Professional Documents
Culture Documents
Understanding Security Threats and Risks
Understanding Security Threats and Risks
Cybercriminals
- individuals or groups who use malicious software, phishing attacks, and
other techniques to steel data, disrupt operations, or extort money.
Hackers
- an individuals who gain unauthorized access to computer systems or
Insider Threats
- employees, contractors, or other authorized users who misuse their
access
privileges to harm an organization.
Natural Disasters
- events such as flood, earthquakes, and fires can damage physical
infrastructure and disrupt operation.
Technical Failures
- hardware or software failures can expose vulnerabilities and lead to
data
breaches.
TYPES OF SECURITY THREATS
Malware
- malicious software that can damage or steal data, disrupt
operations, or spy on users.
Phishing
- deceptive emails or messages designed to trick users into
revealing sensitive information.
Ransomware
- malware that encrypts data and demands a ransom payment to
decrypt it.
Denial of Service (DoS) Attacks
- attempts to overload a system with traffic, making it
unavailable to legitimate user/s.
Data Breaches
- unauthorized access to or disclosure of sensitive
information.
Social Engineering
- techniques used to manipulate people into giving up
sensitive information or taking actions that could harm
themselves or their organizations.
IMPACT OF SECURITY THREATS
Security risks are the potential for a security threat to exploit a vulnerability
and cause harm.
• Implementing Controls
- What can be done to mitigate the risks?
CONCLUSION: