Security

INTRODUCTION
This report forwards an effective and thorough strategy and plan for the IT security concerns at
Wargrave College. Given the adverse effect of a ransomware attack which led to the loss of all
data, the main aim is to develop an effective risk assessment tool which includes the
requirements for ISO 27001 and other international standards and a security policy that will
take into account the existing and emerging threats. The primary purpose of the changes is to
improve the college’s internal security measures targeted at the network without in any way
hampering operational activities, especially with an increasing trend of the remote learning
system. The task at hand is to ensure that there are not any incidences that can compromise
the colleges’ operations in the foreseeable future.
The project will entail conducting a comprehensive review of the existing risk management
practices and security measures to establish factors that led to the breach. Consequently, the
paper will provide a revision of risk assessment procedure that will incorporate standards of ISO
in terms of how risk raises, where risk sits and how risk is managed, to improve proper
identification of all the possible risks.
In addition, there will be enhancements in the current access policies, remotely accessed
systems, and data protection as well as powered by email. These enhancements are of course
aimed at averting any further breaches but also fostering an effective and safe remote working
environment for both staff and learners.

P1. Discuss types of security risks to organisations.

Cyber security breaches
A security breach is any incident that results in unauthorized access to computer data,
applications, networks or devices. It results in information being accessed without
authorization. Typically, it occurs when an intruder is able to bypass security mechanisms. (Lab)

Two types of security breaches;

a) Ransomware

Ransomware is a malware designed to deny a user or organization access to files on their

computer. By encrypting these files and demanding a ransom payment for the decryption key,
cyberattackers place organizations in a position where paying the ransom is the easiest and
cheapest way to regain access to their files. (point)

b) Phishing
Phishing attacks involved tricking a victim into taking some action that benefits the attacker.
These attacks range from simple to complex, and can be spotted with the right awareness.
(Cloudflare)

2) Internal security threats

Internal cyber security threats are threats posed by individuals that originate within an
organisation itself. They can be current employees, former employees, external contractors or
vendors. Essentially anyone who has access to company devices or data. This form of data
breach involves an internal attacker accessing sensitive company information with malicious
intent. Attackers can include both current and former employees. (Gibbons)

3) Facility vulnerabilities
A vulnerability refers to a construction that has an expression – a weakness, a flaw or some
other shortcoming. However, it can also occur in a procedure, a control set or just about the
manner in which something has been done or put in place.

There are different types of vulnerabilities;

a) Technical vulnerabilities

like bugs in code or an error in some hardware or software. in 2022, according to Positive
Technologies, 72% of vulnerabilities were related to flaws in web application code.

b) Human vulnerabilities

such as employees falling for phishing, smishing or other common attacks. The goal of 85% of
these attacks is data theft.

4) Compliance breaches

Compliance is something no business can afford to have a casual attitude about. In today's
environment, corporate responsibility is more important than ever, for both customers and
investors. (IFP, 08 June 2023)

a) Payment card data

Payment card data represents a significant compliance risk that organizations must be
cognizant of in today's digital landscape. The potential risks associated with the mishandling of
this sensitive information can lead to severe legal penalties and long-term reputational damage,
ultimately posing a considerable business risk. Organizations that fail to implement robust
security measures and data management processes to protect payment card information may
find themselves facing fines, lawsuits and loss of customer trust. As cyber threats continue to
evolve, it's crucial for businesses to stay informed about regulatory requirements and industry
best practices to mitigate the risk of payment card data breaches and non-compliance, ensuring
the long-term success and stability of their operations. (IFP, 08 June 2023)

5) Cloud security risks

Cloud security encompasses the technologies, applications, controls, and policies that protect
people, data, and infrastructure from cyber-attacks and compliance risks on cloud computing
platforms. It involves a comprehensive set of security measures designed to address both
external and internal security threats to organizations, including controlling security,
compliance, and other usage risks of cloud computing and data storage.

6) Third party risks

Third-party risk is associated with the probability of your organization encountering negative
consequences in case you opt for outsourcing some functions or employing certain software
made by third parties (e.g. data loss, operational interruption and loss of public trust). Third
parties are any third parties who provide software, tangible products and items or services
including any separate legal entity. External agents may include software companies, raw
material suppliers, employment agencies, management consultants, and outsource service
providers.
Reference

https://www.kaspersky.com/resource-center/threats/what-is-a-security-breach

https://www.checkpoint.com/cyber-hub/threat-prevention/ransomware/

https://www.cloudflare.com/learning/access-management/phishing-attack/

https://www.aspirets.com/blog/what-are-internal-threats-cyber-security/#:~:text=Internal%20cyber
%20security%20threats%20are,to%20company%20devices%20or%20data.

https://www.splunk.com/en_us/blog/learn/vulnerability-vs-threat-vs-risk.html

https://www.insightsforprofessionals.com/management/compliance/types-of-compliance-risk-guilty-of

https://www.proofpoint.com/us/threat-reference/cloud-security