This website uses cookies to ensure you have the best experience. Learn more

Security Risk Analysis And Assessment Report

1009 words - 5 pages

Cybercom is corporation that designs and manufactures proprietary communication devices. One of Cybercom’s most important contracts is with the United States Department of Defense (DoD), producing small communication devices that are small enough to fit in a soldier’s helmet, but powerful enough to reach communication satellites in orbit. The encryption and communication technologies used in the devices are highly classified and closely guarded. As part of Cybercom’s contract with the DoD, the company is required to conduct a formal security risk analysis of its internal network in order to identify security vulnerabilities and prevent network breaches.
Cybercom’s security risk ...view middle of the document...

24). In conducting the assessment, specific threats and vulnerabilities are identified, as well as the likelihood of such events and the potential damage each may cause. The third stage of the assessment process is to compile the information researched, and report it to management, with which top level decisions can be made. The final stage of the risk assessment process is concerned with two main points; lessons learned through the practice of security and updating security procedures as threats and vulnerabilities change over time.
The risk assessment process is performed with three target categories in mind which conform to the NIST risk management hierarchy; tier one – organization, tier two – mission/business processes, tier three – information systems (NIST, 2012, p.17). The organization tier involves the policies and operations of the organization. The mission/business tier takes into account organizational security procedures and protocols, as well as business continuity plans (BCP), in the event of a disaster (NIST, 2012, p.19). Lastly, the information system tier is the section associated with hardware and automated security controls of information systems.
The Investigation Plan
The primary concern of Cybercom’s risk analysis is to determine the resilience of its internal network to cybercrime and system breach, leading to the compromise of sensitive data. The strategy that was decided on is to conduct the risk assessment, and evaluate the results using risk levels that are determined by assessing the likelihood of an attack vector versus the potential damage it may cause. The assessment is a two-fold process; assess vulnerabilities from within the organization, and simulate threats from outside the organization to determine the likelihood of successful attacks. Forensics tools and techniques will be used on devices to establish the adequacy of security measure on such devices.
One of the major threats to Cybercom’s sensitive data was identified to be the loss or theft of company cell phones. To test this vulnerability, various cell phones that have been used by employees with high level security clearance were tested...

Find Another Essay On Security Risk Analysis and Assessment Report

Risk Assessment and Business Management Essay

962 words - 4 pages , pp.350-353) The first thing I would initiate in an effort to generate an efficient risk assessment analysis system at for the hotels is to establish a Risk Analysis Steering Committee. The committee would have representation from all sectors of the hotel industry and would comprise of the hotel owners, their senior management as well as representation from the employees. This would ensure there is support of the analysis project from the

risk and quality managment assessment Essay

916 words - 4 pages reporting, and risk evaluation. Risk management consists of two sides, risk analysis and risk control. Risk analysis has three parts, assessment, evaluation, and reduction. Risk control has two parts, monitoring, and reporting. The goal of risk assessment is to identify risk factors that effect. After risks have been identified the second step is developing plans and actions that can be implemented that will reduce risks. The third step is

Risk Assessment and Planning in IT Projects

3600 words - 14 pages Analysis and Management Method and was developed and is owned by the UK Government national security authorities. It is a qualitative risk assessment and management tool. The outcome of a CRAMM review is a set of recommended countermeasures that are deemed necessary to combat the risks in protecting the information. The inherent disadvantages of CRAMM have to be that it is developed by government organisations and that it only suites governmental

Security Risk Management SRM and Auditing

1022 words - 4 pages now depend. Stop Managing Security. Start Managing Risk. The way forward lays in a security risk management (SRM) approach that protects your company from the most severe threats to critical IT systems and operational processes. SRM helps your organization understand its assets and analyze the vulnerabilities it must address. Security risk management also facilitates internal and external compliance initiatives. It enables your

Needs Assessment and SWOT Analysis

1002 words - 5 pages because, “The objectives will dictate how the needs assessment is to be designed and conducted” (McCawley, 2009, p. 4). McCawley states that, “Various objectives of a needs assessment are based on two things: who is asking the questions (what is your mission and responsibility?); and who is the target audience” (2009, p. 4). When administrations ask these two questions they can maintain objective during the needs assessment process. The SWOT analysis

International Export and Marketing Risk Assessment for the Czech Republic

3787 words - 15 pages Aim and Scope of StudyThe purpose of this pre-entry risk assessment is to ascertain the viability of The Czech Republic as a target for international trade with the company 'Touchiefeelie', a recently formed furniture and artwork producer who has seen recent business growth with it's turnover within the domestic market having trebled since the launch of it's website in 2002. The assessment will consider relevant implications when trading within

Shear Essence Salon: Strategic Position and Risk Assessment

2314 words - 9 pages Strategic Position and Risk Assessment Business Strategy Shear Essence Salon will be a luxurious beauty salon located in downtown Jacksonville, Oregon. Shear Essence’s objective is to provide our customers with quality hair care in a stylish atmosphere that is not only relaxing but also provides our customers with convenience and great customer service. Shear Essence will be offering “One” complimentary drink of the client’s choice from a

An Evaluation of Information Security and Risk Management Theories

2183 words - 9 pages An abundance of information security and risk management theories are prevalent; however, it can be difficult to identify valid and applicable theories. In the reading to follow, several information security and risk management theories are evaluated. These theories are presented and employed via various frameworks, models, and best practice guidelines. An assessment of sufficient research pertaining to these theories is addressed, along with

Advanced Risk Management in Information Assurance and Security - NCU/Information Security - Homework

1988 words - 8 pages system failures from a single attack from compatible systems sharing the same vulnerabilities (Kunreuther & Heal, 2003). However, technology diversity comes with costs. Increased operability issues, compromised network effects, and the loss of economies of scale in having a common software environment (Chen, Kataria, & Krishnan, 2011). These are but a few of the risks to information security and risk management. Assessment of Information Security

Supply chain risk and analysis - coal industry

2271 words - 9 pages Supply Chain Risk Analysis and Assessment in the Coal Industry 02 December 2011 PrefaceAs of date the Supply Chain in any industry has become really complex, dynamic and dispersed therefore maximizing the risks and vulnerabilities associated within. This has also created a scenario where there are maximized exposures to both internal and external risks. At a time when Countries are fast developing, the public and private sectors go unattended

Country Risk and Strategic Planning Analysis Paper

2896 words - 12 pages IntroductionSuccessful businesses venturing into foreign markets establish a Country Risk and Strategic Planning outline to ensure potential problems are addressed to prevent such failures. In our paper, we discuss the country risk analysis of Canada. We expect O2 Inc. to grow into a global business. O2 Inc. will offer fresh oxygen for customers to relax and help improve their health. The paper analyzes how we will break down risks for

Similar Essays

Risk Assessment Report For Resorts

1194 words - 5 pages The following is a risk assessment report which identifies the potential threats of the Resort, and the specific steps that will be taken to reduce its exposure.A discussion involving senior management and several key personnel of the operative and planning level from the industry was held earlier to discuss the issues. With the Hospitality business being in the high-risk category, it is more susceptible to public crisis, therefore it is

Freshwater Lake Ecosystem Report, With Focus On Infestations Of Salvinia Weed. Risk Assessment Also Included

2279 words - 10 pages line was level, the spirit level was used. The metre ruler was then used to measure the height of the rope from the ground at metre intervals.Risk assessment: Activity Potential Risks Precautions Priority 1 (high) - 3 (low) Observing the lakes • Snake/spider bite • Sharp/unknown objects • Slipping/falling over • Be cautious and responsible • Ensure that the area you are in is safe by checking it for danger

Hazard And Risk Assessment Essay

919 words - 4 pages 6.1 Hazard and Risk Assessment A hazard is a potential damage, adverse health or harm that may effects something or someone at any conditions. Other than that, the risk may be high or low, that somebody could be harmed depending on the hazards. Risk assessment is a practice that helps to improve higher quality of the develop process and manufacturing process. It is also a step to examine the failure modes of the product in order to achieve

Analysis Of Mattel’s Toy Recalls And Risk Assessment

3583 words - 14 pages and accountability of global supply chains will be identified, and Mattel’s current supply chain will be assessed to identify whether they now effectively managing risk. Two means of risk assessment taken by Mattel prior to the first recall have been identified. 1) According to Hoyt, Hau & Mitchell (2008); Mattel inspected materials when they came in the factory door. Suppliers were monitored for problems such