preview

Security Risk Report On JS Enterprise System

Good Essays
All networks and information technology systems are vulnerable by their very nature. Even when proper procedures are in place, flawed execution or human error can still make systems vulnerable to an attack. The security risk assessment performed on JS Enterprise systems uncovered several vulnerabilities that should be analyzed to determine the level of risk they pose and appropriate methods to resolve them. The first vulnerability that was discovered during the assessment was a software bug in one of the key devices used in military operations. While there is no evidence that this error has been exploited, a software engineer discovered that it could allow an attacker to eavesdrop on communication if they were able to gain physical access…show more content…
As mentioned above, the threat of a natural disaster has increased JS Enterprises vulnerability to an event and must be taken into consideration when attempting to calculate the resulting risk.
Analyzing Risks The above-mentioned threats and vulnerabilities present several different risk factors to the organization. The first risk that deserves consideration if the loss of data from the threat of a successful phishing attack or because of credentials that weren’t properly deactivated. This has the potential to expose sensitive company information or even introduce malware to the network. Depending on the credentials that the attacker was able to obtain, this could be damaging to the company in the form or copyright violations and potentially compromise the security of the devices used in the field. Closely linked to this is the risk of lost business in the form of time and money should an event take place. An example of this would be a successful ransomware attack or even a natural disaster. If that were to occur, these events could bring daily operations to a standstill and even lead to financial ruin if proper procedures are not in place. Should a ransomware attack successfully encrypt a server that has no proper offsite backup in place, the organizations only hope would be that the attacker would
Get Access