Introduction
Technology has improved our lives but also brought with it adverse effects. Prevention is
better than cure, and measures should be implemented before it becomes catastrophic.
Integrating technology into every aspect of our lives has put us at risk of information security.
Cyberbullying is a significant risk experienced in our society. Research recently shows that
individuals' data are manipulated and even stolen in our society. Others are even going to request
ransoms to return the stolen data. After collecting and analyzing data on various risks in my
community, it was evident that information security risk was the most popular. The threats were
determined through the analysis of collected data. Mitigation mechanisms implemented to curb
the menace were determined after evaluating their effectiveness. We were also a consideration
on the cost of the mitigation mechanisms employed.
Information Security Risk.
Information security risk is the unauthorized use, disruption, modification, or destruction
of information. Such an incident threatens life, disrupts business, violates privacy, damages
assets, and facilitates other crimes such as fraud. Information security is often modeled using
vulnerabilities and threats.
Problem Statement
The rapid growth of technology, including smartphones, leads to information security
risks, including cyberbullying. As mobile subscribers' increase, security threats also increase.
Protecting the security and privacy of data is our society's primary challenge. Social Network
Systems (SNS) pose risks to the users. Easy assessing of information has made SNS prone to
information security risks.
3
Purpose Statement
This plan aims to develop different mitigation mechanisms that can be used to curb
information security risk. Recently cases related to information security risks such as
cyberbullying and fraud have been reported, and measures should be taken before it turns
catastrophic.
Demographic and department information.
Data obtained from the department indicated how various demographics are affected by
multiple risks in our community. The risk that had involved a large number was the information
security risk. The data and information asserted that almost half of the individuals, organizations,
and institutions had undergone effects caused by this risk.
Analysis of Community Demographics and Risks
Analysis of the community demographic and risks implied various community-related
risks affecting multiple groups. However, information security risk was the leading of all the
identified risks. The demographics indicated that those in urban areas were more affected than
those in rural. Other organizations had more fraud cases due to information security risks than
the federal government. The government was less dramatic.
Risk Prioritization and Potential Community Effects
After analyzing and scrutinizing data that the risk department collected on the various
risks affecting the community, risk in the society was prioritized. The analysis indicated that
information security risk was the most rampant risk. Most of the residents in the community and
4
other organizations and institutions suffered this risk. This risk's potential community effects
included fraud, cyberbullying, and threats.
Mitigation Tactics and Strategies
Following mitigation tactics and strategies should be applied to protect our data from
theft and manipulation,
Keeping software updated
Software used by individuals or companies should be frequently updated to prevent
hackers from creating new N days that can cause severe damage. Updates should be applied once
they are available. Computerize the interaction when possible, so frameworks needn't bother
with regular danger checking; use seller gave update benefits instead of getting to them
straightforwardly for affirmation of legitimacy.
Restricted Access
Safety efforts ought to be taken to secure restricted admittance. Allot advantages depend
on hazard openness and as needed for task support, including utilizing a Privileged Access
Management (PAM) arrangement that can mechanize credential accreditation and fine- gained
access control.
Avoiding single-factor authentication
Remember multifaceted validation for your danger moderation plans. It is fundamental
for associations to progress away from single-factor confirmation, like passwords and PINs.
Passwords can depend upon helpless client decisions because they are not challenging to
recollect or know the appropriate response rapidly. They are additionally vulnerable to
5
accreditation robbery, regardless of whether it's not on your framework like many individuals
accept! The primary way you'll never get hacked again is by utilizing a two-venture confirmation
process that incorporates something that you have (a security token) and something that you
know (your secret phrase).
Disaster Recovery Plan
Information misfortune is a genuine chance. It's with regards to catastrophic events or
digital assaults yet, in addition, human mistakes and equipment disappointment. The typical
expense of personal time for an association is $5 million every hour, with many of these
expenses is lost income.
Network protection experts should have a significant danger moderation procedure to
make, survey, and exercise a framework. The danger moderation plan should get fundamental
data, techniques, and logs to guarantee the movement of exercises due to unanticipated events.
For additional protection, fortifications ought to be encoded, taken care of offsite separated. At
whatever point the circumstance permits, support complete recovery and reconstitution of
systems and gadgets, perform periodic testing, and evaluate support plan update as important to
oblige the reliably changing association environment.
The five E's (emergency response, engineering, enforcement, education, and economic
incentive) of prevention and mitigation can be applied to prevent and relieve information
security risks.
Budget Requirements and Funding sources.
6
The budget estimation for the execution of the whole plan is about 15 million dollars. The
funding sources to achieve this budget include funding from the federal government and the
government department responsible for dealing with risks. Funds can also be sourced from grants
and donations from well-wishers.
7
Reference
Security Risk Assessment Archives – Business Protection Specialists (securingpeople.com)
8
Appendix