Risk Treatment
The risk treatment summarized by Verizon (2017) surveys for the following cybersecurity risk is as appended below:
|
S/No |
Threat Scenario |
Risk Treatment |
Description of Risk Treatment/Control |
|
Accept (A) |
Mitigate/ Reduce (MR) |
|||
8 |
USB Infection |
✓ |
- |
|
- |
✓ |
|
||
9 |
Peripheral Tampering |
- |
✓ |
|
10 |
Rogue Connection |
- |
✓ |
|
11 |
Logic Switch |
- |
✓ |
|
12 |
C2 Takeover |
✓ |
- |
|
- |
✓ |
|
||
13 |
Mobile Assault |
- |
✓ |
|
14 |
IoT Calamity |
- |
✓ |
|
Risk Treatment Strategies for “Conduit Devices” Threats
Risk Treatment Strategy |
The Human Element |
Conduit Devices | Config-uration Exploitation |
Malicious Software |
Back To: Overview of RAR and BIA |
|
|
Competency-based Course |
Certification Course | ||
Goh, M. H. (2017). A Manager's Guide to Business Continuity Management for Cyber Security Incidents, 2nd Edition. GMH Pte Ltd.
Reference: Chapter 6Risk Analysis and Review and Business Impact Analysis 6.9 Risk Treatment
Note: This version was the draft 2nd Edition being updated by 2023. The numeric in the square bracket [X.X] cross-refers to the actual chapter and section in the 1st Edition.