Cmmt 431 Week 3 Software Threat Analysis
Applying Software Threat Analysis and Mitigation
April Assmann
CMGT/431
07/27/2015
Mark Stewart
Everyone is familiar with the organization the Red cross, and how many different families and lives they truly have impacted. Many people donate their time and money to help people in need. It is a wonderful organization, but if the team members aren’t fully aware of potential threats that could occur it could be very costly for all of those involved. People depend on the Red Cross when they are in the time of need, such as a Natural disaster. The first threat that I would like to discuss with everyone is in the event of human error thus is events that are either enabled by or caused by human beings, such as unintentional acts (inadvertent data entry) or deliberate actions (network based attacks, malicious software upload, unauthorized access to confidential information). You have to be cautious of everything you’re doing especially when it involves personal information. …show more content…
Another threat you have to be fully aware of is if a power outage occurs, how are you going to keep all lines of communication open?
Facility owners, particularly owners of public facilities, should develop and implement a security risk management methodology which adheres to the Interagency Security Committee (ISC) standard while also supporting the security needs of the organization as a whole. The first action you need to take is a threat assessment before anything. The first step in a risk management program is a threat assessment. A threat assessment considers the full spectrum of threats (i.e., natural, criminal, terrorist, accidental, etc.) for a given facility/location. The ISC standard only addresses man-made threats, but individual agencies are free to expand upon the threats they consider. The assessment should examine supporting information to evaluate the relative likelihood of occurrence for each threat ("Threat/vulnerability Assessments And Risk Analysis",
).
Project risk assessment is another way to help prevent any future attacks. Activities must be periodically updated throughout the project system development life cycle. Continuous risk management is essential for several reasons: 1. To monitor and measure progress in risk management,
2. To provide management with visible target dates and milestones in risk management activities,
3. To identify new risk items and issues, and
4. To establish new risk management priorities.
The American Red Cross supports the position that improved training and access to AEDs could save 50,000 lives each year. The Red Cross believes that all Americans should be within four minutes of an AED and someone trained to use it. When you are protecting and saving so many people it’s important that you are on track and fully aware of any threats that could be possible. If you know how to take stock of the strengths, weaknesses, opportunities, and threats, you are more likely to plan and act effectively.
I expect every single team member to do the following:
Explore various different possibilities for new efforts or solutions to problems.
Make certain decisions about the best path for your initiative. Identifying your opportunities for success in context of threats to success can clarify directions and choices.
Determine where any positive change is possible. If you are at a juncture or turning point, an inventory of your strengths and weaknesses can reveal priorities as well as possibilities.
Adjust and refine plans mid-course. A new opportunity might open wider avenues, while a new threat could close a path that once existed.
If everyone abides by these terms the Red Cross will continue to be a safe environment and be continue to be successful in the future.
References:
Threat/Vulnerability Assessments and Risk Analysis. (). Retrieved from http://www.wbdg.org/resources/riskanalysis.php
April Assmann
CMGT/431
07/27/2015
Mark Stewart
Everyone is familiar with the organization the Red cross, and how many different families and lives they truly have impacted. Many people donate their time and money to help people in need. It is a wonderful organization, but if the team members aren’t fully aware of potential threats that could occur it could be very costly for all of those involved. People depend on the Red Cross when they are in the time of need, such as a Natural disaster. The first threat that I would like to discuss with everyone is in the event of human error thus is events that are either enabled by or caused by human beings, such as unintentional acts (inadvertent data entry) or deliberate actions (network based attacks, malicious software upload, unauthorized access to confidential information). You have to be cautious of everything you’re doing especially when it involves personal information. …show more content…
Another threat you have to be fully aware of is if a power outage occurs, how are you going to keep all lines of communication open?
Facility owners, particularly owners of public facilities, should develop and implement a security risk management methodology which adheres to the Interagency Security Committee (ISC) standard while also supporting the security needs of the organization as a whole. The first action you need to take is a threat assessment before anything. The first step in a risk management program is a threat assessment. A threat assessment considers the full spectrum of threats (i.e., natural, criminal, terrorist, accidental, etc.) for a given facility/location. The ISC standard only addresses man-made threats, but individual agencies are free to expand upon the threats they consider. The assessment should examine supporting information to evaluate the relative likelihood of occurrence for each threat ("Threat/vulnerability Assessments And Risk Analysis",
).
Project risk assessment is another way to help prevent any future attacks. Activities must be periodically updated throughout the project system development life cycle. Continuous risk management is essential for several reasons: 1. To monitor and measure progress in risk management,
2. To provide management with visible target dates and milestones in risk management activities,
3. To identify new risk items and issues, and
4. To establish new risk management priorities.
The American Red Cross supports the position that improved training and access to AEDs could save 50,000 lives each year. The Red Cross believes that all Americans should be within four minutes of an AED and someone trained to use it. When you are protecting and saving so many people it’s important that you are on track and fully aware of any threats that could be possible. If you know how to take stock of the strengths, weaknesses, opportunities, and threats, you are more likely to plan and act effectively.
I expect every single team member to do the following:
Explore various different possibilities for new efforts or solutions to problems.
Make certain decisions about the best path for your initiative. Identifying your opportunities for success in context of threats to success can clarify directions and choices.
Determine where any positive change is possible. If you are at a juncture or turning point, an inventory of your strengths and weaknesses can reveal priorities as well as possibilities.
Adjust and refine plans mid-course. A new opportunity might open wider avenues, while a new threat could close a path that once existed.
If everyone abides by these terms the Red Cross will continue to be a safe environment and be continue to be successful in the future.
References:
Threat/Vulnerability Assessments and Risk Analysis. (). Retrieved from http://www.wbdg.org/resources/riskanalysis.php