What will happen if the CIO and the leaders do nothing and decide to accept the risks? Could the CIO transfer, mitigate, or eliminate the risks? What are the projected costs to address the risks?
To complete this section of your report, start by reviewing the following resources:
Information System Architecture
Web Security Issues
Insider Threats
Intrusion Motives/Hacker Psychology
Take what you learned about potential threats to assess the threat(s) to the organization’s information systems infrastructure that you wrote about in Step 4. Provide a brief summary of the kinds of threats that an organization could face, addressing insider threats, intrusions, hacker psychology, and other weakness that might provide opportunities to breach the system. Relate these threats to the vulnerabilities in the CIA triad.
Finally, review the mission and organization structure of your organization as well as roles within it, and recommend accesses, restrictions, and conditions for each role. What will happen if the CIO and the leaders do nothing and decide to accept the risks? Could the CIO transfer, mitigate, or eliminate the risks? What are the projected costs to address the risks?