Define and evaluate a security risk and measure the impact of the risk on a business organization.
Review one of the five security reports listed below and provided in the topic Resources. Your goal is to identify an interesting trend, such a high profile threat, the Internet of Things, medical devices, web hacks, etc. and write an executive summary explaining how the trend presents a risk within the industry associated with the selected security report.
“Security Threat Trends 2015”
“Worldwide Infrastructure Security Report – Volume XI”
“Internet Security Threat Report”
“2016 Trustwave Global Security Report”
“2016 Data Breach Investigations Report”
Write a 1,500-word executive summary that contains the following information.
Overview
Provide a summary of the threat trend.
Include graphs that depict the trend. You may include content form the report with appropriate citation and references.
Threat Definition
Explain the threat and how it exploits vulnerabilities within an organization.
Risk Identification
Identify the risk by detailing how exposed the organization is to the threat.
List several systems, resources, applications, or browsers that can be impacted.
Rate each system based on the likelihood and impact of the threat.
Provide a risk matrix that summarizes threat likelihood and impact.
Assign each system a value from the risk matrix to identify the risk posted to the organization.
Justify the risk matrix values.
Risk Measured
Identify and measure the impact the identified threat can cause to an organization.
Explain how the threat can impact the organization and summarize the likelihood of occurrence.
Discuss the costs associated with the impact of the threat.
Identify appropriate countermeasures or information technology solutions that can be put into place to reduce, resolve, or manage the threat impact.