Jjjjjjjjjjjjjjjjjjj 1

Threats, Vulnerabilities, and Impact

Student Name

Institutional Affiliation

Course

Professor’s Name

Submission Date

A threat can be any event occurrence of a circumstance that causes losses; security details

of any organization, once breached, can lead to its vulnerability. Information systems in many
 2

organizations may be affected by different types of threats that can cause damages. The security

breach can be seen when there is a breach of confidentiality, Integrity, or data availability in any

organization or workstation. Breach of the three leads to losses. These threats to organizations

may be classified into two categories; external and internal. (J. Tang et al. 2012)

Internal threats occur due to overdue unauthorized access to an organization's network

using a server or physical contact with the network. Consequently, internal threats and

vulnerabilities are inside jobs by organizational employers or any failed process by the

organization. Internal threats include hacking, sabotage, data loss. (Gordon L. A et al. 2006).

External threats result from organizations or individuals outside the organization; these

threats do not direct link to the organization's data and information. This external threat can be

natural disasters like floods and fires, connected networks, partner networks, and unauthorized

physical intrusion.

Threats have actors that makes the threat possible; human threats involve outsiders and

hackers whose main aim is to obtain information from the organization, environmental threats

are non-human and are usually natural disasters like floods and fires causing destructions, and

technical threats which occur as a result of chemical and physical processes, this may include

gaining illegal entry into restricted areas such as rooms, damage of software or hardware.

Data and management of data can be done through Integrity, confidentiality, and

availability. However, Integrity is the best management technique in the organization; Integrity

can deal with internal threats such as unauthorized access to data and information, hacking, and

malicious sharing of data to individuals outside the organization; hence data security will be

ensured.
 3

In conclusion, information security is a significant problem affecting organizations; this

is because of financial losses; any organization should be able to determine any existing threats

and be able to source measures that can help curb as well as prevent data and information losses

and access, this can be done through backups, enhanced software,

REFERENCES

Chidambaram V. (2004). Threat modeling Microsoft Press.

 4

Gordon L.A et al. (2006). CSI/FBI Computer Crime and security survey. 11th Annual CSI/FBI

Computer Crime and security survey.

J. Tang et al. (2012). A scalable architecture for classifying Network Security Threats. Science

and Technology on Information System Security Laboratory.

Kropp, T. (2006). System threats and vulnerabilities [power system protection]. IEEE Power and

Energy Magazine, 4(2), 46-50.

Lindqvist U, Johnson E. (1997). How to systematically classify computer security intrusion.

IEEE Symposiums on security and privacy, 154-163

Onwubiko, C., & Lenaghan, A. P. (2007, May). Managing security threats and vulnerabilities for

small to medium enterprise. In 2007 IEEE intelligence and security informatics (pp. 244-

249). IEE

Purton, L., Abbaa, H., & Alams, S. (2010). Identification of ADS-B system vulnerabilities and

threats. In Australian Transport Research Forum, Canberra (pp., 1-16)

Skopik, F., Ma, Z., Bleier, T., & Gruineis, H. (2012). A survey on threats and vulnerabilities in

smart meeting infrastructures. International Journal of Smart Grid and Clean Energy,

1(1), 22-28.