Next we would be dealing with the concepts and subtleties involved in the terms threat, vulnerabilities, risk and impact.
------------------------------------------------------------------------------------------------------------------
12] THREATS, VULNERABILITIES, RISK, IMPACT, what are the differences?
12.1) Threats : Threats are those entities which have a potential to cause harm to an asset. This asset can range from a small piece of paper to a large organisation of 100,000 employees. In cyber terms, threat can be any type of malware. Jot down more such examples in cyber terms on your own so that you will get a confidence on your understanding of this concept.
12.2) Vulnerabilities : Vulnerabilities are the weaknesses in the system which can be exploited(used) by threats. Lets start with ourselves as an example. When you have a high fever, this is simply your weakness, your vulnerability(please refer to any standard English dictionary if you are unaware of the general meaning of the word vulnerability). Now when you have a high fever(vulnerability), you are more prone to diseases such as malaria, cold, flu,etc. Now these diseases here act as threats to yourself. In terms of computers and their networks, an example would of transferring some data on an unsecured connection. Here, the property of connection being unsecured is a weakness, a vulnerability.
12.3) Risk : Risk is the likelihood or the probability that something bad(inconvenient or unwanted) will happen. Taking the example from the definition of vulnerability, when you are suffering from high fever and there is an ongoing epidemic in the town in which you live, then you are at a high risk, meaning you have more probability of catching that epidemic.
In terms of computers and their networks, for example, when there is an attack going on a network and somehow you plan to send a data on an unsecured communication line, here you are employing a high degree of risk.
12.4) Impact : Impact is nothing but the value of the asset which is being protected from the threats. For example, if your data contains a one line information which says how the sun revolves, then we do not employ any risk here. It means that even if the data gets exposed, our organisation wont be facing any unwanted incidence(threat).
Go through the terms once again and make a long list of examples for each term so that you master the concept at once.
We spoke about the threats,risks,etc, now how do we CONTROL them. Yes, next topic would deal in detail about Controls.
------------------------------------------------------------------------------------------------------------------
13] CONTROLS
Controls are those entities that mitigate the above mentioned risks and threats. We classify these controls in 3 broad fields viz:- Physical, Logical, Administrative.
13.1) Physical Controls : Physical controls are those controls which protect the physical environment in which our assets reside or are present. For example, our home is our dear asset. Now to protect it from intruders say thieves or harmful animals, we protect it by installing big sized gates in front, fences on all 4 sides, with another gate on the backside. Thus these gates and fences together comprise physical controls. In cyber terms, consider a server room or say a data center in a large organisation. Such rooms are always protected with heavy metal doors with advanced locking mechanisms. Here these doors and locks together comprise physical controls. An important point here to be noted is that the fire safety mechanisms, air conditioning systems, backup generators also comprise of physical controls.
13.2) Logical Controls : Logical controls are those type of controls which protect the systems, their networks and the environments that store, process, transmit our data. These logical controls include passwords, anti viruses, firewalls, intrusion detection systems,etc.
13.3) Administrative Controls : These controls comprise of the rules, policies, procedures that an organisation's administration employs to ensure the organisation's security. For example, the rule which says everyone who takes up coffee from the machine is bound to close(switch off) the machine after use. In cyber terms it would be as changing passwords every 5th log in. These controls are nothing but how we want the users of our environment to behave.
----------------------------------------------------------------------------------------------------------------
------------------------------------------------------------------------------------------------------------------
12] THREATS, VULNERABILITIES, RISK, IMPACT, what are the differences?
12.1) Threats : Threats are those entities which have a potential to cause harm to an asset. This asset can range from a small piece of paper to a large organisation of 100,000 employees. In cyber terms, threat can be any type of malware. Jot down more such examples in cyber terms on your own so that you will get a confidence on your understanding of this concept.
12.2) Vulnerabilities : Vulnerabilities are the weaknesses in the system which can be exploited(used) by threats. Lets start with ourselves as an example. When you have a high fever, this is simply your weakness, your vulnerability(please refer to any standard English dictionary if you are unaware of the general meaning of the word vulnerability). Now when you have a high fever(vulnerability), you are more prone to diseases such as malaria, cold, flu,etc. Now these diseases here act as threats to yourself. In terms of computers and their networks, an example would of transferring some data on an unsecured connection. Here, the property of connection being unsecured is a weakness, a vulnerability.
12.3) Risk : Risk is the likelihood or the probability that something bad(inconvenient or unwanted) will happen. Taking the example from the definition of vulnerability, when you are suffering from high fever and there is an ongoing epidemic in the town in which you live, then you are at a high risk, meaning you have more probability of catching that epidemic.
In terms of computers and their networks, for example, when there is an attack going on a network and somehow you plan to send a data on an unsecured communication line, here you are employing a high degree of risk.
12.4) Impact : Impact is nothing but the value of the asset which is being protected from the threats. For example, if your data contains a one line information which says how the sun revolves, then we do not employ any risk here. It means that even if the data gets exposed, our organisation wont be facing any unwanted incidence(threat).
Go through the terms once again and make a long list of examples for each term so that you master the concept at once.
We spoke about the threats,risks,etc, now how do we CONTROL them. Yes, next topic would deal in detail about Controls.
------------------------------------------------------------------------------------------------------------------
13] CONTROLS
Controls are those entities that mitigate the above mentioned risks and threats. We classify these controls in 3 broad fields viz:- Physical, Logical, Administrative.
13.1) Physical Controls : Physical controls are those controls which protect the physical environment in which our assets reside or are present. For example, our home is our dear asset. Now to protect it from intruders say thieves or harmful animals, we protect it by installing big sized gates in front, fences on all 4 sides, with another gate on the backside. Thus these gates and fences together comprise physical controls. In cyber terms, consider a server room or say a data center in a large organisation. Such rooms are always protected with heavy metal doors with advanced locking mechanisms. Here these doors and locks together comprise physical controls. An important point here to be noted is that the fire safety mechanisms, air conditioning systems, backup generators also comprise of physical controls.
13.2) Logical Controls : Logical controls are those type of controls which protect the systems, their networks and the environments that store, process, transmit our data. These logical controls include passwords, anti viruses, firewalls, intrusion detection systems,etc.
13.3) Administrative Controls : These controls comprise of the rules, policies, procedures that an organisation's administration employs to ensure the organisation's security. For example, the rule which says everyone who takes up coffee from the machine is bound to close(switch off) the machine after use. In cyber terms it would be as changing passwords every 5th log in. These controls are nothing but how we want the users of our environment to behave.
----------------------------------------------------------------------------------------------------------------
No comments:
Post a Comment