Historical AnalysisDefinition of termsWhen we talk about information security breaches, we look at various important aspects and factors that can amount to a security breach. In the analysis of information security breaches we have to define these terms: Threat: This is the means by which a given computer system attack can occur. A threat depends on the existence of a particular vulnerability within the system or organization. Threat assessment tends to look at prudent practices and measures to be carried out in order to secure a system and its vital information. Threat assessment can be carried through simulated practice attacks so as to know threat outlines and come up with counter measures against these threats.
In some scenarios, threat assessment focuses on the attacker’s potential to carry out an attack and the resources which could be used to execute an assault. These scenarios could be countered by ensuring that the cost of a successful attack overwhelms the cost and resources required to carry out an attack, thus making attacks costly. Threat assessment is usually carried out in order to come up with security policies that guide on information; the implementation of these policies will be significant in securing information or resources. Vulnerability: This can be defined as security faults or errors within a system that could lead to a successful attack.
The assessment of vulnerabilities should be done on an on-going basis since errors either human or system occurs on a regular basis. Vulnerability assessment also helps the organization come up with security policies on how to respond to new treats and maintain security. Within an organization vulnerabilities are not technology specific and due to the ever increasing pace of technology, new vulnerabilities such as hacking and cracking are on the rise.
Employees have to be trained on prudent counter measures to prevent vulnerabilities that might lead to a successful attack. Risk: It is the probability of a targeted attack being successful. It can also be defined as the extent of exposure to a given threat. Risk assessments are usually conducted to determine the immediate security measures to be undertaken; they are time constraint and have to be conducted immediately. In risk assessment we look at potential security breaches and important issues to be addressed, such as the cost of a successful attack and probability of an attack.
Risk assessment helps an organization to budget on security costs and to prioritize security policies to be implemented as quickly as possible. Impact: When a security breach occurs or when a successful attack has been carried out against an organization, we look at the impact of the attack. Impact refers to cost, damage and other effects on the organization as a result of information illegal access. When we are assessing cost impacts, we have to look at business lost due to breached resources; cost of replacing stolen resources or even cost of implementing security measures and recovery of lost data and resources.
Impact assessment is very critical since it enables an organization to plan on security that must be put in place; security policy to be adopted and responsible parties for the adoption of the set security measures.