Identifying Potential Risk, Response, and Recovery
In Assignment 1 (which I have attached), a videogame development company recently hired you as an Information Security Engineer. After viewing a growing number of reports detailing malicious activity, the CIO requested that you draft a report in which you identify potential malicious attacks and threats specific to your organization. She asked you to include a brief explanation of each item and the potential impact it could have on the organization.
After reviewing your report, the CIO requests that you develop a follow-up plan detailing a strategy for addressing all risks (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance) identified in Assignment 1. Further, your plan should identify controls (i.e., administrative, preventative, detective, and corrective) that the company will use to mitigate each risk previously identified.
Write a four to five (4-5) page paper in which you:
- For each of the three (3) or more malicious attacks and / or threats that you identified in Assignment 1, choose a strategy for addressing the associated risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance). Explain your rationale.
- For each of the three (3) or more malicious attacks and / or threats identified in Assignment 1, develop potential controls (i.e., administrative, preventative, detective, and corrective) that the company could use to mitigate each associated risk.
- Explain in detail why you believe the risk management, control identification, and selection processes are so important, specifically in this organization.
- Draft a one (1) page Executive Summary that details your strategies and recommendations to the CIO (Note: The Executive Summary is included in the assignment’s length requirements).
- Use at least three (3) quality resources in this assignment (no more than 2-3 years old). Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
- Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; references must follow APA.
- Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required page length.
On the previous report, we identified the Potential Malicious Attacks, Threats and Vulnerabilities that may impact the network of your organization. Further we are going to discuss the potential risks that the vulnerabilities cause or may cause to the system or the organization and the choice response to take towards such attacks which may include:
Risk mitigation also called risk reduction which is a way of reducing the degree of exposure to a threat or a risk so as to majorly avoid re-occurrence.
Risk Acceptance which is a strategy that does not decrease any effects of the threat and is usually considered when the cost of the…