2023 IT Examiner School

First page Table of contents Previous page 284-285 Next page Last page

IT\Cybersecurity Risk Assessment

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

Threat Event: Reasonably Foreseeable Internal and External Threats

Information and / or Systems Asset

Asset Name or Vendor (if Applicable)

Electronic, Paper, Both, or N/A

In-House, Outsourced, Both or N/A

Probability of Occurrence

Potential Damage

Control Effective

Functional Areas

Location(s)

Value/Sensitivity

Threat Type

At Risk

Inherent Risk Value Inherent Risk Rating

Controls

Residual Risk Value Residual Risk Rating

Periodic imaging of system. Backup of data to network drive.

FIS Horizon Core

Acc:Accidental deletion/modification of information by authorized users.

Moderate Mitigation

Accounting

Accounting System

Electronic

In-House

Confidential

Accidental

Low

Medium

2

Mid-Low

0.9

Low

HQ

I-A

Reinstall software Hot Spare Router & Fail over routing

Elevated Mitigation

Electronic

In-House

Basic

Technical

IT System

Cisco Routers

Medium

High

4

Mid-High

1

Low

Audit

HQ

Tech:Software Degradation/Failure

A

Policy & Procedure Least Privilege

Adv:Insert malicious scanning devices (e.g., wireless sniffers) inside facilities.

Microsoft Active Direcotry Servers

Privilege Access Reviews Multi-factor Authentication

Moderate Mitigation

Electronic

N/A

Confidential

Adversarial

IT System

Medium

High

4

Mid-High

1.8

Mid-Low

Audit

HQ

C-I-A

Cellular Backup. Alarm Monitoring and Notification Service.

Elevated Mitigation

Electronic

Both

Basic

High

High

5

High

1.25

Mid-Low

Physical Security

Alarm

Security Company

Enterprise

Technical

Tech:Communications Degradation/Failure

A

Replacement

Electronic

In-House

Confidential

Technical

Low

Medium

2

Mid-Low

1.3

Mid-Low

Physical Security

Video Surveillance

Security Company

Enterprise

Some Mitigation

Tech:Hardware Degradation/Failure

A

Disable DHCP when feasible. Enable Port Security on Switches. Use MAC address whitelisting.

Microsoft DHCP

Adv:Exploit vulnerabilities on internal organizational information systems.

Moderate Mitigation

Basic

Adversarial

5

High

2.25

Medium

Electronic

In-House

High

High

Protocols

DHCP

C-I-A

Enterprise

Disable FTP when feasible. Use IP filtering to restrict access. Disable Anonymous access. Require Username and password for access. Disable SNMP or set SNMP to Read Only & Disable Read/Write. Change Public community name.

Adv:Exploit vulnerabilities on internal organizational information systems.

Moderate Mitigation

PII

Adversarial

5

High

2.25

Medium

Electronic

In-House

High

High

Protocols

FTP

C-I-A

Enterprise

FTP Server

Managent SNMP

Adv:Exploit vulnerabilities on internal organizational information systems.

Moderate Mitigation

Confidential

Adversarial

5

High

2.25

Medium

Electronic

In-House

High

High

Protocols

SNMP

C-I-A

Enterprise

Adv:Exploit vulnerabilities on internal organizational information systems.

Elevated Mitigation

Confidential

Adversarial

Electronic

In-House

High

High

5

High

1.25

Mid-Low

Protocols

Telnet

Telnet

C-I-A

Disable Telnet.

Enterprise

Made with FlippingBook - Share PDF online