Please enable JavaScript.
Coggle requires JavaScript to display documents.
Security - Coggle Diagram
Security
Mitigation Controls
Antivirus
Used to detect, prevent and remove any malware, it helps to increase cybersecurity as it stops anything getting into a system
Firewall
Network security system which monitors and controls incoming and outgoing network traffic based on premade security rules
-
Encryption
You take a string of text and change the letters into a secret codex which should only be able to be encrypted with a key
User Access
Administration of giving individual users certain access to tools or giving groups of peoples roles changing their access level
-
Procedures
Certain instructions as to how certain things should be done, they usually tell someone how to carry out tasks and in which order
Staff Training
Putting your staff through training on how you are supposed to use any system that would require training
Backups
Creating copies of any information saved onto a system so that you would be able to recover any information if anything goes wrong
Air Gaps
Employed on one or more computers and ensures that a secure computer network is physically isolated from any unsecured networks
Honeypot
A computer security mechanism which detects, deflects or counteracts any attempts to access any information without authorisation
-
Technical Threats
Hackers
People trying to hack into your network to gain access or control over your system resulting in either shut down or loss of data
Malware
Software intentionally designed to cause disruption to a computer or server, it can also leak private information
DDoS
Cyber attack where the attacker seeks to make a machine or network unavailable to its intended users
Ransomware
These gain access to your files and then lock them behind a paywall so that your information is unavailable until you pay
Phishing
Deceiving people into revealing sensitive information or installing a malware like ransomware or spyware
Exploits
A defect in your security system which anyone can use over and over to do something they shouldn't be able to do
SQL Injection
Web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database
Bruteforce
A software used to gain access to accounts, they guess passwords until they get one right causing people to get unauthorised access to systems or accounts
Poor Security
Lack of a strong password and 2FA can make it easier for someone to gain unauthorised access to accounts
Non-technical Threats
Theft
If information is stolen then it could be leaked and is also a massive privacy risk as we don't know who has access to it
Human Error
An employee could accidentally publish private information to the public eye causing the information to be stolen and redistributed
Malicious Employees
If an employee decides to sabotage a system or leak any information it can cause lawsuits and privacy risks
Vandalism
Systems can be damaged and destroyed causing loss of information and data which could be critical to work
-
Fires
Systems can be destroyed or whole data stores can be destroyed causing both a loss of money and data
-