Question

Risks should be monitored after risks have been identified and mitigations have been implemented to reduce the likelihood of exploit. Identify and explain risk monitoring methods that should be used to ensure the identified risks and risk mitigation's remain at an acceptable level.

Answer 1

The first thing important in risk management is to assess the risk itself, what is the extent of the risk posed to the organization. System characterization, threat identification, vulnerability identification, control analysis, likelihood determination, impact analysis, risk determination, controls recommendations, and results documentation (NIST Special Publication 800-30, 2017). System characterization is essentially locating and determining the equipment at risk. Threat detection will provide the weaknesses within the IT system. Vulnerability identification will provide a list of system flaws. Control analysis provides a plan for minimizing or elimination of the threat. Along with likelihood, impact and the other methods listed above will help monitor and minimize risk.

The terms threat, risk, and vulnerability are sometimes used interchangeability. However, these terms have distinct meanings and must be used properly when conducting risk assessments and protecting systems from Internet threats. Define and compare the terms threat, risk, and vulnerability.

Threat – These can exploit a vulnerability that can be intentionally or accidentally

Risk – Once the threat has been exploited the damage done

Vulnerability – These are weaknesses within the security program that are exploited

While each of these terms are interchangeable they are not equal, or can they work alone. Once there is a weakness, such as outdated firmware, that firmware can be exploited then there is the potential for loss. Threats can include many aspects like spyware or malware while a vulnerability finding a way in through the design of the system or the software installed on the systems.