SlideShare a Scribd company logo

Assignment 1

J
Jeewanthi Fernando

Information Security Risk Management and Audit

Education
1 of 11
Download to read offline
Sri Lanka Institute of Information Technology Master of Science (Information Management) Degree Program Information Security Risk Management and Audit Assignment 1 W.M.J.H. Fernando MS18901290
Scenario 01 Allegro - Worksheet 10 INFORMATION ASSET RISK WORKSHEET InformationAssetRisk Threat Information Asset Manufacturing Execution System (MES) Area of Concern A DDoS attack occurs targeting the manufacturing operation. The gateway crashes exposing the workstations to other forms of malicious attack. (1) Actor Who would exploit the area of concern or threat? The employee with access to that network or hacker (2) Means How would the actor do it? What would they do? Using that network and botnet to do distribute DDoS attack (3) Motive What is the actor’s reason for doing it? The illegal access and change or crash the system (4) Outcome What would be the resulting effect on the information asset? ❑ Disclosure ❑ Modification Destruction Interruption (5) Security Requirements How would the information asset’s security requirements be breached? Only the approved employees can control and change the System (6) Probability What is the likelihood that this threat scenario could occur? High 75% ❑ Medium 50% ❑ Low 25% (7) Consequences What are the consequences to the organization or the information asset owner as a result of the outcome and breach of security requirements? (8) Severity How severe are these consequences to the organization or asset owner by impact area? Impact Area Value Score To the Manufacturing Execution System DDoS attack will highly affected and lead to more attacks to system. Reputation & Customer Confidence Low (1) 0.75 Financial Low (1) 0.75 To the Manufacturing Execution System DDoS attack will reason in most of days or hours. Productivity High (3) 2.25 Safety & Health High (3) 2.25 There are payments can be expected form clients. Fines & Legal Penalties Low (1) 0.75 User Defined Impact Area - - Relative Risk Score 6.75
(9) Risk Mitigation Based on the total score for this risk, what action will you take? ❑ Accept ❑ Defer Mitigate ❑ Transfer For the risks that you decide to mitigate, perform the following: On what container would you apply controls? What administrative, technical, and physical controls would you apply on this container? What residual risk would still be accepted by the organization? Network: Gateway • Install the IDS to there are network • Evaluate network traffic and distrustful IP communication through there are network. • It is practically enough bandwidth form ISP to endure the attack.
Scenario 02 Allegro - Worksheet 10 INFORMATION ASSET RISK WORKSHEET InformationAssetRisk Threat Information Asset Manufacturing Execution System (MES) Area of Concern A malicious software is attack process of workstation. There are functions are inaccessible to the designation users. (1) Actor Who would exploit the area of concern or threat? The employee with access to that network or hacker (2) Means How would the actor do it? What would they do? This malicious software will connect with intranet or it installed to one of the workstation operations. (3) Motive What is the actor’s reason for doing it? The illegal access and change or crash the system or the workstation operating system. (4) Outcome What would be the resulting effect on the information asset? ❑ Disclosure ❑ Modification Destruction Interruption (5) Security Requirements How would the information asset’s security requirements be breached? Only the approved employees can control and change the System. Data should be disclosure for outside companies. (6) Probability What is the likelihood that this threat scenario could occur? High 75% Medium 50% ❑ Low 25% (7) Consequences What are the consequences to the organization or the information asset owner as a result of the outcome and breach of security requirements? (8) Severity How severe are these consequences to the organization or asset owner by impact area? Impact Area Value Score A malware can hypothetically have long lasting things until it can be recognized and appropriately removed. Reputation & Customer Confidence Low (1) 0.5 Financial Medium (2) 1 Malware aiming the severely disrupt the process of the Manufacturing Execution System Productivity High (3) 1.5 Safety & Health High (3) 1.5 Some fines can be expected from business and commercial customers Fines & Legal Penalties Low (1) 0.5 User Defined Impact Area - - Relative Risk Score 5
(9) Risk Mitigation Based on the total score for this risk, what action will you take? ❑ Accept ❑ Defer Mitigate ❑ Transfer For the risks that you decide to mitigate, perform the following: On what container would you apply controls? What administrative, technical, and physical controls would you apply on this container? What residual risk would still be accepted by the organization? Network: Gateway • Install the IDS to there are network • Evaluate network traffic and distrustful IP communication through there are network.
Scenario 03 Allegro - Worksheet 10 INFORMATION ASSET RISK WORKSHEET InformationAssetRisk Threat Information Asset Manufacturing Execution System (MES) Area of Concern Scanning of the workstations of the MES for open ports or ports used by SIEMENS WinCC for additional activity (1) Actor Who would exploit the area of concern or threat? The employee with access to that network or hacker (2) Means How would the actor do it? What would they do? Using the internet to do port scanning, an information gathering method (3) Motive What is the actor’s reason for doing it? The illegal access and identify the vulnerabilities (4) Outcome What would be the resulting effect on the information asset? ❑ Disclosure ❑ Modification Destruction Interruption (5) Security Requirements How would the information asset’s security requirements be breached? Only the approved employees can control and change the System (6) Probability What is the likelihood that this threat scenario could occur? High 75% ❑ Medium 50% ❑ Low 25% (7) Consequences What are the consequences to the organization or the information asset owner as a result of the outcome and breach of security requirements? (8) Severity How severe are these consequences to the organization or asset owner by impact area? Impact Area Value Score The port scanning used to detect vulnerability in OS and the service running on the OS of the MES Reputation & Customer Confidence Low (1) 0.75 Financial Low (1) 0.75 Such activities could be illegal remote access to infect with malware Productivity Low (1) 0.75 Safety & Health Low (1) 0.75 Some fines can be expected from business and commercial customers Fines & Legal Penalties Low (1) 0.75 User Defined Impact Area - - Relative Risk Score 3.75
(9) Risk Mitigation Based on the total score for this risk, what action will you take? ❑ Accept ❑ Defer Mitigate ❑ Transfer For the risks that you decide to mitigate, perform the following: On what container would you apply controls? What administrative, technical, and physical controls would you apply on this container? What residual risk would still be accepted by the organization? Network: Gateway • Install the IDS to there are network • Evaluate network traffic and distrustful IP communication through there are network. E.g.: Broad rang of connection needs on another port by a single IP
Scenario 04 Allegro - Worksheet 10 INFORMATION ASSET RISK WORKSHEET InformationAssetRisk Threat Information Asset Manufacturing Execution System (MES) Area of Concern A hardware defect on the workstation of MES occurs (1) Actor Who would exploit the area of concern or threat? The employee with access to that network or hacker (2) Means How would the actor do it? What would they do? Using a virus or remote exploit, after a DDoS attack has occurred, an interested party could cause a hardware defect. (3) Motive What is the actor’s reason for doing it? Gain unauthorized access and damage one of the one of the workstations (4) Outcome What would be the resulting effect on the information asset? ❑ Disclosure ❑ Modification Destruction Interruption (5) Security Requirements How would the information asset’s security requirements be breached? The workstation of the MES must available to provide 24/7/365 activities (6) Probability What is the likelihood that this threat scenario could occur? ❑ High 75% ❑ Medium 50% Low 25% (7) Consequences What are the consequences to the organization or the information asset owner as a result of the outcome and breach of security requirements? (8) Severity How severe are these consequences to the organization or asset owner by impact area? Impact Area Value Score A hardware fault can have high financial costs due to the cost of repair and inaccessibility of the infrastructure Reputation & Customer Confidence High (3) 0.75 Financial Medium (2) 0.5 A hardware fault could delay production for an indefinite amount of time depending on the fault. Productivity High (3) 0.75 Safety & Health High (3) 0.75 Some fines can be expected from business and commercial customers Fines & Legal Penalties Low (1) 0.25 User Defined Impact Area - - Relative Risk Score 3
(9) Risk Mitigation Based on the total score for this risk, what action will you take? ❑ Accept ❑ Defer Mitigate ❑ Transfer For the risks that you decide to mitigate, perform the following: On what container would you apply controls? What administrative, technical, and physical controls would you apply on this container? What residual risk would still be accepted by the organization? Technical: Workstation • Keep the backup system (BCP) up to date and arranged to go live within maximum one hour. • Crack to remove the problem at it source, perhaps virus.
Scenario 05 Allegro - Worksheet 10 INFORMATION ASSET RISK WORKSHEET InformationAssetRisk Threat Information Asset Manufacturing Execution System (MES) Area of Concern A software fault on the Microsoft Windows OS or the Siemens WinCC software is exploited to crash or change the software. Workstations are not repaired to the newest updates. (1) Actor Who would exploit the area of concern or threat? The employee with access to that network or hacker (2) Means How would the actor do it? What would they do? Via a virus or remote access after a DDoS or port scanning attack has happened (3) Motive What is the actor’s reason for doing it? The illegal access to & do the modification or the crash the Siemens Simatic software or the operating system of the workstation. (4) Outcome What would be the resulting effect on the information asset? ❑ Disclosure ❑ Modification Destruction Interruption (5) Security Requirements How would the information asset’s security requirements be breached? Only the approved employees can control and change the System (6) Probability What is the likelihood that this threat scenario could occur? High 75% ❑ Medium 50% ❑ Low 25% (7) Consequences What are the consequences to the organization or the information asset owner as a result of the outcome and breach of security requirements? (8) Severity How severe are these consequences to the organization or asset owner by impact area? Impact Area Value Score A software crash on the Simatic or OS it could lead to miss on readings about malfunctions of the infrastructure or cause them. It would hinder productivity possibly to a halt affecting distribution. Some financial loss is expected Reputation & Customer Confidence Low (1) 0.75 Financial Medium (2) 1.5 A software crash on the Simatic or OS it could lead to miss on readings about malfunctions of the infrastructure or cause them. It would hinder productivity possibly to a halt and put at risk the health & safety of the personnel Productivity High (3) 2.25 Safety & Health High (3) 2.25 Some fines can be expected from business and commercial customers Fines & Legal Penalties Low (1) 0.75 User Defined Impact Area - - Relative Risk Score 7.5
(9) Risk Mitigation Based on the total score for this risk, what action will you take? ❑ Accept ❑ Defer Mitigate ❑ Transfer For the risks that you decide to mitigate, perform the following: On what container would you apply controls? What administrative, technical, and physical controls would you apply on this container? What residual risk would still be accepted by the organization? Simatic Be in contact with Siemens to apply patches for known vulnerabilities MS windows OS Be in contact with Microsoft to apply patches for known vulnerabilities Developer System Carefully test these against the bring copy of the MES

Recommended

IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessmentCAS
 
Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?Skybox Security
 
Planning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramPlanning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramSasha Nunke
 
USPS CISO Academy - Vulnerability Management
USPS CISO Academy - Vulnerability ManagementUSPS CISO Academy - Vulnerability Management
USPS CISO Academy - Vulnerability ManagementJim Piechocki
 
Vulnerability Malware And Risk
Vulnerability Malware And RiskVulnerability Malware And Risk
Vulnerability Malware And RiskChandrashekhar B
 
Why Patch Management is Still the Best First Line of Defense
Why Patch Management is Still the Best First Line of DefenseWhy Patch Management is Still the Best First Line of Defense
Why Patch Management is Still the Best First Line of DefenseLumension
 
Vulnerability scanning report by Tareq Hanaysha
Vulnerability scanning report by Tareq HanayshaVulnerability scanning report by Tareq Hanaysha
Vulnerability scanning report by Tareq HanayshaHanaysha
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityLumension
 

Recommended

IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessmentCAS
 
Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?Is Your Vulnerability Management Program Irrelevant?
Is Your Vulnerability Management Program Irrelevant?Skybox Security
 
Planning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramPlanning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramSasha Nunke
 
USPS CISO Academy - Vulnerability Management
USPS CISO Academy - Vulnerability ManagementUSPS CISO Academy - Vulnerability Management
USPS CISO Academy - Vulnerability ManagementJim Piechocki
 
Vulnerability Malware And Risk
Vulnerability Malware And RiskVulnerability Malware And Risk
Vulnerability Malware And RiskChandrashekhar B
 
Why Patch Management is Still the Best First Line of Defense
Why Patch Management is Still the Best First Line of DefenseWhy Patch Management is Still the Best First Line of Defense
Why Patch Management is Still the Best First Line of DefenseLumension
 
Vulnerability scanning report by Tareq Hanaysha
Vulnerability scanning report by Tareq HanayshaVulnerability scanning report by Tareq Hanaysha
Vulnerability scanning report by Tareq HanayshaHanaysha
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityLumension
 
Vulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskVulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskAlienVault
 
Enterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to BasicsEnterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to BasicsDamon Small
 
Enterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A BossEnterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A Bossrbrockway
 
Information security-toolkit-76396-8
Information security-toolkit-76396-8Information security-toolkit-76396-8
Information security-toolkit-76396-8colleenatrsc
 
Vulnerability , Malware and Risk
Vulnerability , Malware and RiskVulnerability , Malware and Risk
Vulnerability , Malware and RiskSecPod Technologies
 
Patch and Vulnerability Management
Patch and Vulnerability ManagementPatch and Vulnerability Management
Patch and Vulnerability ManagementMarcelo Martins
 
Software security engineering
Software security engineeringSoftware security engineering
Software security engineeringaizazhussain234
 
Is Your Vulnerability Management Program Keeping Pace With Risks?
Is Your Vulnerability Management Program Keeping Pace With Risks?Is Your Vulnerability Management Program Keeping Pace With Risks?
Is Your Vulnerability Management Program Keeping Pace With Risks?Skybox Security
 
Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...
Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...
Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...Brian Andrzejewski
 
Sample penetration testing agreement for core infrastructure
Sample penetration testing agreement for core infrastructureSample penetration testing agreement for core infrastructure
Sample penetration testing agreement for core infrastructureDavid Sweigert
 
Patch Management - 2013
Patch Management - 2013Patch Management - 2013
Patch Management - 2013Vicky Ames
 
Effective Vulnerability Management
Effective Vulnerability ManagementEffective Vulnerability Management
Effective Vulnerability ManagementVicky Ames
 
The uncool-security-hygiene
The uncool-security-hygieneThe uncool-security-hygiene
The uncool-security-hygieneThiagu Haldurai
 
Cas 003-q&a-demo-exam area
Cas 003-q&a-demo-exam areaCas 003-q&a-demo-exam area
Cas 003-q&a-demo-exam areaSamanthaGreen16
 
Network Vulnerability Assessment: Key Decision Points
Network Vulnerability Assessment: Key Decision PointsNetwork Vulnerability Assessment: Key Decision Points
Network Vulnerability Assessment: Key Decision PointsPivotPointSecurity
 
Implementing Vulnerability Management
Implementing Vulnerability Management Implementing Vulnerability Management
Implementing Vulnerability Management Argyle Executive Forum
 
Vulnerability Management Program
Vulnerability Management ProgramVulnerability Management Program
Vulnerability Management ProgramDennis Chaupis
 
Ce hv6 module 65 patch management
Ce hv6 module 65 patch managementCe hv6 module 65 patch management
Ce hv6 module 65 patch managementVi Tính Hoàng Nam
 
Top 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationTop 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationSridhar Karnam
 
Software Vulnerabilities Risk Remediation
Software Vulnerabilities Risk RemediationSoftware Vulnerabilities Risk Remediation
Software Vulnerabilities Risk RemediationBruce Hafner
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)Norm Barber
 
Cisco Connected Factory - Security
Cisco Connected Factory - SecurityCisco Connected Factory - Security
Cisco Connected Factory - SecurityConnected Futures
 

More Related Content

What's hot

Vulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskVulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskAlienVault
 
Enterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to BasicsEnterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to BasicsDamon Small
 
Enterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A BossEnterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A Bossrbrockway
 
Information security-toolkit-76396-8
Information security-toolkit-76396-8Information security-toolkit-76396-8
Information security-toolkit-76396-8colleenatrsc
 
Vulnerability , Malware and Risk
Vulnerability , Malware and RiskVulnerability , Malware and Risk
Vulnerability , Malware and RiskSecPod Technologies
 
Patch and Vulnerability Management
Patch and Vulnerability ManagementPatch and Vulnerability Management
Patch and Vulnerability ManagementMarcelo Martins
 
Software security engineering
Software security engineeringSoftware security engineering
Software security engineeringaizazhussain234
 
Is Your Vulnerability Management Program Keeping Pace With Risks?
Is Your Vulnerability Management Program Keeping Pace With Risks?Is Your Vulnerability Management Program Keeping Pace With Risks?
Is Your Vulnerability Management Program Keeping Pace With Risks?Skybox Security
 
Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...
Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...
Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...Brian Andrzejewski
 
Sample penetration testing agreement for core infrastructure
Sample penetration testing agreement for core infrastructureSample penetration testing agreement for core infrastructure
Sample penetration testing agreement for core infrastructureDavid Sweigert
 
Patch Management - 2013
Patch Management - 2013Patch Management - 2013
Patch Management - 2013Vicky Ames
 
Effective Vulnerability Management
Effective Vulnerability ManagementEffective Vulnerability Management
Effective Vulnerability ManagementVicky Ames
 
The uncool-security-hygiene
The uncool-security-hygieneThe uncool-security-hygiene
The uncool-security-hygieneThiagu Haldurai
 
Cas 003-q&a-demo-exam area
Cas 003-q&a-demo-exam areaCas 003-q&a-demo-exam area
Cas 003-q&a-demo-exam areaSamanthaGreen16
 
Network Vulnerability Assessment: Key Decision Points
Network Vulnerability Assessment: Key Decision PointsNetwork Vulnerability Assessment: Key Decision Points
Network Vulnerability Assessment: Key Decision PointsPivotPointSecurity
 
Implementing Vulnerability Management
Implementing Vulnerability Management Implementing Vulnerability Management
Implementing Vulnerability Management Argyle Executive Forum
 
Vulnerability Management Program
Vulnerability Management ProgramVulnerability Management Program
Vulnerability Management ProgramDennis Chaupis
 
Ce hv6 module 65 patch management
Ce hv6 module 65 patch managementCe hv6 module 65 patch management
Ce hv6 module 65 patch managementVi Tính Hoàng Nam
 
Top 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationTop 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationSridhar Karnam
 
Software Vulnerabilities Risk Remediation
Software Vulnerabilities Risk RemediationSoftware Vulnerabilities Risk Remediation
Software Vulnerabilities Risk RemediationBruce Hafner
 

What's hot (20)

Vulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskVulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize Risk
 
Enterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to BasicsEnterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to Basics
 
Enterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A BossEnterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A Boss
 
Information security-toolkit-76396-8
Information security-toolkit-76396-8Information security-toolkit-76396-8
Information security-toolkit-76396-8
 
Vulnerability , Malware and Risk
Vulnerability , Malware and RiskVulnerability , Malware and Risk
Vulnerability , Malware and Risk
 
Patch and Vulnerability Management
Patch and Vulnerability ManagementPatch and Vulnerability Management
Patch and Vulnerability Management
 
Software security engineering
Software security engineeringSoftware security engineering
Software security engineering
 
Is Your Vulnerability Management Program Keeping Pace With Risks?
Is Your Vulnerability Management Program Keeping Pace With Risks?Is Your Vulnerability Management Program Keeping Pace With Risks?
Is Your Vulnerability Management Program Keeping Pace With Risks?
 
Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...
Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...
Exercise Your SOC: How to run an effective SOC response simulation (BSidesCha...
 
Sample penetration testing agreement for core infrastructure
Sample penetration testing agreement for core infrastructureSample penetration testing agreement for core infrastructure
Sample penetration testing agreement for core infrastructure
 
Patch Management - 2013
Patch Management - 2013Patch Management - 2013
Patch Management - 2013
 
Effective Vulnerability Management
Effective Vulnerability ManagementEffective Vulnerability Management
Effective Vulnerability Management
 
The uncool-security-hygiene
The uncool-security-hygieneThe uncool-security-hygiene
The uncool-security-hygiene
 
Cas 003-q&a-demo-exam area
Cas 003-q&a-demo-exam areaCas 003-q&a-demo-exam area
Cas 003-q&a-demo-exam area
 
Network Vulnerability Assessment: Key Decision Points
Network Vulnerability Assessment: Key Decision PointsNetwork Vulnerability Assessment: Key Decision Points
Network Vulnerability Assessment: Key Decision Points
 
Implementing Vulnerability Management
Implementing Vulnerability Management Implementing Vulnerability Management
Implementing Vulnerability Management
 
Vulnerability Management Program
Vulnerability Management ProgramVulnerability Management Program
Vulnerability Management Program
 
Ce hv6 module 65 patch management
Ce hv6 module 65 patch managementCe hv6 module 65 patch management
Ce hv6 module 65 patch management
 
Top 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationTop 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integration
 
Software Vulnerabilities Risk Remediation
Software Vulnerabilities Risk RemediationSoftware Vulnerabilities Risk Remediation
Software Vulnerabilities Risk Remediation
 

Similar to Assignment 1

SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)Norm Barber
 
Cisco Connected Factory - Security
Cisco Connected Factory - SecurityCisco Connected Factory - Security
Cisco Connected Factory - SecurityConnected Futures
 
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentTIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentInfocyte
 
Cybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceCybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceEnergySec
 
Servers compliance: audit, remediation, proof
Servers compliance: audit, remediation, proofServers compliance: audit, remediation, proof
Servers compliance: audit, remediation, proofRUDDER
 
L11 Transition And Key Roles and SAT ROB IRP.pptx
L11 Transition And Key Roles and SAT ROB IRP.pptxL11 Transition And Key Roles and SAT ROB IRP.pptx
L11 Transition And Key Roles and SAT ROB IRP.pptxStevenTharp2
 
Security Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA EnvironmentsSecurity Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA Environmentsamiable_indian
 
Causes And Consequences Of Data Leakage
Causes And Consequences Of Data LeakageCauses And Consequences Of Data Leakage
Causes And Consequences Of Data LeakagePatty Buckley
 
ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...
ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...
ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...Amazon Web Services
 
Adaptive Security and Incident Response - A Business-Driven Approach
Adaptive Security and Incident Response - A Business-Driven ApproachAdaptive Security and Incident Response - A Business-Driven Approach
Adaptive Security and Incident Response - A Business-Driven ApproachAlgoSec
 
SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4Rodrigo Piovesana
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionShah Sheikh
 
Infographic-1-MainFrame BlindSpots_082015
Infographic-1-MainFrame BlindSpots_082015Infographic-1-MainFrame BlindSpots_082015
Infographic-1-MainFrame BlindSpots_082015Clint Walker
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protectionxband
 
Safety and security in distributed systems
Safety and security in distributed systemsSafety and security in distributed systems
Safety and security in distributed systemsEinar Landre
 
Safety and security in distributed systems
Safety and security in distributed systems Safety and security in distributed systems
Safety and security in distributed systems Einar Landre
 
Software Security Testing
Software Security TestingSoftware Security Testing
Software Security Testingankitmehta21
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondSecPod Technologies
 
Five critical conditions to maximizing security intelligence investments
Five critical conditions to maximizing security intelligence investmentsFive critical conditions to maximizing security intelligence investments
Five critical conditions to maximizing security intelligence investmentsIBM Security
 

Similar to Assignment 1 (20)

SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
 
Cisco Connected Factory - Security
Cisco Connected Factory - SecurityCisco Connected Factory - Security
Cisco Connected Factory - Security
 
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentTIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
 
Cybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceCybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond Compliance
 
Servers compliance: audit, remediation, proof
Servers compliance: audit, remediation, proofServers compliance: audit, remediation, proof
Servers compliance: audit, remediation, proof
 
L11 Transition And Key Roles and SAT ROB IRP.pptx
L11 Transition And Key Roles and SAT ROB IRP.pptxL11 Transition And Key Roles and SAT ROB IRP.pptx
L11 Transition And Key Roles and SAT ROB IRP.pptx
 
Security Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA EnvironmentsSecurity Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA Environments
 
Causes And Consequences Of Data Leakage
Causes And Consequences Of Data LeakageCauses And Consequences Of Data Leakage
Causes And Consequences Of Data Leakage
 
ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...
ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...
ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...
 
Adaptive Security and Incident Response - A Business-Driven Approach
Adaptive Security and Incident Response - A Business-Driven ApproachAdaptive Security and Incident Response - A Business-Driven Approach
Adaptive Security and Incident Response - A Business-Driven Approach
 
SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
 
Infographic-1-MainFrame BlindSpots_082015
Infographic-1-MainFrame BlindSpots_082015Infographic-1-MainFrame BlindSpots_082015
Infographic-1-MainFrame BlindSpots_082015
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protection
 
Safety and security in distributed systems
Safety and security in distributed systemsSafety and security in distributed systems
Safety and security in distributed systems
 
Safety and security in distributed systems
Safety and security in distributed systems Safety and security in distributed systems
Safety and security in distributed systems
 
Software Security Testing
Software Security TestingSoftware Security Testing
Software Security Testing
 
Managing security threats in today’s enterprise
Managing security threats in today’s enterpriseManaging security threats in today’s enterprise
Managing security threats in today’s enterprise
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
 
Five critical conditions to maximizing security intelligence investments
Five critical conditions to maximizing security intelligence investmentsFive critical conditions to maximizing security intelligence investments
Five critical conditions to maximizing security intelligence investments
 

More from Jeewanthi Fernando

Business Process Management Doc
Business Process Management DocBusiness Process Management Doc
Business Process Management DocJeewanthi Fernando
 

More from Jeewanthi Fernando (20)

Assingment 5 - ENSA
Assingment 5 - ENSAAssingment 5 - ENSA
Assingment 5 - ENSA
 
Assingment 4 - DDos
Assingment 4 - DDosAssingment 4 - DDos
Assingment 4 - DDos
 
Assingment 3 - Bug bounty
Assingment 3 - Bug bountyAssingment 3 - Bug bounty
Assingment 3 - Bug bounty
 
Assingment 2 - Law
Assingment 2 - LawAssingment 2 - Law
Assingment 2 - Law
 
Assingment 1 - Google haker
Assingment 1 - Google hakerAssingment 1 - Google haker
Assingment 1 - Google haker
 
Ob group presentation
Ob group presentationOb group presentation
Ob group presentation
 
OB group assignment
OB group assignmentOB group assignment
OB group assignment
 
Poster
PosterPoster
Poster
 
Assignment - Maliban
Assignment - MalibanAssignment - Maliban
Assignment - Maliban
 
BPM presentation
BPM presentationBPM presentation
BPM presentation
 
Business Process Management Doc
Business Process Management DocBusiness Process Management Doc
Business Process Management Doc
 
Group assingment
Group assingmentGroup assingment
Group assingment
 
Class activity 5
Class activity 5 Class activity 5
Class activity 5
 
Class activity 4
Class activity 4 Class activity 4
Class activity 4
 
Class activity 3
Class activity 3 Class activity 3
Class activity 3
 
Professional networking
Professional networkingProfessional networking
Professional networking
 
Assignment 1
Assignment 1Assignment 1
Assignment 1
 
Tesco doc
Tesco docTesco doc
Tesco doc
 
Tesco
TescoTesco
Tesco
 
ALSS Assingment 1
ALSS Assingment 1ALSS Assingment 1
ALSS Assingment 1
 

Recently uploaded

Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...anjaliyadav012327
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
The byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxThe byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxShobhayan Kirtania
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 

Recently uploaded (20)

Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
The byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxThe byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptx
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 

Assignment 1

  • 1. Sri Lanka Institute of Information Technology Master of Science (Information Management) Degree Program Information Security Risk Management and Audit Assignment 1 W.M.J.H. Fernando MS18901290
  • 2. Scenario 01 Allegro - Worksheet 10 INFORMATION ASSET RISK WORKSHEET InformationAssetRisk Threat Information Asset Manufacturing Execution System (MES) Area of Concern A DDoS attack occurs targeting the manufacturing operation. The gateway crashes exposing the workstations to other forms of malicious attack. (1) Actor Who would exploit the area of concern or threat? The employee with access to that network or hacker (2) Means How would the actor do it? What would they do? Using that network and botnet to do distribute DDoS attack (3) Motive What is the actor’s reason for doing it? The illegal access and change or crash the system (4) Outcome What would be the resulting effect on the information asset? ❑ Disclosure ❑ Modification Destruction Interruption (5) Security Requirements How would the information asset’s security requirements be breached? Only the approved employees can control and change the System (6) Probability What is the likelihood that this threat scenario could occur? High 75% ❑ Medium 50% ❑ Low 25% (7) Consequences What are the consequences to the organization or the information asset owner as a result of the outcome and breach of security requirements? (8) Severity How severe are these consequences to the organization or asset owner by impact area? Impact Area Value Score To the Manufacturing Execution System DDoS attack will highly affected and lead to more attacks to system. Reputation & Customer Confidence Low (1) 0.75 Financial Low (1) 0.75 To the Manufacturing Execution System DDoS attack will reason in most of days or hours. Productivity High (3) 2.25 Safety & Health High (3) 2.25 There are payments can be expected form clients. Fines & Legal Penalties Low (1) 0.75 User Defined Impact Area - - Relative Risk Score 6.75
  • 3. (9) Risk Mitigation Based on the total score for this risk, what action will you take? ❑ Accept ❑ Defer Mitigate ❑ Transfer For the risks that you decide to mitigate, perform the following: On what container would you apply controls? What administrative, technical, and physical controls would you apply on this container? What residual risk would still be accepted by the organization? Network: Gateway • Install the IDS to there are network • Evaluate network traffic and distrustful IP communication through there are network. • It is practically enough bandwidth form ISP to endure the attack.
  • 4. Scenario 02 Allegro - Worksheet 10 INFORMATION ASSET RISK WORKSHEET InformationAssetRisk Threat Information Asset Manufacturing Execution System (MES) Area of Concern A malicious software is attack process of workstation. There are functions are inaccessible to the designation users. (1) Actor Who would exploit the area of concern or threat? The employee with access to that network or hacker (2) Means How would the actor do it? What would they do? This malicious software will connect with intranet or it installed to one of the workstation operations. (3) Motive What is the actor’s reason for doing it? The illegal access and change or crash the system or the workstation operating system. (4) Outcome What would be the resulting effect on the information asset? ❑ Disclosure ❑ Modification Destruction Interruption (5) Security Requirements How would the information asset’s security requirements be breached? Only the approved employees can control and change the System. Data should be disclosure for outside companies. (6) Probability What is the likelihood that this threat scenario could occur? High 75% Medium 50% ❑ Low 25% (7) Consequences What are the consequences to the organization or the information asset owner as a result of the outcome and breach of security requirements? (8) Severity How severe are these consequences to the organization or asset owner by impact area? Impact Area Value Score A malware can hypothetically have long lasting things until it can be recognized and appropriately removed. Reputation & Customer Confidence Low (1) 0.5 Financial Medium (2) 1 Malware aiming the severely disrupt the process of the Manufacturing Execution System Productivity High (3) 1.5 Safety & Health High (3) 1.5 Some fines can be expected from business and commercial customers Fines & Legal Penalties Low (1) 0.5 User Defined Impact Area - - Relative Risk Score 5
  • 5. (9) Risk Mitigation Based on the total score for this risk, what action will you take? ❑ Accept ❑ Defer Mitigate ❑ Transfer For the risks that you decide to mitigate, perform the following: On what container would you apply controls? What administrative, technical, and physical controls would you apply on this container? What residual risk would still be accepted by the organization? Network: Gateway • Install the IDS to there are network • Evaluate network traffic and distrustful IP communication through there are network.
  • 6. Scenario 03 Allegro - Worksheet 10 INFORMATION ASSET RISK WORKSHEET InformationAssetRisk Threat Information Asset Manufacturing Execution System (MES) Area of Concern Scanning of the workstations of the MES for open ports or ports used by SIEMENS WinCC for additional activity (1) Actor Who would exploit the area of concern or threat? The employee with access to that network or hacker (2) Means How would the actor do it? What would they do? Using the internet to do port scanning, an information gathering method (3) Motive What is the actor’s reason for doing it? The illegal access and identify the vulnerabilities (4) Outcome What would be the resulting effect on the information asset? ❑ Disclosure ❑ Modification Destruction Interruption (5) Security Requirements How would the information asset’s security requirements be breached? Only the approved employees can control and change the System (6) Probability What is the likelihood that this threat scenario could occur? High 75% ❑ Medium 50% ❑ Low 25% (7) Consequences What are the consequences to the organization or the information asset owner as a result of the outcome and breach of security requirements? (8) Severity How severe are these consequences to the organization or asset owner by impact area? Impact Area Value Score The port scanning used to detect vulnerability in OS and the service running on the OS of the MES Reputation & Customer Confidence Low (1) 0.75 Financial Low (1) 0.75 Such activities could be illegal remote access to infect with malware Productivity Low (1) 0.75 Safety & Health Low (1) 0.75 Some fines can be expected from business and commercial customers Fines & Legal Penalties Low (1) 0.75 User Defined Impact Area - - Relative Risk Score 3.75
  • 7. (9) Risk Mitigation Based on the total score for this risk, what action will you take? ❑ Accept ❑ Defer Mitigate ❑ Transfer For the risks that you decide to mitigate, perform the following: On what container would you apply controls? What administrative, technical, and physical controls would you apply on this container? What residual risk would still be accepted by the organization? Network: Gateway • Install the IDS to there are network • Evaluate network traffic and distrustful IP communication through there are network. E.g.: Broad rang of connection needs on another port by a single IP
  • 8. Scenario 04 Allegro - Worksheet 10 INFORMATION ASSET RISK WORKSHEET InformationAssetRisk Threat Information Asset Manufacturing Execution System (MES) Area of Concern A hardware defect on the workstation of MES occurs (1) Actor Who would exploit the area of concern or threat? The employee with access to that network or hacker (2) Means How would the actor do it? What would they do? Using a virus or remote exploit, after a DDoS attack has occurred, an interested party could cause a hardware defect. (3) Motive What is the actor’s reason for doing it? Gain unauthorized access and damage one of the one of the workstations (4) Outcome What would be the resulting effect on the information asset? ❑ Disclosure ❑ Modification Destruction Interruption (5) Security Requirements How would the information asset’s security requirements be breached? The workstation of the MES must available to provide 24/7/365 activities (6) Probability What is the likelihood that this threat scenario could occur? ❑ High 75% ❑ Medium 50% Low 25% (7) Consequences What are the consequences to the organization or the information asset owner as a result of the outcome and breach of security requirements? (8) Severity How severe are these consequences to the organization or asset owner by impact area? Impact Area Value Score A hardware fault can have high financial costs due to the cost of repair and inaccessibility of the infrastructure Reputation & Customer Confidence High (3) 0.75 Financial Medium (2) 0.5 A hardware fault could delay production for an indefinite amount of time depending on the fault. Productivity High (3) 0.75 Safety & Health High (3) 0.75 Some fines can be expected from business and commercial customers Fines & Legal Penalties Low (1) 0.25 User Defined Impact Area - - Relative Risk Score 3
  • 9. (9) Risk Mitigation Based on the total score for this risk, what action will you take? ❑ Accept ❑ Defer Mitigate ❑ Transfer For the risks that you decide to mitigate, perform the following: On what container would you apply controls? What administrative, technical, and physical controls would you apply on this container? What residual risk would still be accepted by the organization? Technical: Workstation • Keep the backup system (BCP) up to date and arranged to go live within maximum one hour. • Crack to remove the problem at it source, perhaps virus.
  • 10. Scenario 05 Allegro - Worksheet 10 INFORMATION ASSET RISK WORKSHEET InformationAssetRisk Threat Information Asset Manufacturing Execution System (MES) Area of Concern A software fault on the Microsoft Windows OS or the Siemens WinCC software is exploited to crash or change the software. Workstations are not repaired to the newest updates. (1) Actor Who would exploit the area of concern or threat? The employee with access to that network or hacker (2) Means How would the actor do it? What would they do? Via a virus or remote access after a DDoS or port scanning attack has happened (3) Motive What is the actor’s reason for doing it? The illegal access to & do the modification or the crash the Siemens Simatic software or the operating system of the workstation. (4) Outcome What would be the resulting effect on the information asset? ❑ Disclosure ❑ Modification Destruction Interruption (5) Security Requirements How would the information asset’s security requirements be breached? Only the approved employees can control and change the System (6) Probability What is the likelihood that this threat scenario could occur? High 75% ❑ Medium 50% ❑ Low 25% (7) Consequences What are the consequences to the organization or the information asset owner as a result of the outcome and breach of security requirements? (8) Severity How severe are these consequences to the organization or asset owner by impact area? Impact Area Value Score A software crash on the Simatic or OS it could lead to miss on readings about malfunctions of the infrastructure or cause them. It would hinder productivity possibly to a halt affecting distribution. Some financial loss is expected Reputation & Customer Confidence Low (1) 0.75 Financial Medium (2) 1.5 A software crash on the Simatic or OS it could lead to miss on readings about malfunctions of the infrastructure or cause them. It would hinder productivity possibly to a halt and put at risk the health & safety of the personnel Productivity High (3) 2.25 Safety & Health High (3) 2.25 Some fines can be expected from business and commercial customers Fines & Legal Penalties Low (1) 0.75 User Defined Impact Area - - Relative Risk Score 7.5
  • 11. (9) Risk Mitigation Based on the total score for this risk, what action will you take? ❑ Accept ❑ Defer Mitigate ❑ Transfer For the risks that you decide to mitigate, perform the following: On what container would you apply controls? What administrative, technical, and physical controls would you apply on this container? What residual risk would still be accepted by the organization? Simatic Be in contact with Siemens to apply patches for known vulnerabilities MS windows OS Be in contact with Microsoft to apply patches for known vulnerabilities Developer System Carefully test these against the bring copy of the MES