Risk Management Flashcards
Which process provides a systematic approach to acquiring and analyzing the information necessary for protecting assets and allocating security resources?
The risk management process
The five steps of the Risk Management Process:
- Asset assessment (nature and value of an asset and the degree of impact if the asset is damaged or lost)
- Threat assessment (type and degree of threat)
- Vulnerability assessment (identification and extent of vulnerabilities)
- Risk assessment (calculation of risks)
- Countermeasure determination (security countermeasure options that can reduce or
mitigate risk - cost effectiveness)
Five broad categories for ASSETS
� Activities & Operations � Equipment � Facilities � Information � People
Threat
A threat is any indication, circumstance, or event with the potential to cause the loss of or damage to an asset. Threat may also be defined as the intention and capability of an adversary to undertake detrimental actions against an asset owner’s interests. A threat may include any indication, circumstance, or event with the potential to cause the loss of or damage to an asset.
Adversary
An adversary is any individual, group, organization, or government that conducts activities, or has the intention and capability to conduct activities detrimental to assets. Common examples of adversaries are terrorists, criminals, and foreign intelligence services.
Types of Adversaries (6 examples)
Criminal Economic Espionage Foreign Industrial Espionage Foreign Intelligence Service Insider Terrorist
Criminal
A criminal is an adversary who violates the law causing the loss of or damage to assets. Examples include: violent acts against people, theft, hacking, etc.
Economic Espionage
Economic espionage is the theft or misappropriation of U.S. proprietary information or trade secrets, especially to foreign governments and their agents. Both traditionally friendly nations and recognized adversaries conduct industrial espionage.
Foreign Industrial Espionage
Foreign industrial espionage is industrial espionage conducted by a foreign government or a foreign company with direct assistance of a foreign government against a private U.S. company for the purpose of obtaining commercial secrets.
Foreign Intelligence Service
Foreign intelligence services are organizations that are part of a foreign government and engage in intelligence activities.
Insider
An insider is an adversary who has special access or privileges, e.g., employees, contractors, customers, etc.
Terrorist
A terrorist is an adversary who uses violence or the threat of violence to inculcate fear, with the intent to coerce or intimidate governments or societies in the pursuit of goals that are generally political, religious, or ideological.
Types of Adversary collection capabilities
HUMINT (Human Intelligence) is intelligence derived from people through interviews, elicitation, or reports originating from people.
IMINT (Imagery Intelligence) involves using various sources, such as satellites, photos, infrared, imaging radar, and electro-optical, for collecting image data.
MASINT (Measurement and Signatures Intelligence) is intelligence (excluding signals intelligence and traditional imagery intelligence) that, when collected, processed, and analyzed, results in intelligence that locates, tracks, identifies, or describes the signatures (distinctive characteristics) of fixed or dynamic target sources. It includes the advanced data processing and exploitation of data from overhead and airborne imagery collection systems. MASINT data can be acquired from a variety of satellite, airborne, or ship borne platforms; remotely piloted vehicles; or from mobile or fixed ground-based collection sites.
OSINT (Open Source Intelligence) includes resources such as newspapers, internet, magazines, international conventions, FOIA requests, seminars, and exhibits (e.g., CNN.com, The New York Times, Aviation Week, and Space & Technology).
SIGINT (Signals Intelligence) is comprised of communications and the electronic and telemetry
collection of information in the non-visible portion of the electromagnetic spectrum.
“Covert” refers to an operation planned and executed to conceal the identity of, or permit plausible denial by, the sponsor. A covert operation is similar to law enforcement’s undercover operation.
“Overt” refers to an operation conducted openly to acquire information via the public domain.
Critical Threat
A critical rating indicates that a definite threat exists against the assets. This rating is based on
knowledge that the adversary has both the capability and intent to launch an attack, and that the
subject or similar assets are targeted on a frequent or recurring basis.
High Threat
A high rating indicates that a credible threat against the assets exists. This rating is based on
knowledge of the adversary’s capability and intent to attack the assets as well as on related
incidents having taken place at similar facilities.