Cybersecurity Series
Cyber Security_Blog_with Book

CIR RAR-BIA Risk Treatment for Conduit Devices

This blog on the type of risk treatment strategy discussed as a  business continuity management (BCM) issue in connection with cyber security incident response (CIR).  It discusses the importance of knowing what information assets require protection against specific cyber security threats.

It is conducted as part of the Risk Analysis and Review (RAR) phase during the BCM planning process. This includes understanding the types of cybersecurity threats and the affected assets.

This risk treatment strategy is extracted from a Verizon survey. It provides an overview of the risk treatment and controls for the specific threat, Conduit Devices.

It also provides an understanding of the cyber criminals' techniques utilized to exploit vulnerabilities within the organization that sabotaged the assets, affecting the smooth continuity of business functions.

Reference: Chapter 6 Risk Analysis and Review and Business Impact Analysis 6.9 Risk Treatment

Moh Heng Goh

Risk Treatment

Risk Treatment Strategy for Specific Cyber Security Threats The risk treatment summarized by Verizon (2017) surveys for the following cybersecurity risk is as appended below:
  • The Human Element
  • Conduit Devices
  • Configuration Exploitation
  • Malicious Software
C6 CIR Risk Treatment_Conduit Devices
Threats Resulting from Conduit Devices

Types of Cyber Security Threats Due to Conduit Devices

Risk Treatment Strategy for Conduit Devices

 

S/No

Threat Scenario

Risk Treatment

Description of Risk Treatment/Control

Accept (A)

Mitigate/ Reduce (MR)

8

USB Infection

-

  • Incident Response and Management.

-

  • Create an inventory of authorised and unauthorised devices.
  • Program secure configurations on hardware and software.
  • Maintain, monitor and analyse audit logs.
  • Monitor and control account usage.

9

Peripheral Tampering

-

  • Train and create awareness among the employees.
  • Conduct penetration tests and “Red Team” exercises.

10

Rogue Connection

-

  • Create an inventory of authorised and unauthorised software.
  • Program secure configurations for hardware and software.
  • Set up defences against malware.
  • Install boundary defences.

11

Logic Switch

-

  • Program secure configurations for hardware and software.
  • Install boundary defences.
  • Manage security levels of application software.

12

C2 Takeover

-

  • Incident Response and Management.

-

  • Program secure configurations for hardware and software.
  • Program secure configurations for network devices.
  • Install boundary defences.
  • Monitor and control account usage.

13

Mobile Assault

-

  • Create an inventory of authorised and unauthorised devices.
  • Program secure configurations for hardware and software.
  • Install controls to protect data.
  • Manage wireless access.
  • Train and create awareness among employees.

14

IoT Calamity

-

  • Create an inventory of authorised and unauthorised devices.
  • Program secure configurations for hardware and software.
  • Limit and control network ports, protocols and services.
  • Program secure configurations for network devices.
  • Install boundary defences.

Risk Treatment Strategies for “Conduit Devices” Threats

CIR Risk Treatment Strategies

Risk Treatment Strategy

The Human Element 

Conduit Devices Config-uration Exploitation

Malicious Software

Back To: Overview of RAR and BIA

Risk Treatment Strategy for Specific Cyber Security Threats
New call-to-action
Risk Treatment for Conduit Devices Risk Treatment for Configuration Exploitation New call-to-action New call-to-action

 

 

 


BCMI Logo

Do You Want to Continue BCM Training onsite or online?

Competency-based Course
Certification Course
New call-to-action New call-to-action [BL-3-Catalog] What Specialist Level Blended Learning Courses that are Available? [BL-5-Catalog] What Expert Level Blended Learning Courses that are Available?

A Manager’s Guide to BCM for Cybersecurity Incident Response

Goh, M. H. (2017). A Manager's Guide to Business Continuity Management for Cyber Security Incidents, 2nd Edition. GMH Pte Ltd.

Reference: Chapter 6Risk Analysis and Review and Business Impact Analysis 6.9 Risk Treatment

Note: This version was the draft 2nd Edition being updated by 2023. The numeric in the square bracket [X.X] cross-refers to the actual chapter and section in the 1st Edition.

 

Comments:

 

More Posts

New Call-to-action