Cybersecurity Series
Cyber Security_Blog_with Book

CIR RAR-BIA Risk Treatment for The Human Element

This blog on the type of risk treatment strategy discussed as a  business continuity management (BCM) issue in connection with cyber security incident response (CIR).  It discusses the importance of knowing what information assets require protection against specific cyber security threats.

It is conducted as part of the Risk Analysis and Review (RAR) phase during the BCM planning process. This includes understanding the types of cybersecurity threats and the affected assets.

This risk treatment strategy is extracted from a Verizon survey. It provides an overview of the risk treatment and controls for the specific threat on the Human Element.

It also provides an understanding of the cyber criminals' techniques utilized to exploit vulnerabilities within the organization that sabotaged the assets, affecting the smooth continuity of business functions.

Reference: Chapter 6 Risk Analysis and Review and Business Impact Analysis 6.9 Risk Treatment

Moh Heng Goh

Risk Treatment

Risk Treatment Strategy for Specific Cyber Security Threats

The risk treatment summarized by Verizon (2017) surveys for the following cybersecurity risk is as appended below:

  • The Human Element
  • Conduit Devices
  • Configuration Exploitation
  • Malicious Software
IC_CIR_Risk Treatment_The Human Element
Threats Resulting from The Human ElementTypes of Cyber Security Threats Due to Human Element

Risk Treatment Strategy for The Human Element


S/No

Threat Scenario

Risk Treatment

Description of Risk Treatment/Control

Accept (A)

Mitigate/ Reduce (MR)

1

Social Engineering

-

  • Incident Response and Management

-

  • Create an inventory of authorized and unauthorized software.
  • Program secure configurations for hardware and software.
  • Set up defences against malware.
  • Install boundary defences.
  • Manage access control based on access requirements.
  • Train and create awareness among employees.

2

Financial Pretexting

-

  • Incident Response and Management

-

  • Maintain, monitor and analyse audit logs.
  • Install protections for email and web browsers.
  • Manage access control based on access requirements.
  • Train and create awareness among employees.

3

Digital Extortion

-

  • Set up defences against malware.
  • Develop measures to ensure the organisation is capable of recovering its data.

4

Insider Threat

-

  • Control usage of administrative privileges.
  • Maintain, monitor and analyse audit logs.
  • Install controls to protect data.
  • Monitor and control account usage.

5

Partner Misuse

-

  • Incident Response and Management

-

  • Maintain, monitor and analyse logs.
  • Install boundary defences.
  • Install controls to protect data.
  • Monitor and control account usage.

6

Hacktivist Attack

-

  • Conduct vulnerability assessment continuously.
  • Remediate identified vulnerabilities.
  • Control usage of administrative privileges.
  • Install protections for email and web browsers.
  • Monitor and control account usage.
  • Manage security levels of application software.

7

Disgruntled Employee

-

  • Create an inventory of authorised and unauthorised devices.
  • Maintain, monitor and analyse logs.
  • Develop measures to ensure the organisation is capable of recovering its data.
  • Install controls to protect data.
  • Monitor and control account usage.

Risk Treatment Strategies for “The Human Element” Threats

CIR Risk Treatment Strategies

Risk Treatment Strategy

The Human Element 

Conduit Devices Config-uration Exploitation

Malicious Software

Back To: Overview of RAR and BIA

Risk Treatment Strategy for Specific Cyber Security Threats
New call-to-action
Risk Treatment for Conduit Devices Risk Treatment for Configuration Exploitation New call-to-action New call-to-action

 

 

BCMI Logo

Do You Want to Continue BCM Training onsite or online?

Competency-based Course
Certification Course
New call-to-action New call-to-action [BL-3-Catalog] What Specialist Level Blended Learning Courses that are Available? [BL-5-Catalog] What Expert Level Blended Learning Courses that are Available?

A Manager’s Guide to BCM for Cybersecurity Incident Response

Goh, M. H. (2017). A Manager's Guide to Business Continuity Management for Cyber Security Incidents, 2nd Edition. GMH Pte Ltd.

Reference: Chapter 6Risk Analysis and Review and Business Impact Analysis 6.9 Risk Treatment

Note: This version was the draft 2nd Edition being updated by 2023. The numeric in the square bracket [X.X] cross-refers to the actual chapter and section in the 1st Edition.

 

Comments:

 

More Posts

New Call-to-action