Introduction to Risk Assessment
- Level: Beginner
- Presenter: Eli the Computer Guy
- Date Created: October 12, 2010
- Length of Class: 57 Minutes
Purpose of Class
- This class teaches students the basic concepts behind Risk Assessments.
- Defining Risk, Threat and Vulnerability
- Types of Protections
- Mitigation Concepts
- Business Rational for Risk Assessment and Management
- The better you know technology the better you will do with Risk Assessment/ Management.
- Risk = Treat x Vulnerability
- Overview of Risk
- Risk is defined as the likelihood of financial loss.
- Risk is a business concepts not a technological one.
- Down Time
- Legal data loss issues
- Hacking – Attacks from your network
- Data Theft (Trade Secrets)
- Overview of Threat
- i. Natural Disatser
- ii. Malicious Human
- iii. Accidental Human
- iv. System Failure
- Overview of Vulnerability
- Theft of Systems
- Overview of ProtectionsTechnoloigical Safe Guards
- Physical/ Operational Security
- Disaster Plan
- Technological Safeguards (Firewalls, Antivirus)
- Concepts of Mitigation
- Incident -> Response -> Debrief ->Mitigation
- Making Bad not so bad
- You will never be safe
- Security Buy In and Quantifying Risk
- The business leaders will make the final decision on Risk Management
- The better your BUSINESS argument the more likely you are to get the go ahead.
- What is the cost of downtime
- What is the legal cost
- Cost of Security vs. Benefit
- Final Thoughts
- Risk is a BUSINESS concept! The more you understand about business and can talk about financial ramifications the more likely you are to get you fancy new security equipment.