Technological platforms should be systems created with accurate systems well defined to perform given tasks. The success of any system should be based on excellent protection from attacks from within and outside the company. However, despite the protection that the managers may try to instill to the company, there would be chances for more attack to the system. Therefore, there are exclusive needs to protect the system of an organization from excessive malicious attack. There is need for considering all necessary measures that could be useful in protecting the systems. All possible techniques need to be pursued. Every form of attack should be identified in terms of risk mitigation, acceptance, or risk avoidance. In addition, there should be proper control measures of the adopted techniques to deal with the risk. The identified malicious attacks are reconnaissance, access, and Denial of service,
Strategies of addressing the risks
There are unique methods useful in resolving attacks that may occur in a technological system. The methods of dealing with the risks highly depend on the uniqueness of the attack available at a time. In this case, a risk may be controlled through risk mitigation, risk assignment, risk acceptance, or risk avoidance.
Reconnaissance
It is the unpermitted discovery as well as mapping of systems, vulnerabilities, or services. It may also be referred to as information gathering. This form of attack usually precedes an actual access attack.
The most outstanding technique of resolving this form of attack is risk mitigation. The activities that occur through this attack may be resolved through a clear process of reducing the risks or the probability of occurrence of a given activity to enhance the risk. The problem must be clearly understood by the management in the bid to execute a reliable solution to the problem. It would be wise for the management to accept the availability of this problem for a solid solution to be found (Desilva & Boppana, 2005).
Access
The most outstanding technique of addressing this risk is through risk assignment. This method needs the company to recognize a problem as one that may affect the entire system. This is the ability to detect the excessive effect of the method to the entire system of a company. Risks associated to access of the system of the company require the assignment strategy to resolve (Desilva & Boppana, 2005). There is exclusive need to identify the available challenges to the success of the system and indentify the most outstanding solutions to the system.
Denial of service
This form of attack is usually difficult to eliminate and they require exclusive measures and abilities to be put in place. Following the inability to resolve these problems as fast as they occur, risk acceptance would be a significant strategy to deal with the risk. Some problems in the network may not have direct or massive impact to the operations of the system (Desilva & Boppana, 2005). Therefore, they should be accepted and handled as the processes of the company continue.
Methods of controlling the risks
One of the major risks of reconnaissance is eavesdropping. This is a method useful in gathering information, as well as theft of information. This mainly occurs when the intruders can easily identify with passwords and s of a system. However, it may be extremely easy to resolve this problem if proper methods were employed. For the system to remain relevant of well protected from reconnaissance attacks, the company should hire reliable network analyzers who will help in identifying the potential opportunities for reconnaissance. Also, there must be complete removal of packet capturing utilities present on networked computers. In addition, switched networks would be excellent methods of ensuring reconnaissance do not occur on the available network (Intaver, 2013).
Access is an extremely sensitive form of attack to the system of a company. Therefore, it requires exclusive measures to deal with. The most outstanding strategy to deal with this form of attack is detective technique. This technique ensures that issues that occur within the system without accurate knowledge of the network managers and developers should be detected with exclusive ease (Kosut, Jia, Thomas, & Tong, 2010). Detection will call for fast solution to the problem at stake.
Denial of service is equally a dangerous form of attack of attack to the system of a company. Since they are extremely easy to occur and difficult to eliminate they require excessive concentration or keenness of the administration. Therefore, the form of attack requires administrative solutions (Kosut, Jia, Thomas, & Tong, 2010).
Importance of risk management, control identification and selection process
It is vital to note that risks are unavoidable in any organization. It is not possible to have an organization that runs freely without the elements of risks. There will always be the platforms that expose the organization to excessive risks. Therefore, there is exclusive need for risk management. Also, whenever a risk occurs it would be wise to fashion excellent ways that would help in controlling the challenges of the risks. This is mainly done through use of control identification techniques. It is critical to understand that not all problems are solved in similar manners. Each risk in a system is unique and it requires exclusive measures. Therefore, there must be proper method of selecting the most outstanding technique to employ. The selection of the most outstanding method occurs through reliable selection process (Intaver, 2013).
Executive summary
Strategies and recommendations
The most crucial point in the bid to eliminate issues within a system is to understand that risks will always be there. Despite the accuracy of the system, risks will always be present. However, the CIO should not remain worried of the risks that surround certain system. Instead, they should dig into the system and identify the potential causes of the risks identifiable within the system. With this knowledge, it will be easy to resolve the risks.
The CIO should hire an expert who will be in charge of the overall operations of a system. This individual should be responsible of key elements of the system such as the maintenance of s and passwords. The expert must be a person with accurate knowledge of the entire system and he or she can identify the points at which the system may depict risks.
The risks identifiable within the network must be executable with massive efforts and abilities. The company should have clear outline of the common forms of attacks to the system and their control measures. Any measure taken to control the occurrence of a given problem should be a method that has been proven successful in another process or the hired expert has proper knowledge of the significance of the identified risk control method.
In addition, there should be proper maintenance of records concerning the risks that the company experiences. It may be noted that some problems are likely to occur more than once. Recurrent problems are easy to resolve since previous techniques may be used. Moreover, such information would assist in coming up with the most accurate or excellent methods of filling in the probable loopholes that may allow risks into a system.
References
Desilva, S., & Boppana, R. V. (2005, March). Mitigating malicious control packet floods in ad hoc networks. In Wireless Communications and Networking Conference, 2005 IEEE (Vol. 4, pp. 2112-2117). IEEE.
Intaver. (2013). Managing Risk Assignments. Managing Risk Assignments. Retrieved June 1, 2014, from http://www.intaver.com/Help3/RP3_HelpLite_
Kosut, O., Jia, L., Thomas, R. J., & Tong, L. (2010, October). Malicious data attacks on smart grid state estimation: Attack strategies and countermeasures. In Smart Grid Communications (SmartGridComm), 2010 First IEEE International Conference on (pp. 220-225). IEEE.
