2 GbytesAnd these are the ones you can see. Others are just programs that install on your PC and continuously send back info.
Qualitative – rate the likelihood and impact of each threat you’ve identified.Look at Hugo:Likelihood – RareImpact – Material, maybe Catastrophic
Banking example from malwareBrowser overlay with keyloggerInformation captured and transmitted to criminals, but not bankAccount emptied within 3 minutes of user login while user being delayed by bogus error messagesUser then given false display showing old balance, and transaction list omitting those that emptied accountUser never actually connects with bank
Now you have one of these grids for each of the threats you identified and can make better decisions on which ones to mitigate.
If you decide to mitigate, there are two basic typesBehavioral (policy, process, education) – very effective for many threatsTechnological (anti-virus, firewall, intrusion detection, SPAM filters, …) – fairly effective in fighting yesterday’s threats; generally reacting to known threats; some new threat recognitionProbably need to do both. Avoid over reliance on technology.