From the course: CCSP Cert Prep: 6 Legal, Risk, and Compliance Audio Review
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Risk assessment
From the course: CCSP Cert Prep: 6 Legal, Risk, and Compliance Audio Review
Risk assessment
- [Instructor] In chapter one, I covered risk assessment. Everything we do as cybersecurity professionals is focused on managing risk, and this is definitely true in the cloud. To discuss risk, we need to have some basic terminology down. First, a threat is any external force that jeopardizes security. This could be a naturally occurring event such as a hurricane or a human adversary such as a hacker. A vulnerability is a weakness in our own environment that exposes us to a threat. This might be a poorly written firewall rule, a missing patch, or something else that presents an opening for an attack. And then a risk is the combination of a threat and a corresponding vulnerability. We need both of those elements, a threat and a vulnerability, to have a risk. When we encounter risks, we evaluate them based upon two critical factors. First, the likelihood that they will occur and then second, the impact on our business…
Contents
-
-
-
(Locked)
Risk assessment3m 6s
-
(Locked)
Risk assessment Q&A2m 7s
-
(Locked)
Risk management2m 41s
-
(Locked)
Risk management Q&A1m 34s
-
(Locked)
Supply chain risk2m 32s
-
(Locked)
Supply chain risk Q&A1m 54s
-
(Locked)
Cloud privacy and compliance2m 29s
-
(Locked)
Cloud privacy and compliance Q&A1m 17s
-
(Locked)
Security policies1m 56s
-
(Locked)
Security policies Q&A1m 42s
-
(Locked)
Security audits1m 52s
-
(Locked)
Security audits Q&A1m 7s
-
(Locked)
-