10 - Risk Management Flashcards
Why do we need risk assessment
- Avoid doing same mistakes
- Know how many resources to use and how (GDPR, testing etc)
5 steps to security
IIDIC
- Identify the target
- Identify the source of insecurity
- Determine the threats
- Implement measures that protect assets in a cost effective manner
- Continuous review
Risk Management vs Risk Assessment
Risk assessment is the identification phase
Risk management includes assessment AND implementation
Risk is a function that takes into account?
THreat, Asset and vulnerability
Risk management meaning
- Minimisation of risks
- Control affects of risks
Techniques of risk management
AMCTAR
- Avoidance
- Mitigation
- Cost Benefit analysis
- Transfer (the risk to 3rd party)
- Acceptance
- Residual Risk
Risk
Inappropriately configed firewall rule set allows unauth LAN access
Avoid:
Reduce:
Transfer
Avoid: Periodic review of firewall
Reduce: Install IDS: weekly scanning
Transfer: Outsource net management
Risk assessment: List based on asset or threat
Asset
List each asset THEN the threat to it
3 Challenges of Risk Assessment
SIE
- Static process for moving target
- Information availability
- Estimating the impact
Quantitiative Risk Assessment vs Qualitative
- Quantitative: Calculates absolute financial values, losses and costs
- Qualitative: Calculates relative values, losses and costs
Risk between likelihood and impact
Imagine 3x3 grid with impact and likelihood
First thing you try to test a vulnerability
pen testing
Risk ID: Threats to consider (… or …_
- External or internal
- Natural or manmade
- Intentional or accidental
Risk ID: Identifying vulnerabilities
- Audit
- Certification/accreditation records
- Sys logs
- prior events
- trouble reports
- incident response teams
Threat and vulnerability paired = ____
Threat Action showing the impact
