Steps for Risk Management Part 2

Content
● Steps for Risk Management
○ Risk Ownership
○ Risk Monitoring
○ Risk Control
● Steps to lower the cyber risk

4. Risk Ownership
A Risk owner is any individual, generally a project team member.
Risk owners assess the risks, and report the status of the risk to the project
manager on a regular basis.
Depending on the project, there are separate risk register meeting or
discussed as part of the weekly progress/ status meeting.
When a risk or opportunity actually occurs, the Project Manager will either
initiate contingency action, or deal with the issue under Change Control.
Copyright © TELCOMA. All Rights Reserved
5. Risk Mitigation
Risk Mitigation is a systematic reduction in the extent of exposure to a risk
and/or the probability of its occurrence.
In this process, organization introduces specific measures to minimize or
eliminate unacceptable risks associated with its operations.
Risk mitigation measures can be directed towards :
● reducing the severity of risk consequences,
● reducing the probability of the risk materializing, or
● reducing the organization exposure to the risk.

5. Risk Mitigation
Types of Risk Mitigation Strategies:
● Risk Acceptance
● Risk Avoidance
● Risk Limitation
● Risk Transference

6. Risk Monitoring
Risk monitoring is the process which trace and evaluates the levels of risk in an
organisation or system.
The purpose of risk monitoring is to keep track of the risks that occur and the
effectiveness of the responses which are implemented.
Risk Monitoring is essential process because risk is not static.

Steps for Risk Management Part 1

Content
● Steps for Risk Management
○ Risk Identification
○ Risk Analysis
○ Risk Prioritization

Steps for Risk Management
The following are the steps for risk management:
1. Risk Identification
2. Analysing Risk
3. Risk Prioritization
4. Risk Ownership
5. Risk Mitigation
6. Risk Monitoring
1. Risk Identification
Risk identification is the first step in the proactive risk management process.
It is a deliberate and systematic effort to identify and document the
organisation key risks.
It provides the opportunities, indicators, and information that allows an
organization to raise major risks before they adversely affect operations in the
organization.

1. Risk Identification
Key steps necessary to effectively identify risks:
● Understand what to consider when identifying risks
● Gather information from different sources to identify risks
● Apply risk identification tools and techniques
● Document the risks
● Document the risk identification process
● Assess the effectiveness of the risk identification process.

2. Analyzing Risk
Risk Analysis is a process that helps to identify and manage potential problems
that could cause harm to business initiatives or projects.
Risk Analysis carry out in two step:
● one must, first identify the possible threats that organization face
● then estimate the harmful effect that these threats will cause.
Risk Analysis is a complex process but it is also essential planning tool.

2. Analyzing Risk
Risk analysis is useful in many situations:
● While planning projects
● While deciding whether or not to move forward with a project.
● While improving safety and managing potential risks in the workplace.
● While preparing for events such as equipment or technology failure, theft,
staff sickness, or natural disasters.
● While planning for changes in business environment.

3. Risk Prioritization
The method of ranking material risks on an appropriate scale, such as
frequency and/or severity. This method is known as Risk Prioritization.
The objective of Risk Prioritization is to prioritize the identified risks for
mitigation.
The risk can be prioritize with both qualitative and quantitative methods.
It can be used to categorize the risks as to their relative severity and potential
impact on the project.

3. Risk Prioritization
The risk prioritization method should consider the following factors:
1. the probability of the risk occurring,
2. the consequence of the risk
3. the cost and resources required to mitigate the risk.

Cyber Attacks

Content
● Cyber Attacks
● Types of Malicious code

Types of Attack
● Advanced Persistent Threats
(APT)
● Backdoor
● Buffer Overflow
● Man-in-the-middle Attack
● Social engineering
● Phishing
● Spoofing
● Cross-Site Scripting
● Denial of Service Attack
● SQL injection
● Zero-day exploit

Types of Malicious Code
● Viruses
● Network worm
● Trojan Horse
● Botnet
● Keylogger
● Rootkit
● Spyware
● Adware
● Ransomware

Vulnerability

Content:
● Vulnerabilities
● Classification of Vulnerability
● Impact

Vulnerability
Vulnerability is a cyber-security term that refers to a flaw in a system that can
leave it open to attack.
Vulnerability is the composition of three elements:
● A flaw in system
● Access of attacker to that flaw
● Capability of attacker to exploit the flaw
Classification of Vulnerabilities according to the asset:
● Hardware
● Software
● Network
● Personnel
● Physical site
● Organizational

Vulnerability
Some of the Vulnerability in the system occur due to:
● Missing patches
● Cleartext credentials
● Using unencrypted channels
● RF Emanation

Impact
A successful cyber attack can cause major damage to organization or system,
as well as to business reputation and consumer trust.
● Financial loss
● Reputational damage
● Legal consequences

Cyber Risk

Content
● What is Risk?
● Types of Risks
● Risk Management Process
● Types of Risk Management Process

Cyber Risk
Cyber risk means any risk of financial loss, disruption or damage to the
reputation of an organisation.
It is done by giving some sort of failure of its information technology
systems.
The risk is connected to online activities, internet trading and electronic
systems as well as storage of personal data

Types of Risks
● Hacker Attacks
● Data Breach
● Virus transmission
● Cyber Extortion
● Employee Sabotage
● Network downtime
● Human error

Risk Management Process
Risk management is defined as the process of identifying, monitoring and
managing potential risks.
An effective risk management process have two important things:
● Help to identify which risks pose the biggest threat to an organization.
● Provide complete guidelines for handling them.

Type of Risk Management
Reactive risk management
Project team react to risks when they occur.
Mitigation – plan to reduce loss of life and property by lessening the impact
Fix or failure- resources are found and applied when the risk strikes
Proactive Risk Management
Formal risk analysis is performed.
Organization corrects the root causes of risk.
● Proper analysing the risk

Type of Risk Management

Reactive risk management
Crisis management- the identification of threats to an organization and its stakeholders, and the methods used to deal with these threats.

Proactive Risk Management
● Examining risk sources
● Developing the skills to
manage change.

 

Cyber Threats

Content
● Cyber Threats
● Source of Cyber Threats
● Cyber Threats types
● Cyber Security Index Level

Cyber Threats
A Cyber threat is any malicious act that attempts to gain access to a computer
network without authorization or permission from the owners.
It refers to the wide range of malicious activities that can damage or disrupt a
computer system , a network or the information it contain.
Most common cyber threats : Social Engineered Trojans, Unpatched Software ,
Phishing, Network worms etc

Source of Cyber Threats
● Nation states or national governments
● Terrorists
● Industrial secret agent
● Hackers
● Business competitors
● Organization insiders

Types of Cyber Threats
Threats can be classified according to multiple criteria:
1. Attacker’s Resources
2. Attacker’s Organization
3. Attacker’s Funding
On basis of these criteria, threats are of 3 types:
1. Unstructured Threats
2. Structured Threats
3. Highly Structured threats

Types of Cyber Threats
1. Unstructured Threats:
Resources: individual or small group
Organization: Little or no organization
Funding : negligible
Attack: Easy to detect and make use of freely available cyberattack tool
Exploitation based on Documented vulnerabilities.
2. Structured Threats:
Resources: well trained individual or group
Organization: well planned organization
Funding : available
Attack: against particular individual or organizations
Exploitation based on information Gathering.
3. Highly Structured Threats:
Extensive organization, resources and planning over time.
Attack: long term attack on particular machine or data.
Exploitation with multiple methods: technical, social and insider help

Cyber Security Index Level
Cyber threats are evaluated daily by the CTU (counter threat unit) and updated
the index level:
1. Guarded – Level 1
2. Elevated – Level 2
3. High – Level 3
4. Critical – Level 4

Cyber Security

Content
● What is Cybersecurity?
● Principles
● Difference between Information security and cybersecurity
● Similarities
● Assets

Cyber Security
Cybersecurity is the body of technologies, processes and practices.
It is designed to protect integrity of networks, computers, programs and
data from attack, damage or unauthorized access.
Kill chains, zero-day attacks, ransomware, alert fatigue and budgetary
constraints are just a few example of cyber attacks.

Cyber Security Principle
The Cyber Security five principles:
1. Confidentiality
2. Integrity
3. Availability
4. Accountability
5. Auditability

Cyber Security Principle
● Confidentiality : is a set of rules that limits access or place restrictions on
certain type of information.
● Integrity : is the assurance that the information is trustworthy and accurate
● Availability : is a guarantee of reliable access to the information by
authorized people.
● Accountability : is an assurance that an individual or an organization will
be evaluated on their performance or behavior related to something for
which they are responsible.

Cyber Security Principle
● Auditability : A security audit is a systematic evaluation of the security of a
company’s information system by measuring how well it conforms to a set
of established criteria.

Difference
Information security Information Security means Data Security.
It main concern is for the confidentiality, integrity, and availability of user data.
Cybersecurity
Cybersecurity is all about protecting data that is found in electronic form.
It identify what the critical data is, where it resides, and the
technology that user have to use in order to protect it.

Similarity
Information security and Cybersecurity:
● Both have physical security component :
There is a need of entire physical access control to a place where data is
stored either digitally or physically, in order to avoid unauthorized access.
● Both protect the valuable ‘data’ :
In both the securities, the main concern is safeguarding the data of the
company from the illegal digital and physical access of any kind.

Cyber Security Assets
Assets include
● Hardware (e.g. servers and switches)
● Software (e.g. mission critical applications and support systems)
● Confidential information
Asset can be data, device or other component of the environment that
supports information-related activities.
Assets should be protected from unauthorized access.

 

Introduction

Content
● Evolution of internet
● What is Cyberspace?
● Increase in Internet insecurities.
● What is Cybercrime?

Evolution of Internet
● Russian Sputnik 1 (1957)
● Invention of internet by ARPA (1958)
● ARPANET (1970)
● Internetworking (1977)
● World wide web (1990)

Cyberspace
Cyberspace is the environment of the internet.
It is the home of google, facebook, yahoo and many more.
The term was coined by William Gibson
Cyberspace is a ideal electronics space unbounded by distance and other
physical limitation.
It allows the users to share information, interact, swap ideas, play games,
engage in discussions or social forums, conduct business, create media and
many other activities.

Internet Insecurities
Internet insecurity spreads at Internet speed:
● Morris worm of 1988
● Password sniffing attacks in 1994
● IP spoofing attacks in 1995
● Denial of service attacks in 1996
● Email borne viruses 1999

Internet insecurity spreads at Internet speed
● Distributed denial of service attacks 2000
● Ransomware attack in mid 2000
● Fast spreading worms and viruses 2003
● Spam 2004

Cybercrime
Cyber Crime is any illegal activity that involves a computer or
network-connected device, such as a mobile phone.
Cybercrime is divided into three categories by Department of justice:
● Crimes in which the computing device is the target.
● Crimes in which the computer is used as a weapon.
● Crimes in which the computer is used as an accessory to a crime.
It include malicious activities such as
● Illegal interception of data
● System interferences
● Copyright infringements
● Sale of illegal items like weapons, drugs

Frequency Domain Processing

Computing and Visualizing 2D DFT
1. Fast fourier transform algorithm is used to obtain DFT and its inverse.
2. The function fft2 is used to obtain the FFT of an M N image array,
having syntax:
F = fft2 (f)
3. In order to use FFT for filtering, the input image must be padded with
zeros, having syntax:
F = fft2 (f, P, Q)
4. The function abs is used to obtain the fourier spectrum of the array,
having syntax:
S = abs (F)
5. The origin of the transform can be moved to the center of the frequency
rectangle by using the function fftshift, having syntax:
Fc = fftshift (F)
6. Function ifftshift reverses the centering, having syntax:
F = ifftshift (Fc)
7. The function ifft2 is used to obtain the inverse fourier transform, having
syntax:
f = ifft2 (F)
8. In order to compute the inverse to obtain an image consisting only of real
values, function real is used, having syntax:
f = real (ifft2 (F))

Basic Steps in DFT Filtering
1. Obtain the padding parameters using function paddedsize:
PQ = paddedsize (size(f));
2. Obtain the Fourier transform with padding:
F = fft2 (f, PQ(1), PQ(2));
3. Generate a filter function, H, of size PQ(1) PQ(2). The filter must be
selected whose input is not centered. If it is centered instead, use
command H = fftshift (H) before using the filter.
4. Multiply the transform by the
filter:
G = H.*F;
5. Obtain the real part of the inverse
FFT of G:
g = real (ifft2(G));
6. Crop the top, left rectangle to the
original size:
g = g (1:size(f, 1), 1:size(f, 2));

Obtain Frequency Domain Filters from Spatial Filters
1. Spatial domain filtering is more efficient computationally than that of
frequency domain.
2. The frequency response of FIR filters is computed by using the function
freqz2, having syntax:
H = freqz2(h, R, C)
3. The resultant is the desired filter in frequency domain.

Generating Filters Directly in the Frequency Domain
1. Creating Meshgrid arrays for use in implementing filters in the frequency
domain
a. The distance computations are with respect to the top, left of the
frequency rectangle because FFT computations assume that the
origin of the transform is at that point.
b. The function fftshift can be used to rearrange the data for
visualization.
c. Function dftuv provides the necessary meshgrid array.
2. Low pass frequency domain filters
a. An ideal low pass filter has a transfer function as:
H(u,v) = {
b. A Butterworth low pass filter of order n, with a cut off frequency at a
distance D0 from the origin, has transfer function as:
H(u,v) =
1 if D(u,v) <= D0
0 if D(u,v) > D0
1
1 + [D(u,v)/D0]
2n
d. The transfer function of Gaussian low pass filter is:
H(u,v) = e
3. Wireframe and surface plotting
a. Mesh function is used to draw the wireframe of a 2-D function,
having syntax:
mesh (H)
b. Wireframe plot for every kth point is drawn by using the syntax:
mesh (H(1:k:end, 1:k:end))
-D (u,v)/2(sigma) 2 2
c. Sometimes it is desirable to plot a function as a surface instead
of a wireframe which can be done by using surf function, having
syntax:
surf (H)
d. The faceted shading can be smoothed and mesh lines are
eliminated by interpolation by using the command:
shading interp

Sharpening Frequency Domain Filters
1. Basic high pass filtering:
Given the transfer function Hlp (u,v) of a low pass filter, the transfer
function of corresponding high pass filter can be obtained by using the
simple relation
Hhp (u,v) = 1 – Hlp (u,v)
2. High frequency emphasis filtering:
High pass filters reduce the average value of an image to 0 because they
zero out the dc term. To compensate this an offset is added to a high
pass filter. When an offset is combined with multiplying the filter by a
constant greater than 1, the approach is called high frequency emphasis
Filtering, having transfer function as:
Hhfe (u,v) = a + b Hhp (u,v)