HHHHHHHHHHHHHHHH 300 150 150
Cybersecurity Risk Management
RESPOND TO THIS DISCUSSION 1 IN 150 WORDS
Cybersecurity can be defined as a set of techniques and methodologies that are used to protect the data and assure their integrity from cyber attacks like damage, unauthorized and so on. Risk management on other hand is techniques used to reduce the risk which comes from taking any new steps towards the development of an organization.
The cyber attacks occurring to data in organizations are directly proportional to increase in cybersecurity risk management. For enabling the risk management for data that is prone to cyber attacks first we need to understand which data is needed to be protected from going to hands of intruders. Even though National Institute of standards and security sets some standards but different organizations has its own data security risks and different technology infrastructures.
Cybersecurity is mainly required for protecting organizational sensitive data on which the growth of organization relies on, there are many categories of cyber threats which are formed in a daily basis but following are some generic terminology cyber terrorism, cyber warfare, Cyber-espionage. In cyber terrorism the terrorist group's spy on information which leads to national security issues and cyber warfare can be a cyber threat where company information is stolen by other or a nation is stealing the information of other company and cyber espionage is storing the information of the owners or the managers by subordinates
Following the CMM approach, the risk management can be done in following levels. Initial, Repeatable, Defined, Managed, and Optimizing.
These levels are followed by many risk management services like Deloitte, HP enterprise, Coal Fire and more of these services provide some better mechanism for protecting sensitive data of an organization.
Cybersecurity is interrelated to risk management. Whenever there is a threat to data security and integrity both the cybersecurity and risk management need to work together to provide complete security to sensitive data of an organization. It just takes cybersecurity related issues and matches it to real-world risk management ways so that effective solution can be formed.
As an IT manager, initially, I would check whether there are any threats to my data, and if running an organization, I would definitely face data threats as mentioned so I will apply the risk management services that are provided by HP, KMPG and many other services depending on the severity of data threat and after applying these services I would check to maintain cybersecurity to prevent cyber-crimes relating to data theft.
References:
Cybersecurity Risk Management. (n.d.). Retrieved April 18, 2018, from https://galois.com/project/cybersecurity-risk-management/
P. (2017, March 30). Cybersecurity Risk Management: Finding and Fixing Your Security Vulnerabilities. Retrieved April 18, 2018, from https://www.esecurityplanet.com/network-security/cybersecurity-risk-management.html
What is cyber security? (n.d.). Retrieved April 18, 2018, from https://www.itgovernance.co.uk/what-is-cybersecurity