Risk Management Lab
Info Security & Risk Management ISOL 533-05
Describe the purpose of IT Risk Assessment
Risk Assessment is the regular process of assessing the possible risks that may be included in a proposed activity or task. Risk assessment is the description of hazards that could negatively affect an organization's capacity to handle business. These evaluations help recognize these basic business risks and implement standards, methods, and directions to reduce the influence of these risks to business plans. The reason for IT risk evaluation is to help IT experts distinguish any occasions that could adversely influence their organization. Efficient risk assessment provides forward-looking guidance not only to help a company escape risk but also to provide more concrete risk information and how to cope with it (Spinner, M. 2018). Risk assessment in IT is defined as the evaluation of risks, threats, and vulnerabilities in an IT infrastructure. It helps in significant the impact of risk. Qualitative and Quantitative analysis of risk is done in this step.
The risk management method aims at evaluating risks, and moving the danger or raising the risk level by combining control measures when appropriate. This is used to identify and evaluate hazards dependent on a challenges and weaknesses to properties inquiry. Risks are quantified according to their effectiveness or the extent of their effect.
Maintaining the IT infrastructure requires the details or knowledge being collected, interpreted and distributed. Having appropriate plans for a balanced IT program and efficiently aiding with managing IT processes. Prioritizing and splitting the hazards, dangers and weaknesses into the main, small, and vital, depending on their effects. Understanding the gaps or voids of an IT system. After assessment, adequate reviews and correct protection measures are enforced.
Using the Table, Identify in the table’s Primary Domain impacted column which of the seven domains of a typical IT infrastructure and also identify a risk impact/risk factor will be most impacted by each risk, threat, or vulnerability listed.
|
Risks, Threats, and Vulnerabilities |
Primary Domain Impacted |
Risk Factor |
|
Unauthorized access from public internet |
Remote access domain |
1 |
|
User destroys data in application and deletes all files |
System/Application Domain |
3 |
|
Hacker penetrates IT infrastructure and gains access to your internal network |
LAN-to-WAN Domain |
1 |
|
Intraoffice romance gone bad |
User Domain |
3 |
|
Fire destroys primary data center |
System/Application Domain |
1 |
|
Service provider service level agreement is not achieved |
WAN |
3 |
|
Workstation Operating System (OS) has known software vulnerability |
Workstation Domain |
2 |
|
Unauthorized access to organization-owned workstations |
Workstation Domain |
1 |
|
Loss of production data |
System/Application Domain |
2 |
|
DOS attack on organization’s Demilitarized Zone and email server |
LAN-to-WAN Domain |
1 |
|
Remote communication from home office |
Remote Access Domain |
2 |
|
LAN server OS has a known software vulnerability |
LAN Domain |
2 |
|
User downloads and clicks on an unknown email attachment |
User Domain |
1 |
|
Workstation browser has a software vulnerability |
Workstation Domain |
3 |
|
Mobile employee needs secure browser access to sales-order system |
Remote Access Domain |
3 |
|
Service provider has major network outage |
WAN Domain |
2 |
|
Weak ingress/egress traffic-filtering degrades performance |
LAN-to-WAN Domain |
3 |
|
User inserts CDS and USB hard drives with personal photos, music, and videos on organization owned computers |
User Domain |
2 |
|
Virtual Private Network tunneling between remote computer and ingress/egress router is needed |
LAN -to-WAN Domain |
2 |
|
Wireless Local Area Network access points are needed for LAN connectivity within a warehouse |
LAN Domain |
3 |
|
Need to prevent eavesdropping on WLAN due to customer privacy data access |
LAN Domain |
1 |
|
Denial of Service (DOS) attack/distributed denial of service attack from Wide area network (WAN)/Internet |
WAN Domain |
1 |
Write a four –paragraph executive summary accordingly
Summary of finding Risks, Threats and Vulnerabilities:
The department discovers risks, threats, and vulnerabilities or organization conducted peculiar project analysis. Evaluation is granted to the framework at different levels. All applications are put into the total including the security protocol devices, and the new work has been performed in different IT application domains. There are very substantial risks to network vulnerabilities and challenges such as a business shift or revenues, previously identified as illicit hacks within the framework. In this step, possible threat or danger will be defined the next benefit in mitigation strategies management.
Approach of Critical, Major, Minor Risk Assessment Plan:
Detecting the hazards, challenges, and weaknesses, the second step is to formulate contingency strategies and specific measures in order to achieve the least danger impact in an IT system. Around the same moment, the danger level is always measured, and the probability of its presence is determined. Depending by recognizing the likelihood of hazard in the early phases, the prevention measures are set forward to mitigate the effect as far as possible.
Critical “1” risks, threats, and vulnerabilities identified throughout the IT infrastructure
Unauthorized access from public Internet
Hacker penetrates your IT infrastructure
Fire destroys primary data center
Denial of service attack on organization Demilitarized Zone (DMZ) and e-mail server
Unauthorized access to organization owned Workstations
Need to prevent eavesdropping on WLAN due to customer privacy data access
Short-term remediation steps for critical “1” risks, threats, and vulnerabilities
1. Unauthorized access from public Internet - Apply two level securities. Change your passwords frequently, Configure secure Web permissions, Lock down files and folders with restricted NTFS permissions
2. Hacker penetrates your IT infrastructure - Block the traffic away from malicious soft wares. Apply strict security monitoring. also create DMZ and apply IDS appliances also try using proxy servers Use the firewall to its fullest capability and block specific ports that are at risks.
Long-term remediation steps for major “2” and minor “3” risks, threats, and vulnerabilities
Loss of production data – Major 2
1. Try creating backup at different locations, Ensure up to date backup of data
2. Run archiving jobs on prod servers, Restrict downloads
3. Ban use of unencrypted devices
4. Make sure data transfer is done securely
5. Automate security & Introduce security training
6. Monitor data leakage
7. Define data accessibility
Risk Assessment on Seven Domains on IT Infrastructure:
User Domain- Risk can impact the User Domain through personnel if they are not practicing security standards. For instance, plugging a random USB drive-in is an excellent example of risk in the user domain.
Workstation Domain- It is nothing but a user's computer. It will be at risk if anti-virus protection not kept up to date with recent patches. For instance, if data not backed up, it results in data loss.
LAN Domain- An ordinary risk of the LAN Domain is that the LAN server's OS could have a software vulnerability. For instance, it would be the software having a bug, or coding error, that would have the OS make an unwanted action.
LAN-to-WAN Domain- WAN is not under the control of the organization/company and is more at risk of attacks. Hackers look for these vulnerabilities in connections.
WAN Domain- This domain is not under organization/company control. The main risk in the WAN Domain is that a server could be attacked via DDOS or other methods.
Remote Access Domain- Remote access will allow the user to work remotely since the Internet is mostly intrusted and has to know attackers; remote access represents a risk. The main threats are attackers can steal your credentials while you are trying your identity.
System/Application Domain- The System/Application domain has risks different from the other areas. Examples of threats in the System/Application Domain would be a fire could destroy data, and a Denial of Service attack could damage a company's email.
Recommendations and next steps:
For each vulnerability, the risk analysis of an IT asset includes identifying the risks and remunerating regulators to concentrate on the likelihood of abusing the difference. The potential influence can be misused to helplessness. Putting the likelihood and failure factor identification into account. Risk is equal to both the possibility and the possible effect of abuse. The threat thresholds identified and related were used to work on measures to minimize the danger.
Creating a Goal and executing it leads you to a specific success with one phase by phase action. A planning initiative constitutes the next most critical step in implementing management goals. It requires step-by - step analysis to all the duties to be done. Good contact is one of the most effective techniques which are widely used.
References
Spinner, M., & Spinner, M. (1992). elements of Project Management: Plan, schedule, and control. Prentice Hall.
The Purpose of IT Risk Assessment. (n.d.). Retrieved from
https://www.solarwindsmsp.com/content/purpose-of-risk-assessment