Risk Treatment
The risk treatment summarized by Verizon (2017) surveys for the following cybersecurity risk is as appended below:
|
Threats Resulting from The Human Element
Risk Treatment Strategy for The Human Element
S/No |
Threat Scenario |
Risk Treatment |
Description of Risk Treatment/Control |
|
Accept (A) |
Mitigate/ Reduce (MR) |
|||
1 |
Social Engineering |
✓ |
- |
|
- |
✓ |
|
||
2 |
Financial Pretexting |
✓ |
- |
|
- |
✓ |
|
||
3 |
Digital Extortion |
- |
✓ |
|
4 |
Insider Threat |
- |
✓ |
|
5 |
Partner Misuse |
✓ |
- |
|
- |
✓ |
|
||
6 |
Hacktivist Attack |
- |
✓ |
|
7 |
Disgruntled Employee |
- |
✓ |
|
Risk Treatment Strategies for “The Human Element” Threats
CIR Risk Treatment Strategies
Risk Treatment Strategy |
The Human Element |
Conduit Devices | Config-uration Exploitation |
Malicious Software |
Back To: Overview of RAR and BIA |
|
|
Do You Want to Continue BCM Training onsite or online?
Goh, M. H. (2017). A Manager's Guide to Business Continuity Management for Cyber Security Incidents, 2nd Edition. GMH Pte Ltd.
Reference: Chapter 6Risk Analysis and Review and Business Impact Analysis 6.9 Risk Treatment
Note: This version was the draft 2nd Edition being updated by 2023. The numeric in the square bracket [X.X] cross-refers to the actual chapter and section in the 1st Edition.