C2 – Assessment of the Risk Severity for each Threat Flashcards
C – Cybersecurity Protection Plans
Measures for Risk Severity
👉 We measure risk severity on a scale of low, medium, high & extreme. However, to identify these we must assess the probability of a threat occurring and the impact level/value of loss of the threat.
👉 Formulating the values for different risks can be difficult, especially since we are essentially quantifying into a category, something that cannot necessarily be calculated mathematically. However, there are some key tips for assessing these values, which we will look at on the next few slides:
Probability of a Threat Occurring
👉 This is how likely we think a threat is to occur. This can be affected by things like:
⚫ How easy it is for it to be performed
⚫ How big is the potential reward
⚫ How likely is it to be caught
⚫ How well known or easy to discover is the vulnerability being exploited.
👉 The probability of threats occurring is quantified via three key values:
⚫ Unlikely (not expected to happen but may do so)
⚫ Likely (will probably happen and reoccur but not persistently)
⚫ Very Likely (will certainly happen and repeatedly, possibly even frequently).
Impact Level / Value of Loss
👉 This is usually determined based off of how much data could be lost, how long it would take to restore normal business operation, if any data could potentially be stolen and how confidential the data is. We must also consider the level of financial & reputational harm this will cause.
👉 We quantify the impact of level of threats via three key values:
⚫ Minor (it is unlikely that much will be lost, although there might be some financial deficit),
⚫ Moderate (there is likely to be some lost, and financial damage is likely to have an impact on the organisation’s wellbeing)
⚫ Major (there is a high amount lost because of the threat, and financial damage is likely to be substantial).
Risk Assessment Method
⚫ Identify Possible Threats– before assessing the likelihood or harm of any threats we should identify all of the possible threats that might occur and list these down.
⚫ Identify Likelihood of Threats– using a scale, such as we looked at last lesson, identify how likely each of the threats we identified are to occur.
⚫ Assess the Vulnerabilities– look at our current networked system and identify how vulnerable our system might be to each of the threats. You might use some of the methods we discussed in the lesson “Assessing Vulnerabilities”.
⚫ Assess the Impact Level– using a scale, such as we looked at last lesson, identify how badly each of the threats will impact on the business should they occur.
⚫ Determine the Risk Severity– using a scale, such as with the risk severity matrix we looked at last lesson, identify what the severity is for each risk.
Documenting a Risk Assessment
⚫ Threat Number– a sequential number for each threat identified.
⚫ Threat Title– a short description of the type of threat. E.g. Misconfigured Firewall or Customer Devices Connecting to Wi-Fi.
⚫ Probability– The likelihood of the threat occurring. E.g. Unlikely, Likely, Very Likely.
⚫ Impact Level– The size of the loss if the threat occurs. E.g. Minor, Moderate, Major.
⚫ Risk Severity– The level of risk severity based on the matrix. E.g. Low, Medium, High, Extreme.
⚫ Explanation of the Threat in Context– a detailed explanation of the threat linked to the business context (such as the case study given in your controlled assessment).
