When is a threat present?
A threat is any potential event, the occurrence of which leads to perceptible damage. As a rule, IT systems are affected by threats that directly affect the IT systems or arise through interaction with these systems (for example, through cyber attacks). In order to be able to recognise possible threat situations of a company, the possible threats must be evaluated. In doing so, the following questions must be answered: Which threats are relevant for the IT systems of the company or the industry? The evaluation can be carried out with the help of workshops.
Definition of protection goals
Protection goals are generally understood to be the requirements that a system must meet in order to protect assets. The classic protection goals of IT security are confidentiality, integrity and availability. The resilience of systems complements the classic protection goal of availability.
Vulnerability Risk Analysis
The evaluated threat must also be assessed. For this purpose, a probability of occurrence and thus a risk is added to the result. So that the risks can be classified and controlled.
The question of which risk has which impact on the company must be recorded in this procedural point. The classification is best done in a table.
Definition of measures
For each identified risk, a suitable measure to protect data security and data protection is resolved. The measures can be divided into three categories:
- Prevention, e.g. through data carrier checks and staff awareness training.
- Detection, e.g.: by evaluating log files for attacks and monitoring the servers (in real time).
- Reaction, e.g.: through response/response plan as part of the emergency plan and recovery, restart plans
Maintenance of measures during ongoing operations
Finally, the knowledge gained from the analyses and defined measures must be integrated into the company’s overall system in a sustainable manner.