BU415 Chapter Notes - Chapter 13: It Risk Management, It Risk, Threat Assessment

Information systems security (cybersecurity) set of defences an organization puts in place to mitigate threats to its technology infrastructure and digital assets. It risk management process by which the firm attempts to identify and measure information systems security risks and to devise the optimal mitigation strategy: objective: to devise the optimal risk mitigation strategy. Cyber security is an area that has increased in importance along with the widespread adoption of it and even more so with the development and growth of networks. As computer systems are increasingly underpinning the infrastructure of developed economies, they become legitimate targets of terrorism threats. Cybersecurity should be on managers radar screens because it runs the risk of leaving it underfunded unless managers get directly involved with the threat assessment and mitigation process. Amazon loses revenue by the minute: risk of denial of service attack is very tangible one, audit will: provides the basis for risk analysis and expose vulnerabilities.