(1)Evaluating Security Risks Flashcards
What is so important about Cybersecurity Risk Analysis? What do analysts have to do in this arena?
Cybersecurity risk analysis is one of the most if not the most important part of the information security program.
Analysts have to have a complete understanding of their tech environment and the outside dangers that put their system in harms way.
What does a well constructed cyber security program include?
A well constructed cyber security program includes information about inside and outside details to assist analysts to understand the threats their org faces and then make a group of controls to handle those threats
What are three terms that a risk analyst needs to know?
Vulnerability, Threat, and Risk
What is a vulnerability?
A vulnerability is when an attribute in a device, system, process, or application could possibly allow an attack to happen
What is a threat?
A threat is an outside factor that could take advantage of a vulnerability
Example) If a bad actor knows that the security team is lighter staffed on certain days and doesn’t cover all areas of a data center may try to infiltrate the data center to cause problems for the org
When it comes to threats, are all threats malicious?
Not all threats are malicious. While a vulnerability in a server system that a hacker could exploit is a threat, some threats are not malicious, such as earthquakes as they aren’t initiated by a person with the exclusive purpose of destroying a datacenter
What is a risk?
A risk is a threat and vulnerability put together
What must be true for an item to be a risk?
Both a threat and vulnerability must be present
What is the risk equation?
The risk equation is Risk = Threat x Vulnerability
In the risk equation, if a threat or vulnerability is zero, what is true?
If a threat or vulnerability is zero, then the risk is also zero.
What is the NIST publication that is a guide for risk assessments?
The NIST publication for risk assessments is NIST Special Publication (SP) 800-30
