lightework design

Category: ethics

  • Why Organizations Use Risk Management Frameworks

    Organizations want to implement a risk management framework for the same reason that they would want to have insurance coverage or a security system. There are many different types of risks for which an organization can be liable, including hazard risk, financial risk, operational risk, and strategic risk. A risk management framework can provide a structured way to assess, organize, prioritize, and control risk, providing structured processes and contextual insight to organizations.

    The benefits of implementing a risk management framework include the ability to make more informed decisions, reduce costs by reducing the likelihood of incidents, and understand the potential threats that can affect the organization. A risk management framework can give an organization an advantage due to being designed to address regulatory compliance within the specific industry, as well as provide stakeholders with additional confidence and understanding of risk tolerance.

    The downsides of implementing a risk management framework include the need for an organization to interact with a high level of complexity, which also require large amounts of resources to be properly managed. Convincing an organization to adopt a risk management framework can be difficult to provide an accurate figure of return on investment that would clearly outweigh the difficulty and resource cost of adopting the framework.

    References

    Marker, Andy. (2021). Enterprise Risk Management Frameworks and Models. Smartsheet. https://www.smartsheet.com/content/enterprise-risk-management-framework-model

  • Which Technology Poses the Greatest Cybersecurity Risk?

    The internet of things (IoT), blockchain technology, artificial intelligence, and quantum computing all present risks to the future of internet security; however, I believe that the internet of things poses the largest security risk by unnecessarily connecting countless additional devices to a global network.

    The potential convenience of knowing how much coffee is left in the coffeepot inspired computer technologists at the University of Cambridge to develop the first web cam application which monitored the coffee levels in the breakroom with low-framerate, grayscale video (Kesby, 2012). Thirty years after this first coffee pot monitoring system went online in 1993, we now have a wide variety of internet-enabled devices that serve countless purposes, but which collectively grow the attack surface of its parent networks.

    Not only does each different model of IoT device have its own set of vulnerabilities that attackers could exploit, but compromised IoT devices could also be used in a botnet to perform distributed denial of service (DDoS) attacks (Abbass et al., 2019).

    Security for internet of things devices is still in its infancy, and standards will likely be developed soon which will lower the overall security risk of integrating IoT devices within a network. However, for the present, most IoT devices do not even allow users to reset the default login credentials of the device which represents a near complete lack of security embedded in an internet-enabled device (Evans, 2019).

    References

    Abbass, W., Bakraouy, Z., Baina, A., Bellafkih, M. (2019). Assessing the Internet of Things Security Risks.  Journal of Communications Vol. 14, No. 10.http://www.jocm.us/uploadfile/2019/0909/20190909054049213.pdf

    Evans, A. (2019). Managing Cyber Risk. Taylor & Francis. https://online.vitalsource.com/books/9780429614262

    Kesby, R. (2012). How the world’s first webcam made a coffee pot famous.  BBC World Service. https://www.bbc.com/news/technology-20439301