| Asset | Threats | Risk probability | Mitigation strategies | Potential response | Prioritization of Responses |
| Unauthorized staff | illegal and unauthorized use of software, misuse of resources, industrial action, user error, willful damage, operational staff error | Medium | Unauthorized access trials | Security policy | Involve stakeholders Create a financial impact assessment scale |
| Regular reviews | |||||
| Authorized staff | Malicious software, misuse of resources, willful damage | High | Proper training | Third-party access security | |
| Unauthorized access trials | |||||
| Regular reviews | |||||
| Designation of roles | |||||
| Policy enforcement | |||||
| Strangers | Eavesdropping, willful damage | Medium | Regular vulnerability assessment | Information security infrastructure | |
| Physical environment security | |||||
| People trusted by the organization | willful damage, masquerading of user identity | Medium | Asset management | Information security infrastructure | |
| Cyber insurance | |||||
| Cyber policy | |||||
| Transmission errors, software failure, | High | Network security | Information classification | Define ace acceptable and unacceptable riskCreate a probability scale | |
| Backup and recovery | |||||
| Information system protection | |||||
| Cyber policy | |||||
| user error, willful damage, operational staff error, misuse of resources, | Medium | Asset management | Security policy | ||
| Failure of power supply, hardware failure, malicious software, virus | Medium | Backup and storage | Monitoring access and use of the systemUser responsibility | Involve business stakeholders | |
| Network security | |||||
| Assessing threats and vulnerabilities | |||||
| Cybersecurity awareness and training | |||||
| Personal screening and insider threat | |||||
| Deterioration of storage media, unauthorized use of storage media, theft, repudiation, failure of power supply | Information management and breach reporting | Operational procedures and responsibilities | Identify cybersecurity threat | ||
| Traffic overloading, transmission errors, communication infiltration, malicious software, virus | Low | Risk management and governance | Business requirement access control User access management | ||
| User error, willful damage, operational staff error, illegal export/import of software, maintenance error | Medium | Network security | Application access control | Access severity levels | |
| Assessing threats and vulnerabilities | |||||
| Cybersecurity awareness and training | |||||
| Personal screening and insider threat | |||||
| Industrial action, maintenance error, willful damage, illegal use of the software. | Low | Information management and breach reporting | Business continuity management | Involve business stakeholders | |
| user error, operational staff error, malicious software, virus, unauthorized users using the software, | Low | Risk management and governance | Monitoring | Determine the proximity of the threat event | |
| Communication infiltration, malicious software, virus | Medium | Information management and breach reporting | Security of system filesSecurity application system | ||
| Risk management and governance | |||||
| Airborne particles and dust, theft, power fluctuation, air-conditioning failure, extreme humidity and temperature, environmental contamination | Low | Network security | Monitoring Housekeeping | Assess the level of severity | |
| Assessing threats and vulnerabilities | |||||
| Cybersecurity awareness and training | |||||
| Personal screening and insider threat | |||||
| Information management and breach reporting | |||||
| Risk management and governance |
References
Haouari, A., Mostapha, Z., & Yassir, S. (January 01, 2018). Current State Survey and Future Opportunities for Trust and Security in Green Cloud Computing.
Information Security Governance Practices and Commitments in Organizations. (January 01, 2019).
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.
Read moreEach paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.
Read moreThanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.
Read moreYour email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.
Read moreBy sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.
Read more