Posted: March 30th, 2022

Risk and Threat Assessment Report

Risk and Threat Assessment Report
Assignment Content

Your Smallville client has asked Gail Industries to investigate the exposure to external users doing transactions over the internet. As the Gail Industries IT manager, you must prepare the report for the executive leadership.

Review the Gail Industries Case Study.

Analyze risks and threats associated with operating systems, networks, and database systems.

Write a 4-page report for the top management, including a 1-page executive summary. Include the following in your report:

Risk and threats associated with conducting transactions over the internet
Threats related to operating systems, networks, and system software
Risk related to different database deployment models in a distributed environment

Note: You will address risk mitigation and provide recommendations in Week 4.

Format citations according to APA guidelines.

Risk and Threat Assessment Report
Organizations across the globe have their virtual transactions and operations, and with the proliferation of internet and computer risks and threats emanating from cybercriminals have increased, and thus there is need to identify and understand them in the interest of protecting transaction by way of preventing and handling cybercrimes and insecurities when they arise. Gail industries being a handler and manager of its client resources and transactions, have the responsibility of explaining the clients on the threats and risks associated with online transactions. Smallville, a partner of Gail industries, engages in virtual transactions across the globe, and thus they need to identify and understand risks and threats in the form of cybercrimes associated with online transactions (Aydos, Vural and Tekerek,2019 ). Gail industries need to evaluate, assess and inform the City of Smallville on the threats and risks associated with internet transactions, threats posed to technological aspects of system software networks and operations system and risk associated to different database deployment models to adopt the relevant measures, best practices and approaches to protect the internet and the related resources.
Executive summary
Gail industries have the responsibility of informing the City of Smallville on the risks and threats associated with networks and different internet resources in the interest of protecting the users and ensuring that the best practices are employed in maintaining safety. There is a wide range of advantages that accrue to cities and businesses that incorporate internet technology in their operation, but cybercrimes and insecurities derail the gains. The City of Smallville needs to incorporate internet technology into its operation while taking relevant internet protection and safety measures to ensure significant gains from internet resources. The City of Smallville needs to be aware of the risk associated with using the internet to incorporate relevant internet safety solutions. In this regard, some different risks and threats are associated with internet transactions. They include malware attacks designed to compromise transactions, Distributed Denial of Service to manipulate the system, and online fraud characterized by debit and credit cards. On the other hand, the system software, operating systems and internets are subjects to threats that include computer virus attacks to compromise the operation in the computer and network systems, adware and spyware attacks to illegally mine sensitive and confidential data from the system and botnets to manipulate the system. Finally, the different deployment models have risks associated with them, thus posing a risk to data. The risks associated with deployment models the application programming interfaces (API) being compromised, thus affecting cloud services, inappropriate encryption making data vulnerable and the limitless administration access feature of deployment model makes it impossible for the administrator to control access, thus making data vulnerable.
Internet risk and threats
The transactions done over the internet have different risks and threats that threaten them since they can lead too irredeemable losses and impacts on the client, and thus they should be identified and understood to prevent them. In this regard, a malware attack is a common type of attack on internet transactions (Abomhara, 2015). Malware software is designed by cybercriminals to gain access or damage the computer network. The malware software is injected in web pages through various SQL injection techniques, thus allowing a cybercriminal to fake identity, control networks and computers, tampering with databases, sending malicious emails, and gaining complete access data system at the expense of users. Consequently, distributed Denial of Service (DDoS) Attacks negatively affects internet transactions by making it difficult for users to access the system and services. DDoS attacks take the process of flooding the system with multiple untraceable IP addresses by manipulation the IoT devices making the system go offline, thus leaving it vulnerable to vicious attacks. Additionally, online transactions are subject to credit/debit card fraud, leading to clients’ loss of money. Fraud affects e-Commerce by enabling attackers or cybercriminals to hack users’ credit and debit cards to fraudulently access goods and services at genuine owners’ expense. The different threats and risks to the virtual transactions are barriers to eCommerce, and thus necessary countermeasures need to be adopted in security the system.
Threats associated with operating systems, networks, and system software
Internet and technological systems, programs and software are subject to threats that negatively affect the operations and transactions at the City of Smallville. Computer viruses contribute to cyber-security at the expense of owners or users. The computer viruses are software designed to spread from one system to another, compromising software, programs, networks and systems. The viruses are sent into the system being downloaded or email attachments, and they compromise operations through disabling of security settings, sending spams, and stealing and corrupting data in computers (Wang, Ali and Kelly, 2015). Moreover, adware and spyware affect the operating systems, software, and networks by allowing them to mine sensitive and confidential data from the system without the user’s knowledge. Adware and spyware contain keyloggers that record personal data such as email addresses, credit card numbers, and passwords that can be used to compromise the system at the users’ expense. More so, botnet attacks are one of the greatest threats on the internet. Botnets comprise powerful networks of compromised machines and can be virtually controlled to launch attacks on the software, systems and networks. The botnet initiates DDoS attacks to the point of overwhelming the victims to pay a ransom in exchange for getting back the control of the system.
Database deployment models risks
Database deployment models enable programmers and administrators to create database structures and deploy them in different databases, and thus they are at high risk from cybercriminals. In this regard, database deployment models stand at the risk of the (application programming interfaces) APIs being compromised (Ziglari and Yahya, 2016). The APIs are used in the management and interaction with cloud services, thus creating vulnerabilities that pose a risk to the existing database. Moreover, poor encryption of data in the database deployment model results in possible data breach risks. Database network interfaces are easily tracked by hackers when software security is poor, thus posing a risk to data. Additionally, limitless Administration Access aspect in the database deployment models possesses a risk to the system as it results in poor data protection. In this regard, the administrator cannot control access to the database, thus posing risks to data.
Conclusion
There is a wide range of risks and threats posed to internet and technological innovations used by organizations in conducting virtual and internet operations, and thus they need to be identified in the interest of safety. Internet risk and threats affect virtual transactions, thus introducing losses to users. Consequently, operating systems, networks, and system software are subject to risks and threats that introduce undue control of the system at the users’ expense. Finally, database deployment models are affected by risks and threats that expose data and make the entire system vulnerable to external attacks.
References
Abomhara, M. (2015). Cyber security and the internet of things: vulnerabilities, threats, intruders and attacks. Journal of Cyber Security and Mobility, 4(1), 65-88.
Aydos, M., Vural, Y., & Tekerek, A. (2019). Assessing risks and threats with layered approach to Internet of Things security. Measurement and Control, 52(5-6), 338-353.
Wang, P., Ali, A., & Kelly, W. (2015, August). Data security and threat modeling for smart city infrastructure. In 2015 International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC) (pp. 1-6). IEEE.
Ziglari, H., & Yahya, S. (2016, August). Deployment models: enhancing security in cloud computing environment. In 2016 22nd Asia-Pacific Conference on Communications (APCC) (pp. 204-209). IEEE.

Order | Check Discount

Tags: best assignment help websites in canada, best nursing paper writing service, buy psychology essay, Cheap Psychology Essay Writing Service, dissertation assignment help