Unit 3 Discussion: Risk Management Process
7/1/2014
IS3110
Mr. Jackson
The step, that I believe is the most important in the risk management process, is vulnerability identification. A vulnerability is a weakness in the infrastructure or environment of the network. Any weakness can be exposed (exploited) and threatened. If vulnerabilities are not identified, then how can the Security Administrator properly set security policies and guidelines in place to protect the network? If he/she doesn’t know of the vulnerabilities, then they will never put things in place until some threat occurs to the network. Network vulnerabilities come in many forms and fashions, and must be identified to be properly mitigated.
One common vulnerability is the lack of or outdated antivirus software. We get the popup alerts and click it away, because that alert is so annoying. But what must be realized is that annoying popup is a warning alert telling the user that the local workstation or network has a weakness that needs to be addressed.