Turning Your Risk Assessment Into a Risk Mitigation Plan, Essay Example

This article discusses the creation of a risk mitigation plan. It discusses the implementation of the approved countermeasures used. The first section of the article provides analysis of assessing risks for IT infrastructure. The author states that one’s an approval of the risk assessment has been done, countermeasures are done appropriately. There are three types of countermeasures namely in-place countermeasures, planned countermeasures, and approved countermeasures. The three types of countermeasures each play an important specific role or objective that is different from the other two. This is the reason why it is important to check if there is an overlap in countermeasures when approving the plans(Bante, 2013). Notably, overlap may be either accidental or purposeful. Overlap may sometimes be intentional to ensure that one countermeasure resolves more than one risk. An accidental overlap, on the other hand, takes place when more than one countermeasureis used in mitigating the same type of risk when the overlap is not planned. One should be aware of the overlap to avoid possible errors. In case of an accidental overlapping of countermeasures, it is important to check for the conflicts to avoid further problems with the issue(Gibson, 2011). The next paragraph of this paper discusses a case study of an attack.

The example provided is entitled “Attacks ignored for a full weekend.”  It is about a large network operations center with many countermeasures instilled to detect various attacks. The roles of the countermeasures as normal in many cases, was to facilitate the provision of notifications to many network operations on an output device like a monitor. A potential attack was revealed by the IDS. The article reveals some of the effects of multiple attacks and the necessity of countermeasures. The attacker seemed to be very genius creating several false attacks prior to a single real attack, which obviously would be ignored and considered false by the site administrator. The administrator gave each of the alerts by the IDS less attention believing that all were false as before(Gibson, 2011). It was just luck that attacks were never took the system down. In other words, the case accentuates the need to ensure proper minimization of false alerts to avoid further confusion and consequential attacks. Reduction of false alerts is termed as tuning of the IDS. With no tuning, personnel are likely to dismiss the attacks even without carrying out further investigation on it. In essence, the author’s main intention of this case is to illustrate the need for overlapping countermeasures(Bante, 2013). As long as the administrator is keen enough to prevent the conflict of one countermeasure with another, security of a system remains at its maximum.

Identification of countermeasures is a process that should be considered well. It involves mitigation of risks. Risk mitigation involves creation of counter-measurements. Some of the options of the risks countermeasures appropriate in cases like the aforementioned one are creation of account management policy, creation of script to check on the usage of the account, and countermeasure of physical access to various employee areas or stations(Gibson, 2011). Other considerations that should be taken in place in terms of security include password history and complexity, which means the mixture of characters. Prioritization of countermeasures is important as it enables the administrator to use the appropriate countermeasure in handling a particular risk. A follow up of the risk mitigation plan should take place to ensure that the countermeasures are implemented.

References

Bante, C. (2013). Relationship between Firewalls and Protection against DDoS. Ecommerce Wisdom. Retrieved 2013-05-24.

Gibson, D. (2011). Managing Risk in Information Systems. New York: Paperback.