Please enable JavaScript.
Coggle requires JavaScript to display documents.
internal threats and breaches (security control's (technical…
internal threats and breaches
unintentional disclosure of data
too much confidential information is given to a customer or employee
physical copies of data is left on trains or in cars
computer encryption is not strong enough or used well enough
stealing information
incorrect file privileges given to users
information not disposed of properly when finished with
IT systems can be compromised
security control's
technical
firewalls
antiviruses
procedural
incident process
physical
fences
gates
legal
laws
use of portable storage devices
companies can prevent it by:
disabling access to USB ports
logging who downloads things
preventing access to files that a user doesn't need
training users of the security on the risk of removable data
they allow people to steal data very quickly
untrustworthy websites and downloads
websites that are un-trustworthy may be harmful or contain a malware
financial loss
companies can suffer a financial loss in these ways
directly via. stealing
indirectly via. malware's or worms
damage to public image
when peoples data is lost they lose trust in the company
this can lead to a reduction in the companies profits
data loss
data loss can be incredibly costly to the company
they could lose customers due to the hack, and thus losing profit
they could have to spend money on replacement files which could cost a lot
reduction in productivity and downtime
cyber attacks require time to:
remove malware
repair damage
retrieve backups
investigate the problem
patch any security holes