Please enable JavaScript.
Coggle requires JavaScript to display documents.
R10.4 Technical and non-technical vulnerabilities that exist within an…
R10.4 Technical and non-technical vulnerabilities that exist within an organization
Technical Vulnerabilities
Weak or outdated encryption- A stronger method of encrypting data called hashing
Out-of-date software, hardware and firmware
Components will need to be updated. This may be as a result of incompatibility between newer software programs and hardware.
Compatibility of legacy systems
New hardware and software have a possibility that it won't be compatible with the existing, legacy, hardware and software.
This can cause issues with software, data and info stored on legacy systems, software and data may have to be converted to be used on the new software.
The term ZERO-DAY means that the vendor has zero days to fix the vulnerability.
FORWARD COMPATIBILITY
Data sometimes becoming corrupted or not being in a useful format
BACKWARD COMPATIBILITY
If data is entered and processed on new software but is then exposed to legacy software this, again, can lead to data being corrupted or unable to be exported.
Exploitable bugs/zero-day bugs
Bug that refers to a software or hardware vulnerability which has just been discovered.
FAIL OPEN ELECTRONIC LOCKS
Type of software lock will keep the software, and the system open if an error is detected.
Missing authentication and authorization
If users don't have to be authorized to use a digital system then the system is very vulnerable to attacks.
Non-Technical Vulnerabilities
Employees- People are the weakest link in any security procedure or process.
Policies and procedures must be followed to maintain a high level of security.