Page 30 - CITP Review
P. 30

Cybersecurity risk management



            One of the most important issues facing CITPs today is cybersecurity risk management. Information
            systems are vulnerable to exploits, criminal activity, software and hardware security holes, and simple
            poor planning or a lack of proper controls. These threats will not be going away and are likely to become
            more pervasive and more problematic in the coming years. Organizations will need to assess their level
            of risk and take steps to mitigate it as effectively as possible. The first step is understanding what
            cybersecurity threats actually are.




            Cybersecurity threats


            A cybersecurity threat is anything that can have a negative impact on the organization, its assets, or its
            operations via an information system. Such threats can be in the form of circumstances (such as a weak
            control) or an event (such as a purposeful security breach), and they can result in the destruction or
            alteration of information, unauthorized or inappropriate access, disclosure of sensitive information, or
            outright denial of service.


            Primary types of cyber adversaries

            Cyber adversaries are individuals, groups, organizations, or governments that conduct or have the intent
            to conduct detrimental activities. In order to identify the cyber adversaries, an organization must identify
            the threat events that could affect them. A threat event is an event or situation that can cause
                                                               12
            undesirable consequences or have a negative impact.  By identifying the threat events, an organization
            can then determine which types of cyber adversaries present a risk.

                                                               13
            The primary types of cyber adversaries are as follows:
              Hacktivist. Hacktivists form a small, foreign population of politically active hackers that includes
               individuals and groups with anti-U.S. motives. They pose a medium-level threat of carrying out an
               isolated but damaging attack. Most international hacktivist groups appear bent on propaganda rather
               than damage to critical infrastructures. Their goal is to support their political agenda. Their subgoals
               are propaganda and causing damage to achieve notoriety for their cause.
              Nation states. A sovereign state in which the vast majority of citizens or subjects maintain common
               factors such as language or culture.
              Cybercriminals. People who engage in criminal activity by means of computers or the internet.
              Insider threat. An insider with authorized access to a network or system who could, purposely or
               unknowingly, harm or damage that network or system through the alteration, destruction, or
               disclosure of data.
              Competitor. A person, company, team or entity that competes against another entity or person.





            12
              See https://csrc.nist.gov/glossary/term/Threat-Event, accessed June 20, 2018.
            13  See https://ics-cert.us-cert.gov/content/cyber-threat-source-descriptions, accessed June 20, 2019.


            © 2019 Association of International Certified Professional Accountants. All rights reserved.    1-22
   25   26   27   28   29   30   31   32   33   34   35