CYBR 610, Risk
Management Studies:
The course required students to identify assets, including
tangible (desks, computers, buildings) and nontangible (reputation, customer
data, etc.), their associated vulnerabilities (physical loss, compromised data
or inaccurate data) and associated risks
(theft, tampering, information disclosure) for each. Each asset was assigned a dollar value,
probability value for the vulnerability with the risk to the asset
calculated. Modes and methods for the
vulnerabilities and risk avoidance were investigated. Obtaining management by-in from less than
enthusiastic management (due to costs, not convinced of risk, etc.) to
implement risk management strategies (making a persuasive argument) was
discussed.
No comments:
Post a Comment