantage Strategy Recommendations Potential Fallout

3451 words - 14 pages same trends to maintain its performance. And hence, continues to have dominating brand image by defending domestic market. It should come up with extra features along with rewards as tour package, cheap air tickets, certain time free membership, to enhance the sales progression.Potential Fallout__Company potential fallout means an unexpected or incidental effect, outcome for the company which is not pre thought. In business world, high potential

Emergency Procedures for the Kennedy Air Force Base

2250 words - 9 pages . Classifications and Levels of Emergencies A. The level of response to an incident will depend on the complexity of the incident. Many factors determine the complexity of an incident, including but not limited to, area involved, threat to life and property, jurisdictional boundaries, values at risk, weather, strategy and tactics, and agency policy. Incidents can be placed into 5 classifications or levels (1-5) with 5 being the least complex

How To Create A Disaster Recovery Plan

1834 words - 7 pages systems, applications, and business processes. 5. Prepare impact analysis on interruption on critical systems. Conduct Risk Assessment The disaster recovery planning team should work with the organization's technical and security person to determine the probability of each functional business units' critical systems becoming severely disrupted and to document the amount of acceptable risk the business unit can tolerate. For each

Kugler Foods Disaster Recovery Plan

8162 words - 33 pages contingency plan to protect the business from disaster or other extended outage to its computer facility.Risk AssessmentAccording to securityworldnews.com, a Risk Assessment is identifying, analyzing, and weighing all the potential risks, threats, and hazards to the business's internal and external environment. The vulnerability of a facility or building is matched against any weather related vulnerabilities, power failures, Internal/External Security

Enterprise Risk Management in PSEG: An Overview

1470 words - 6 pages , contracting, issuing or retiring securities, or otherwise investing or deploying cash or capital. ASSESSING EXPOSURE AND DETERMINING THE OVERALL RISK MANAGEMENT STRATEGY The RMC is charged with: o establishing a general framework for identifying, measuring, aggregating, monitoring, controlling and reporting on the Company’s financial-related risks including, but not limited to:, price, credit, performance, delivery and liquidity risk; o

Disaster Recovery Planning

1267 words - 5 pages likelihood of occurring and seriousness of impact on the organization. Either analysis is an excellent tool and will result in the beginning creations of disaster recovery and business continuity planning. If using the BIA method a good first step is identifying the business’ most crucial systems and processes to assess what effect the outages will have on the business. All systems or applications should have a back-up location offsite to ensure

Kudler Fine Foods: Disaster Recovery/Business Resumption Plan

9814 words - 40 pages Physical Security 54.2 Personnel Security 54.3 Information Security 54.4 Network Security 55.0 Disaster Declaration Proceedures 55.1 Loss of Facility 55.2 Loss of Life 55.3 Disaster Assessment 55.4 Recovery Organization 75.5 Initial Response/Management Team 75.6 Administrative Team 85.7 Recovery Teams 95.8 Team Members (Primaries and Alternates) 95.9 Telephone Trees 115.10 Recovery Procedures 115.11 Team Responsibilities Error! Bookmark not defined

Crisis Management

1871 words - 8 pages -Building Evacuation Information Strategic Plan Bird and Higgins (2013) note that top management of National Bank of Canada has a responsibility of company’s stability, continuity and even reputation. They have to response when a damaging incident happens to NBC. Top management should manage objectives of the response to the incident, identify the incident’s risk and impact on the company, ensure recovery and back up, and communicate to public and

Steps To Effectively Respond To A Security Incident And Threats On A Wireless Network

1172 words - 5 pages Steps to Effectively Respond to a Security Incident and Threats on a Wireless Network Incident response is usually one of those security areas that tend to be impromptu—companies don't think about it until they have to. But that needs to change. In this paper I will discuss five steps - identification, containment, eradication, and recovery and follow up a business use to effectively response to a security threat and I will suggest four

Similar Essays

Identifying Potential Malicious Attacks, Threats And Vulnerabilities

1145 words - 5 pages Multiple of organizations have gone to great lengths to make sure their networks are fully functioning correctly because it is the best way to facilitate information being shared and distributed as well as keep sensitive information secured. Organizations will eventually become exposed to potential malicious attacks and threats over a period of time. One of the potential threats to any organization is internal threats, which is a disgruntled

Identifying And Preventing Potential Rampage Killers

1099 words - 4 pages Identifying adolescents and young adults with serious emotional and mental issues and giving them access to the appropriate services is crucial to stopping rampage killers. The majority of troubled youth will never commit horrific crimes. However, all rampage killers showed some signs of needing intervention. More focus needs to be placed on the emotional and mental needs of our youth to prevent tragedies such as rampage killings. Parents need

Hurricane Katrina: Emergency Response And Recovery Operations In New Orleans

1703 words - 7 pages . These shortcomings were even officially recognized, resulting in the resignation of the director of FEMA, and extreme criticisms being directed at both the agencies and elected officials involved in dealing with Hurricane Katrina. The essay will then conclude with a treatment of the current state of emergency response protocols in New Orleans as it pertains to coastal storm and flooding situations. Chowdhury 2 Hurricane Katrina

Risks And Potential Impact Relating To Security, Auditing And Disaster Recovery

600 words - 2 pages Introduction"Risks are the potential consequences of events or conditions that can adversely affect an organization's operations and revenues, as well as its relationships with communities, business partners, suppliers, and customers" (Erbschloe, 2003).Executive SummaryThe organization selected for this paper is a Christian bookstore that sells books, CDs, DVDs, as well as miscellaneous items. Bookstore customers include walk-in's and