Risk and Risk Management
The possibility of something bad/damage happening to an information system.
What is risk?
The state of keeping or being kept secret or private.
What is confidentiality?
This person performs malicious acts on computers and/or networks for their personal gain.
What is a hacker?
A wireless technology used to share data over a short distance. E.g., connecting earphones or a watch to a cellphone.
What is a Bluetooth?
A type of social engineering where an attacker sends a fraudulent email designed to trick a human victim into revealing sensitive information to the attacker.
What is Phishing?
A flaw or weakness in a system’s design or operation that could be exploited to attack the system.
What is a vulnerability?
Daily Double: "You can't handle the truth!"
What is A Few Good Men (1992)?
It is a program used by hackers to crack passwords.
What is a password cracker?
A form of digital currency, it is not an official currency, however, which means that it operates without the involvement of banks or clearinghouse. There is no control over it.
What is bitcoin?
Online storage that allows us to access our files/folders anywhere with an Internet connection.
What is cloud storage?
An insurance company may offer this type of insurance to help protect companies from losses related to cyber incidents.
What is cyber insurance?
A document that contains a set of rules and standards that a company publishes to protect its assets.
What is a Policy?
A malicious actor seeks to steal this and sell it on the dark web.
What is personal data or Personally Identifiable Information (PII)?
A network security system that monitors, blocks and controls incoming and outgoing network traffic based on pre-determined security rules.
What is a firewall?
This process converts plaintext data into an alternative form known as ciphertext, making the message unreadable.
Who is Encryption?
Reducing the likelihood of the risk.
What is risk mitigation/control?
Requires users to provide two authentication factors that includes a combination of something the user knows --like a password or PIN; something the user has -- like an ID card, security token or smartphone; or something the user is --biometrics.
What is two-factor authentication/multi-factor authentication?
It is stealing discarded bank statements, checks, phone numbers, and so on from the garbage can.
What is dumpster diving?
"Toto, I've a feeling we're not in Kansas anymore"
What is The Wizard of Oz (1939)?
Daily Double: "One ring to rule them all, One ring to find them, One ring to bring them all, and in the darkness bind them"
What is The Lord of the Rings Trilogy (2001- 2003)?
An exercise performed to assess the risk and determine its impact to an organization.
What is a Risk Assessment?
Confidentiality, Integrity, Availability
What is the CIA Triad?
Malware that holds a computer captive until the owner pays the demanded ransom.
What is ransomware?
It is a secure connection for users to work remotely and access corporate systems. It is abbreviated as VPN.
What is Virtual Private Network?
It has "HTTPs”, and it has a lock showing on the URL.
What is secure website?