{"id":350,"date":"2024-03-12T06:41:42","date_gmt":"2024-03-12T06:41:42","guid":{"rendered":"https:\/\/cyberwissen.io\/pt\/solution\/incident-response-copy\/"},"modified":"2024-03-22T02:19:13","modified_gmt":"2024-03-22T02:19:13","slug":"vulnerability-risk-assessment","status":"publish","type":"solution","link":"https:\/\/cyberwissen.io\/pt\/solution\/vulnerability-risk-assessment\/","title":{"rendered":"Vulnerability Risk Assessment"},"content":{"rendered":"<section id=\"\" class=\"\">\n<div class=\"vGap15\"><\/div>\n<div class=\"container\">\n<div class=\"row\">\n<div class=\"col-lg-8 col-xs-12  text-left\">\n<h4 class=\"primary uppercase\"> THE RISK ASSESSMENT PROCESS<\/h4>\n<h3 class=\"  \"> <\/h3>\n<p class=\"xl\">\n<\/div><\/div>\n<div class=\"vGap25\"><\/div>\n<div class=\"row \">\n<div class=\"col-lg-4 col-xs-12 \">\n<div class=\"howItWorksTile \">\n<div class=\"content\">\n          <img data-opt-id=350874442  fetchpriority=\"high\" decoding=\"async\" src=\"https:\/\/mlwdwcp8ntog.i.optimole.com\/w:auto\/h:auto\/q:mauto\/ig:avif\/https:\/\/cyberwissen.io\/pt\/wp-content\/uploads\/sites\/17\/2024\/03\/icon_vulnerability_blue.svg\" \/><\/p>\n<div class=\"vGap10\"><\/div>\n<h4 class=\"capitalcase\">Determine Likelihood of  Exploitation<\/h4>\n<p><p>Assess the likelihood of each threat exploiting the vulnerabilities identified in the previous steps. Consider factors like the current security measures in place, historical incidents, and external threat intelligence<\/p>\n<p>\n<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"col-lg-4 col-xs-12 \">\n<div class=\"howItWorksTile \">\n<div class=\"content\">\n          <img data-opt-id=955851705  fetchpriority=\"high\" decoding=\"async\" src=\"https:\/\/mlwdwcp8ntog.i.optimole.com\/w:auto\/h:auto\/q:mauto\/ig:avif\/https:\/\/cyberwissen.io\/pt\/wp-content\/uploads\/sites\/17\/2024\/03\/icon_managed-security_blue.svg\" \/><\/p>\n<div class=\"vGap10\"><\/div>\n<h4 class=\"capitalcase\">Evaluate Exploitation  Probability<\/h4>\n<p><p>Combine the information gathered in the previous steps to calculate the risk level for each potential threat-vulnerability pair. This ismusually done using a risk matrix, where the risk is classified as low, medium, or high, based on the impact and likelihood scores.<\/p>\n<p>\n<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"col-lg-4 col-xs-12 \">\n<div class=\"howItWorksTile \">\n<div class=\"content\">\n          <img data-opt-id=475884128  data-opt-src=\"https:\/\/mlwdwcp8ntog.i.optimole.com\/w:auto\/h:auto\/q:mauto\/ig:avif\/https:\/\/cyberwissen.io\/pt\/wp-content\/uploads\/sites\/17\/2024\/03\/icon_risk-assessment_blue.svg\"  class=\"optimole-lazy-only \"  decoding=\"async\" src=\"data:image/svg+xml,%3Csvg%20viewBox%3D%220%200%20100%%20100%%22%20width%3D%22100%%22%20height%3D%22100%%22%20xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%3E%3Crect%20width%3D%22100%%22%20height%3D%22100%%22%20fill%3D%22transparent%22%2F%3E%3C%2Fsvg%3E\" \/><\/p>\n<div class=\"vGap10\"><\/div>\n<h4 class=\"capitalcase\">Tools and Technologies for Risk Assessment<\/h4>\n<p><p>Vulnerability Scanning Tools: Vulnerability scanning tools are automated software that scan networks, systems, and applications to identify known vulnerabilities.<\/p>\n<p>\n<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"vGap15\"><\/div>\n<\/div>\n<\/section>\n \n<section class=\"\">\n    <div class=\"vGap15\"><\/div>\n<div class=\"container\">\n<div class=\"row justify-content-center\">\n  \n\n\n<div class=\"col-lg-6 col-xs-12 text-left\"> \n<div class=\"padR50\">\n\n  \n         \n      \n           <h4 class=\"blue\">Identify Threats and Vulnerabilities<\/h4>\n\n         \n        \n   <div class=\"white\">   \n   <p>This is the foundational level necessary for cybersecurity teams to function adequately within their country and collaborate globally. It establishes a basic degree of maturity, requiring teams to have a solid foundation in mandate, constituency, authority, and a functional incident handling process. Parameters are set at a level suitable for foundational maturity.<\/p><br \/>\n   \n   \n \n\n \n       \n       \n         \n   \n    \n    \n   \n   <\/div>\n  \n   <div class=\"vGap25\"><\/div>\n      \n      \n\n  \n      \n           <h4 class=\"blue\">Assess Potential Impact<\/h4>\n\n         \n        \n   <div class=\"white\">   \n   <p>Determine the potential impact that each identified threat could have on your organization if it successfully exploits a vulnerability. Impact assessment involves evaluating the severity of consequences, such as financial losses, data breaches, system downtime, legal implications, and damage to reputation.<\/p><br \/>\n   \n   \n \n\n \n       \n       \n         \n   \n    \n    \n   \n   <\/div>\n  \n   <div class=\"vGap25\"><\/div>\n      \n      \n\n   \n \n<\/ul>\n<\/div>\n\n<\/div>\n\n   <div class=\"col-lg-6 col-xs-12 text-left\"> \n<div class=\"padL50\">\n\n  \n         \n        \n       \n   <div class=\"white\">\n   \n      \n   \n   \n \n  \n\n   \n    \n    \n   \n   <\/div>\n  \n\n      \n      \n\n  \n             <h4 class=\"blue\">RISK ASSESSMENT FRAMEWORKS<\/h4>\n\n       \n   <div class=\"white\">\n   \n   <p>CyberWissen makes sure that we are conducting the risk assessment according to pre-defined standards and frameworks<\/p><br \/>\n   \n   \n   \n \n  \n\n   \n    \n    \n   \n   <\/div>\n  \n\n      \n      \n\n  \n        \n       \n   <div class=\"white\">\n   \n      \n   \n   \n \n      \n    <ul class=\"iconList\">\n\n         \n        <li> <img data-opt-id=1086443471  data-opt-src=\"https:\/\/mlwdwcp8ntog.i.optimole.com\/w:auto\/h:auto\/q:mauto\/ig:avif\/https:\/\/cyberwissen.io\/pt\/wp-content\/uploads\/sites\/17\/2024\/03\/icon_security_blue.svg\"  decoding=\"async\" src=\"data:image/svg+xml,%3Csvg%20viewBox%3D%220%200%20100%%20100%%22%20width%3D%22100%%22%20height%3D%22100%%22%20xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%3E%3Crect%20width%3D%22100%%22%20height%3D%22100%%22%20fill%3D%22transparent%22%2F%3E%3C%2Fsvg%3E\" class=\"optimole-lazy-only  icon\"\/> NIST Cybersecurity Framework   <\/li>\n        \n          \n        <li> <img data-opt-id=146091686  data-opt-src=\"https:\/\/mlwdwcp8ntog.i.optimole.com\/w:auto\/h:auto\/q:mauto\/ig:avif\/https:\/\/cyberwissen.io\/pt\/wp-content\/uploads\/sites\/17\/2024\/03\/icon_security-2_blue.svg\"  decoding=\"async\" src=\"data:image/svg+xml,%3Csvg%20viewBox%3D%220%200%20100%%20100%%22%20width%3D%22100%%22%20height%3D%22100%%22%20xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%3E%3Crect%20width%3D%22100%%22%20height%3D%22100%%22%20fill%3D%22transparent%22%2F%3E%3C%2Fsvg%3E\" class=\"optimole-lazy-only  icon\"\/> ISO\/IEC 27001  <\/li>\n        \n          \n        <li> <img data-opt-id=1043530594  data-opt-src=\"https:\/\/mlwdwcp8ntog.i.optimole.com\/w:auto\/h:auto\/q:mauto\/ig:avif\/https:\/\/cyberwissen.io\/pt\/wp-content\/uploads\/sites\/17\/2024\/03\/icon_security-4_blue.svg\"  decoding=\"async\" src=\"data:image/svg+xml,%3Csvg%20viewBox%3D%220%200%20100%%20100%%22%20width%3D%22100%%22%20height%3D%22100%%22%20xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%3E%3Crect%20width%3D%22100%%22%20height%3D%22100%%22%20fill%3D%22transparent%22%2F%3E%3C%2Fsvg%3E\" class=\"optimole-lazy-only  icon\"\/>  CIS Critical Security Controls   <\/li>\n        \n          \n        <li> <img data-opt-id=1165793058  data-opt-src=\"https:\/\/mlwdwcp8ntog.i.optimole.com\/w:auto\/h:auto\/q:mauto\/ig:avif\/https:\/\/cyberwissen.io\/pt\/wp-content\/uploads\/sites\/17\/2024\/03\/icon_it-security_blue.svg\"  decoding=\"async\" src=\"data:image/svg+xml,%3Csvg%20viewBox%3D%220%200%20100%%20100%%22%20width%3D%22100%%22%20height%3D%22100%%22%20xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%3E%3Crect%20width%3D%22100%%22%20height%3D%22100%%22%20fill%3D%22transparent%22%2F%3E%3C%2Fsvg%3E\" class=\"optimole-lazy-only  icon\"\/> COBIT (Control Objectives for Information and Related Technologies)<\/li>\n        \n           <\/ul>\n\n\n   \n    \n    \n   \n   <\/div>\n  \n\n      \n      \n\n   \n \n<\/ul>\n\n <\/div>\n<\/div>\n  \n \n<\/div>\n    <div class=\"vGap15\"><\/div>\n<\/section>\n","protected":false},"excerpt":{"rendered":"<p>It involves the processes, procedures, and tools used to detect, analyse, contain, mitigate, and recover from security breaches or incidents to minimise their impact on the organisation\u2019s operations and data.<\/p>\n","protected":false},"featured_media":2728,"template":"","meta":{"inline_featured_image":false},"class_list":["post-350","solution","type-solution","status-publish","has-post-thumbnail","hentry"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cyberwissen.io\/pt\/wp-json\/wp\/v2\/solution\/350","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyberwissen.io\/pt\/wp-json\/wp\/v2\/solution"}],"about":[{"href":"https:\/\/cyberwissen.io\/pt\/wp-json\/wp\/v2\/types\/solution"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberwissen.io\/pt\/wp-json\/wp\/v2\/media\/2728"}],"wp:attachment":[{"href":"https:\/\/cyberwissen.io\/pt\/wp-json\/wp\/v2\/media?parent=350"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}