Some of the steps organizations take to manage and mitigate the risks associated with security, identifying threats, assess vulnerabilities, and implementing controls are explained below:
Information security encompasses the protection of important information and database which are the assets of the organizations. These should be highly protected from being misuse, disclosure, unauthorized access, or destruction. Both inside and outside the organizations could be threat on the issue. The threat are always there in a center where organization only can mitigate rather than concerned on fully elimination. A careful assessments would be a solution to manage them. For instance, Laws can play important role on mitigating threat, safely secure records could be next option, and governmental role on securing classified documents.
Criminal gangs are always there with the threats barrage servers and malicious software designed to attack the computer system. For instance, today, this botnets has become one of the most significant threats to the Internet that makes machines under the control of an attacker (Grizzard, Sharma, Nunnery, Kang & Dagon, 2007). The gangs activate botnets, a network of private computers infected with malicious software and controlled as a group without the owners’ knowledge, e.g. to send spam, to capture user IDs, passwords, credit card numbers, social security numbers, and other sensitive information. Surging habits and antivirus protection are solution to prevent from botnets.
Vulnerabilities of risk assessment should also be examined properly in order to determine how effective its existing security measures are. This could be a solution finding the security gaps and the threats. This works on the matrix that the manger can identify the level of risk on confidentiality, company reputation, finances, system availability, and operations. For instance, cloud computing could be option to influence each risk factor by feed documentation mechanism/ format/ protocol (Grobauer, Walloschek & Stocker, 2011).
Administrative security control helps on awry situation. Here, in order to enhance the information security the security controls through the process, policies, and the plans of the organizations. Employee will adhere only if there is a strict policies maintained. The system should also back up by the software which organization can resume business at any time (Guell, 2015).
References
Grizzard, J. B., Sharma, V., Nunnery, C., Kang, B. B., & Dagon, D. (2007). Peer-to-Peer Botnets: Overview and Case Study. HotBots, 7 , 1-1.
Some of the steps organizations take to manage and mitigate the risks associated with security, identifying threats, assess vulnerabilities, and implementing controls are explained below:
Information security encompasses the protection of important information and database which are the assets of the organizations. These should be highly protected from being misuse, disclosure, unauthorized access, or destruction. Both inside and outside the organizations could be threat on the issue. The threat are always there in a center where organization only can mitigate rather than concerned on fully elimination. A careful assessments would be a solution to manage them. For instance, Laws can play important role on mitigating threat, safely secure records could be next option, and governmental role on securing classified documents.
Criminal gangs are always there with the threats barrage servers and malicious software designed to attack the computer system. For instance, today, this botnets has become one of the most significant threats to the Internet that makes machines under the control of an attacker (Grizzard, Sharma, Nunnery, Kang & Dagon, 2007). The gangs activate botnets, a network of private computers infected with malicious software and controlled as a group without the owners’ knowledge, e.g. to send spam, to capture user IDs, passwords, credit card numbers, social security numbers, and other sensitive information. Surging habits and antivirus protection are solution to prevent from botnets.
Vulnerabilities of risk assessment should also be examined properly in order to determine how effective its existing security measures are. This could be a solution finding the security gaps and the threats. This works on the matrix that the manger can identify the level of risk on confidentiality, company reputation, finances, system availability, and operations. For instance, cloud computing could be option to influence each risk factor by feed documentation mechanism/ format/ protocol (Grobauer, Walloschek & Stocker, 2011).
Administrative security control helps on awry situation. Here, in order to enhance the information security the security controls through the process, policies, and the plans of the organizations. Employee will adhere only if there is a strict policies maintained. The system should also back up by the software which organization can resume business at any time (Guell, 2015).
References
Grizzard, J. B., Sharma, V., Nunnery, C., Kang, B. B., & Dagon, D. (2007). Peer-to-Peer Botnets: Overview and Case Study. HotBots, 7 , 1-1.
Grobauer, B., Walloschek, T., & Stocker, E. (2011). Understanding cloud computing vulnerabilities . IEEE Security & Privacy, 9 (2), 50-57.
Guell, Robert C. (2015). Issues in Economics Today , 7th edition- 2015 ISBN: 978-007802181