Week 04 Assignment
.docx
keyboard_arrow_up
School
IGlobal University *
*We aren’t endorsed by this school
Course
540
Subject
Information Systems
Date
May 6, 2024
Type
docx
Pages
2
Uploaded by tonixv
Week 4: Assignment 4
Answer 1:
Why do a security risk evaluation for the Blue Sky Financial Bank matter in question?
Blue Sky Financial Bank needs to have a security risk review done for a number of reasons. First,
it helps find possible weak spots and risks to the the bank's data centre, which is home to important things like staff and customer records, computers, data storage, and over time documents. By figuring out these hazards, the bank can set priorities and handle them well, keeping its data safe and secure. Second, financial companies are required by law to do a security risk review. It makes sure that the bank follows the rules established by regulators, which is very important for keeping its license to operate and avoiding fines. Last but not least, a security risk review can help keep the bank's good name. If there is a data hack, the bank's image could be badly hurt, which could cause them to lose users and even face
court action. The bank can avoid these kinds of problems and keep the confidence of its clientele and other important people by effectively finding and controlling risks.
Answer 2: Cybersecurity Risk and Math
:
a)
There is a chance that an organization's infrastructure, utilization of technology, or image could be lost or damaged if its information systems fail or are hacked. This is called cyber risk. Cyber danger for Blue Sky Financial Bank could come from a number of
places, such as hacking, data breaches, or mistakes in the system. One may employ a method that takes into account the possible threats, the weak spots that these threats could use, and the worth of the things that are at risk to figure out the cyber risk. For example, if a financial institution has 55,000 clients and the data on each one is worth a certain amount, then the overall worth of the product (the customer information) can be found. By listing the possible threats and weak spots, the bank can guess how likely it is that a threat will use a weakness and what damage it could do to the asset.
b)
Blue Sky Financial Bank may be at risk of the following hacking threats:
Breach of data
: If someone gets into the bank's records without permission, private information about customers or employees could be made public.
Attacks with phishing
: Cybercriminals could trick bank workers into giving up private data, like login passwords, that could be used to get into the bank's systems.
Attacks with ransomware
: Bad software could lock the bank's data, making it impossible to get to until a fee is paid.
Threats from inside
: Employees who have access to a bank's tools could use it wrongly, whether they mean to or not, which could cause data to be lost or exposed
(Fortinet, Inc, n.d.)
.
Week 4: Assignment 4
Answer 3: Checking and testing for security
:
There would be several steps in the security testing and evaluation for Blue Sky Financial Bank:
Find your assets
: Finding the things that require to be preserved is the first step. In the present scenario, these would be the files for customers and employees, the computers,
the data stores, and the long-term backups.
Find Vulnerabilities and Threats
: Finding possible risks and weak spots that could affect these assets is the next step. It's possible that this would mean looking over the bank's procedures and processes and keeping up with the newest online dangers.
Check for Risks
: After finding the dangers and weak spots, the next thing to do is to figure out how dangerous they are. This means guessing how likely it is that a threat will take advantage of a weakness and what damage it could do to the asset.
Put in place controls
: Once the bank has an idea of the risks, it can put in place rules to deal with them. This could include technology controls like firewalls or encryption, management controls like rules and laws, or real controls like safe buildings.
Watch and Think About
: Lastly, the bank should check and see if its security steps are still working on a regular basis. This could include teaching employees, frequent security
checks, and hacking tests
(National Academy of Sciences, n.d.)
.
Blue Sky Financial Bank may be sure that its data center is safe and that it is ready to handle any
possible hacking risks by following these steps.
References
Fortinet, Inc. (n.d.). What Is A Data Breach?
Retrieved from https://tinyurl.com/3urr2hf6
National Academy of Sciences. (n.d.). Computers at Risk: Safe Computing in the Information Age
. Retrieved from https://tinyurl.com/5f8b6752
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help