Navigating the World of Cybersecurity: Understanding Risks and Threats

As the clock struck 12:30 PM, my tech-savvy companions and I embarked on our daily routine, heading to the library to continue our education on the ever-evolving field of Tech. With the “Hacker Mind” podcast playing in the background, I opened my Linux machine, ready to dive deeper into the ISC2 self-paced learning program. Today, we were going to explore the “Risk Management Process.”

But what exactly is “risk”? Simply put, it’s a measure of the extent to which an entity is threatened by potential circumstances or events. In the realm of cybersecurity, risks refer to the potential adverse impacts that sensitive information may face, such as unauthorised access, use, disclosure, modification, or destruction.

The level of cybersecurity needed is directly proportional to the level of risk an entity is willing to accept. Once the risk has been evaluated, appropriate security controls can be implemented to mitigate it. And while cyber attacks like malware, social engineering, and denial of service attacks are obvious risks, it’s important to remember that risks can also stem from other sources, such as natural disasters or violent crime.

As we delved deeper into the topic, we also discussed the importance of understanding the concepts of “threats” and “vulnerabilities.” A “vulnerability” is a gap or weakness in an organisation’s valuable assets, while a “threat” is something or someone that aims to exploit that vulnerability to gain unauthorised access. For example, a natural disaster like flooding poses a threat to the power supply, which is vulnerable to damage, while a hacker or “hacktivist” is a threat to a company’s valuable or sensitive data, which is vulnerable to a data breach or intellectual property theft.

Threat actors are a crucial aspect of cybersecurity that every individual should be aware of. These individuals or groups attempt to exploit vulnerabilities in order to cause or force a threat to occur. In order to fully understand threat actors, it is important to also understand the concept of “threat vector.” Threat vectors are the means by which a threat actor carries out their objective, such as through phishing emails, malware, and unpatched vulnerabilities.

There are several types of threat actors, including:

1. Insider threats, which can be caused by deliberate actions, human error, or incompetence.
2. Outside individuals or informal groups that may exploit vulnerabilities through planned or opportunistic means.
3. Formal entities that are non-political, such as business competitors and cyber criminals.
4. Formal entities that are political, such as terrorist groups, nation-states, and hacktivists.
5. Intelligence or information gatherers.
6. Technology, such as free-running bots and artificial intelligence.

To properly identify and protect against risks, it is important to conduct a risk assessment. This process involves identifying, estimating, and prioritizing risks to an organization’s operations, assets, individuals, other organizations, and even the nation. The goal of risk assessment is to align the identified risks with the company’s goals and priorities. Common risk assessment activities include identifying the risk of fire to a building or data breach to a company’s valuable or sensitive information.

In conclusion, understanding threat actors and conducting risk assessments are crucial steps in protecting against cybersecurity threats. I will be continuing this conversation in the coming weeks, so stay tuned for more information on this topic. Happy reading!