Steps for Risk Management Part 1

Content
● Steps for Risk Management
○ Risk Identification
○ Risk Analysis
○ Risk Prioritization

Steps for Risk Management
The following are the steps for risk management:
1. Risk Identification
2. Analysing Risk
3. Risk Prioritization
4. Risk Ownership
5. Risk Mitigation
6. Risk Monitoring
1. Risk Identification
Risk identification is the first step in the proactive risk management process.
It is a deliberate and systematic effort to identify and document the
organisation key risks.
It provides the opportunities, indicators, and information that allows an
organization to raise major risks before they adversely affect operations in the
organization.

1. Risk Identification
Key steps necessary to effectively identify risks:
● Understand what to consider when identifying risks
● Gather information from different sources to identify risks
● Apply risk identification tools and techniques
● Document the risks
● Document the risk identification process
● Assess the effectiveness of the risk identification process.

2. Analyzing Risk
Risk Analysis is a process that helps to identify and manage potential problems
that could cause harm to business initiatives or projects.
Risk Analysis carry out in two step:
● one must, first identify the possible threats that organization face
● then estimate the harmful effect that these threats will cause.
Risk Analysis is a complex process but it is also essential planning tool.

2. Analyzing Risk
Risk analysis is useful in many situations:
● While planning projects
● While deciding whether or not to move forward with a project.
● While improving safety and managing potential risks in the workplace.
● While preparing for events such as equipment or technology failure, theft,
staff sickness, or natural disasters.
● While planning for changes in business environment.

3. Risk Prioritization
The method of ranking material risks on an appropriate scale, such as
frequency and/or severity. This method is known as Risk Prioritization.
The objective of Risk Prioritization is to prioritize the identified risks for
mitigation.
The risk can be prioritize with both qualitative and quantitative methods.
It can be used to categorize the risks as to their relative severity and potential
impact on the project.

3. Risk Prioritization
The risk prioritization method should consider the following factors:
1. the probability of the risk occurring,
2. the consequence of the risk
3. the cost and resources required to mitigate the risk.

Cyber Attacks

Content
● Cyber Attacks
● Types of Malicious code

Types of Attack
● Advanced Persistent Threats
(APT)
● Backdoor
● Buffer Overflow
● Man-in-the-middle Attack
● Social engineering
● Phishing
● Spoofing
● Cross-Site Scripting
● Denial of Service Attack
● SQL injection
● Zero-day exploit

Types of Malicious Code
● Viruses
● Network worm
● Trojan Horse
● Botnet
● Keylogger
● Rootkit
● Spyware
● Adware
● Ransomware

Vulnerability

Content:
● Vulnerabilities
● Classification of Vulnerability
● Impact

Vulnerability
Vulnerability is a cyber-security term that refers to a flaw in a system that can
leave it open to attack.
Vulnerability is the composition of three elements:
● A flaw in system
● Access of attacker to that flaw
● Capability of attacker to exploit the flaw
Classification of Vulnerabilities according to the asset:
● Hardware
● Software
● Network
● Personnel
● Physical site
● Organizational

Vulnerability
Some of the Vulnerability in the system occur due to:
● Missing patches
● Cleartext credentials
● Using unencrypted channels
● RF Emanation

Impact
A successful cyber attack can cause major damage to organization or system,
as well as to business reputation and consumer trust.
● Financial loss
● Reputational damage
● Legal consequences

Cyber Risk

Content
● What is Risk?
● Types of Risks
● Risk Management Process
● Types of Risk Management Process

Cyber Risk
Cyber risk means any risk of financial loss, disruption or damage to the
reputation of an organisation.
It is done by giving some sort of failure of its information technology
systems.
The risk is connected to online activities, internet trading and electronic
systems as well as storage of personal data

Types of Risks
● Hacker Attacks
● Data Breach
● Virus transmission
● Cyber Extortion
● Employee Sabotage
● Network downtime
● Human error

Risk Management Process
Risk management is defined as the process of identifying, monitoring and
managing potential risks.
An effective risk management process have two important things:
● Help to identify which risks pose the biggest threat to an organization.
● Provide complete guidelines for handling them.

Type of Risk Management
Reactive risk management
Project team react to risks when they occur.
Mitigation – plan to reduce loss of life and property by lessening the impact
Fix or failure- resources are found and applied when the risk strikes
Proactive Risk Management
Formal risk analysis is performed.
Organization corrects the root causes of risk.
● Proper analysing the risk

Type of Risk Management

Reactive risk management
Crisis management- the identification of threats to an organization and its stakeholders, and the methods used to deal with these threats.

Proactive Risk Management
● Examining risk sources
● Developing the skills to
manage change.

 

Cyber Threats

Content
● Cyber Threats
● Source of Cyber Threats
● Cyber Threats types
● Cyber Security Index Level

Cyber Threats
A Cyber threat is any malicious act that attempts to gain access to a computer
network without authorization or permission from the owners.
It refers to the wide range of malicious activities that can damage or disrupt a
computer system , a network or the information it contain.
Most common cyber threats : Social Engineered Trojans, Unpatched Software ,
Phishing, Network worms etc

Source of Cyber Threats
● Nation states or national governments
● Terrorists
● Industrial secret agent
● Hackers
● Business competitors
● Organization insiders

Types of Cyber Threats
Threats can be classified according to multiple criteria:
1. Attacker’s Resources
2. Attacker’s Organization
3. Attacker’s Funding
On basis of these criteria, threats are of 3 types:
1. Unstructured Threats
2. Structured Threats
3. Highly Structured threats

Types of Cyber Threats
1. Unstructured Threats:
Resources: individual or small group
Organization: Little or no organization
Funding : negligible
Attack: Easy to detect and make use of freely available cyberattack tool
Exploitation based on Documented vulnerabilities.
2. Structured Threats:
Resources: well trained individual or group
Organization: well planned organization
Funding : available
Attack: against particular individual or organizations
Exploitation based on information Gathering.
3. Highly Structured Threats:
Extensive organization, resources and planning over time.
Attack: long term attack on particular machine or data.
Exploitation with multiple methods: technical, social and insider help

Cyber Security Index Level
Cyber threats are evaluated daily by the CTU (counter threat unit) and updated
the index level:
1. Guarded – Level 1
2. Elevated – Level 2
3. High – Level 3
4. Critical – Level 4

Cyber Security

Content
● What is Cybersecurity?
● Principles
● Difference between Information security and cybersecurity
● Similarities
● Assets

Cyber Security
Cybersecurity is the body of technologies, processes and practices.
It is designed to protect integrity of networks, computers, programs and
data from attack, damage or unauthorized access.
Kill chains, zero-day attacks, ransomware, alert fatigue and budgetary
constraints are just a few example of cyber attacks.

Cyber Security Principle
The Cyber Security five principles:
1. Confidentiality
2. Integrity
3. Availability
4. Accountability
5. Auditability

Cyber Security Principle
● Confidentiality : is a set of rules that limits access or place restrictions on
certain type of information.
● Integrity : is the assurance that the information is trustworthy and accurate
● Availability : is a guarantee of reliable access to the information by
authorized people.
● Accountability : is an assurance that an individual or an organization will
be evaluated on their performance or behavior related to something for
which they are responsible.

Cyber Security Principle
● Auditability : A security audit is a systematic evaluation of the security of a
company’s information system by measuring how well it conforms to a set
of established criteria.

Difference
Information security Information Security means Data Security.
It main concern is for the confidentiality, integrity, and availability of user data.
Cybersecurity
Cybersecurity is all about protecting data that is found in electronic form.
It identify what the critical data is, where it resides, and the
technology that user have to use in order to protect it.

Similarity
Information security and Cybersecurity:
● Both have physical security component :
There is a need of entire physical access control to a place where data is
stored either digitally or physically, in order to avoid unauthorized access.
● Both protect the valuable ‘data’ :
In both the securities, the main concern is safeguarding the data of the
company from the illegal digital and physical access of any kind.

Cyber Security Assets
Assets include
● Hardware (e.g. servers and switches)
● Software (e.g. mission critical applications and support systems)
● Confidential information
Asset can be data, device or other component of the environment that
supports information-related activities.
Assets should be protected from unauthorized access.

 

Introduction

Content
● Evolution of internet
● What is Cyberspace?
● Increase in Internet insecurities.
● What is Cybercrime?

Evolution of Internet
● Russian Sputnik 1 (1957)
● Invention of internet by ARPA (1958)
● ARPANET (1970)
● Internetworking (1977)
● World wide web (1990)

Cyberspace
Cyberspace is the environment of the internet.
It is the home of google, facebook, yahoo and many more.
The term was coined by William Gibson
Cyberspace is a ideal electronics space unbounded by distance and other
physical limitation.
It allows the users to share information, interact, swap ideas, play games,
engage in discussions or social forums, conduct business, create media and
many other activities.

Internet Insecurities
Internet insecurity spreads at Internet speed:
● Morris worm of 1988
● Password sniffing attacks in 1994
● IP spoofing attacks in 1995
● Denial of service attacks in 1996
● Email borne viruses 1999

Internet insecurity spreads at Internet speed
● Distributed denial of service attacks 2000
● Ransomware attack in mid 2000
● Fast spreading worms and viruses 2003
● Spam 2004

Cybercrime
Cyber Crime is any illegal activity that involves a computer or
network-connected device, such as a mobile phone.
Cybercrime is divided into three categories by Department of justice:
● Crimes in which the computing device is the target.
● Crimes in which the computer is used as a weapon.
● Crimes in which the computer is used as an accessory to a crime.
It include malicious activities such as
● Illegal interception of data
● System interferences
● Copyright infringements
● Sale of illegal items like weapons, drugs

Frequency Domain Processing

Computing and Visualizing 2D DFT
1. Fast fourier transform algorithm is used to obtain DFT and its inverse.
2. The function fft2 is used to obtain the FFT of an M N image array,
having syntax:
F = fft2 (f)
3. In order to use FFT for filtering, the input image must be padded with
zeros, having syntax:
F = fft2 (f, P, Q)
4. The function abs is used to obtain the fourier spectrum of the array,
having syntax:
S = abs (F)
5. The origin of the transform can be moved to the center of the frequency
rectangle by using the function fftshift, having syntax:
Fc = fftshift (F)
6. Function ifftshift reverses the centering, having syntax:
F = ifftshift (Fc)
7. The function ifft2 is used to obtain the inverse fourier transform, having
syntax:
f = ifft2 (F)
8. In order to compute the inverse to obtain an image consisting only of real
values, function real is used, having syntax:
f = real (ifft2 (F))

Basic Steps in DFT Filtering
1. Obtain the padding parameters using function paddedsize:
PQ = paddedsize (size(f));
2. Obtain the Fourier transform with padding:
F = fft2 (f, PQ(1), PQ(2));
3. Generate a filter function, H, of size PQ(1) PQ(2). The filter must be
selected whose input is not centered. If it is centered instead, use
command H = fftshift (H) before using the filter.
4. Multiply the transform by the
filter:
G = H.*F;
5. Obtain the real part of the inverse
FFT of G:
g = real (ifft2(G));
6. Crop the top, left rectangle to the
original size:
g = g (1:size(f, 1), 1:size(f, 2));

Obtain Frequency Domain Filters from Spatial Filters
1. Spatial domain filtering is more efficient computationally than that of
frequency domain.
2. The frequency response of FIR filters is computed by using the function
freqz2, having syntax:
H = freqz2(h, R, C)
3. The resultant is the desired filter in frequency domain.

Generating Filters Directly in the Frequency Domain
1. Creating Meshgrid arrays for use in implementing filters in the frequency
domain
a. The distance computations are with respect to the top, left of the
frequency rectangle because FFT computations assume that the
origin of the transform is at that point.
b. The function fftshift can be used to rearrange the data for
visualization.
c. Function dftuv provides the necessary meshgrid array.
2. Low pass frequency domain filters
a. An ideal low pass filter has a transfer function as:
H(u,v) = {
b. A Butterworth low pass filter of order n, with a cut off frequency at a
distance D0 from the origin, has transfer function as:
H(u,v) =
1 if D(u,v) <= D0
0 if D(u,v) > D0
1
1 + [D(u,v)/D0]
2n
d. The transfer function of Gaussian low pass filter is:
H(u,v) = e
3. Wireframe and surface plotting
a. Mesh function is used to draw the wireframe of a 2-D function,
having syntax:
mesh (H)
b. Wireframe plot for every kth point is drawn by using the syntax:
mesh (H(1:k:end, 1:k:end))
-D (u,v)/2(sigma) 2 2
c. Sometimes it is desirable to plot a function as a surface instead
of a wireframe which can be done by using surf function, having
syntax:
surf (H)
d. The faceted shading can be smoothed and mesh lines are
eliminated by interpolation by using the command:
shading interp

Sharpening Frequency Domain Filters
1. Basic high pass filtering:
Given the transfer function Hlp (u,v) of a low pass filter, the transfer
function of corresponding high pass filter can be obtained by using the
simple relation
Hhp (u,v) = 1 – Hlp (u,v)
2. High frequency emphasis filtering:
High pass filters reduce the average value of an image to 0 because they
zero out the dc term. To compensate this an offset is added to a high
pass filter. When an offset is combined with multiplying the filter by a
constant greater than 1, the approach is called high frequency emphasis
Filtering, having transfer function as:
Hhfe (u,v) = a + b Hhp (u,v)

Color Image Processing

RGB Images
1. An RGB color image is an M N 3 array of color pixels.
2. Each color pixel is a triplet corresponding to red, green and blue
components of an RGB image at a specific spatial location.
3. An RGB image can be viewed as a stack of a three gray-scale images
that produce a color image on the screen when fed into red, green and
blue inputs of a color monitor.
4. The three images forming an RGB color image are referred to as the red,
green and blue component images.
5. The data class of the component images determines their range of
values.
6. The number of bits used to
represent the pixel values of
the component images
determines the bit depth of an
RGB image.
7. The number of possible colors
in RGB image is (2^b)^3.


8. The cat operator is used to stack the three component images, having
syntax:
rgb_image = cat (3, fR, fG, fB)
9. The three component images can be extracted by using the syntax:
fR = rgb_image (: , : , 1)
fG = rgb_image (: , : , 2)
fB = rgb_image (: , : , 3)
10. The RGB color space is shown graphically as an RGB color cube.
11. The vertices of the cube are the primary and secondary colors of light.
12. Moreover, function rgbcube is used to view the color cube from any perspective as:
rgbcube(vx, vy, vz)

Indexed Images
1. An indexed image has two components: a data matrix of integers, X, and
a colormap matrix, map.
2. An indexed image uses direct mapping of pixel intensity values to
colormap values.
3. An indexed image can be displayed as:
imshow (X, map)
or, image (X)
colormap (map)
4. The function imapprox is used to approximate an indexed image by
fewer colors, having syntax:
[Y, newmap] = imapprox (X, map, n)
5. When number of rows in map is less than the number of distinct integer
values in X, same color is used to display multiple values of X.
6. Color map can be specified by using the statement:
map (k, 🙂 = [r(k) g(k) b(k)]
7. The function whitebg is used to change the background color of the
figure, having syntax:
whitebg (‘color_long_name’)
or, whitebg (‘color_short_name’)
or, whitebg ([RGB_values])

Predefined Colormaps

Conversion between RGB, Indexed, and Gray-scale Intensity Images

NTSC Color Space
1. In this, image data consists of three components: luminance (Y), hue (I),
and saturation (Q).
2. The YIQ components are obtained from the RGB components by using
function rgb2ntsc, having syntax:
yiq_image = rgb2ntsc (rgb_image)
3. Similarly, the function ntsc2rgb is used to transform YIQ components to
RGB components, having syntax:
rgb_image = ntsc2rgb (yiq_image)

YCbCr Color Space
1. In this, image data consists of three components: luminance (Y),
difference between blue component and reference value (Cb), and
difference between red component and reference value (Cr).
2. The conversion from RGB to YCbCr is done by using function rgb2ycbcr,
having syntax:
ycbcr_image = rgb2ycbcr (rgb_image)
3. Similarly, the function ycbcr2rgb is used to transform YCbCr image to
RGB, having syntax:
rgb_image = ycbcr2rgb (ycbcr_image)

HSV Color Space
1. HSV is hue, saturation, value that refers to tint shade and tone.
2. It is formulated by looking at the gray axis of the RGB color cube which results in the hexagonally
spaced color palette.
3. Along the vertical (gray) axis, there is a change in the size of the hexagonal plane that yields
the volume depicted in figure.


4. Function rgb2hsv is used to convert image from RGB to HSV, having
syntax:
hsv_image = rgb2hsv (rgb_image)

5. Similarly, the function hsv2rgb is used to transform HSV image back to
RGB, having syntax:
rgb_image = hsv2rgb (hsv_image)

CMY and CMYK Color Spaces
1. The secondary colors of light are Cyan, Magenta,and Yellow.
2. These colors are also considered as the primary colors of pigments.
3. Cyan pigment can be obtained by subtracting red light from reflected
white light.
4. Similarly, pure magenta doesn’t reflect green and pure yellow doesn’t
reflect blue.
5. Black pigment can be obtained from the equal amounts of cyan,
magenta, and yellow.
6. Fourth color black can be added to produce true black, giving rise to
CMYK color space.
7. To convert from RGB to CMY and vice-versa, imcomplement function is
used, having syntax:
cmy_image = imcomplement (rgb_image)
and, rgb_image = imcomplement (cmy_image)

HSI Color Space
1. HSI (hue, saturation, intensity) color space decouples the
intensity component from the color-carrying information in a
color image.
2. Figure shows the HSI model based on color triangles and circles.

 

Color Transformations
1. Linear interpolation can be implemented by using interp1q function,
having syntax:
z = interp1q (x, y, xi)
2. The function spline can be used to implement cubic spline interpolation,
having syntax:
z = spline (x, y, xi)

Color Image Smoothing
1. RGB color image smoothing with linear spatial filtering consists of the
following steps:
a. Extract three component images:
fR = fc ( : , : , 1); fG = fc ( : , : , 2); fB = fc ( : , : , 3);
b. Filter each component individually:
fR_filtered = imfilter (fR, w)
c. Reconstruct the filtered RGB image:
fc_filtered = cat (3, fR_filtered, fG_filtered, fB_filtered)

Color Image Sharpening
1. Laplacian filter mask can be used to sharpen the blurred image, fb,
having syntax:
lapmask = [1 1 1; 1 -8 1; 1 1 1];
2. Enhanced image can be computed and displayed using command:
fen = imsubtract (fb, imfilter(fb, lapmask, ‘replicate’)
imshow (fen)