In this video, learn about the likelihood of threats occurring based on the motivation of the threat actors, the source, the annualized rate of occurrence, ARO, and through trend analysis.
- [Instructor] The likelihood of a threat is a measure…of the probability that a particular risk…will be realized and impact the organization.…As we've discussed, there are numerous…vulnerabilities and threats, but not all of them…will cause an impact to your organization.…For each of them, the potential for loss must be considered…and the probability of this loss occurring…is called the likelihood of a threat.…The likelihood of a threat is influenced by various factors.…For example, your organization's geographic location…will influence the likelihood of a particular…natural disaster from occurring,…like an earthquake or a hurricane.…
Other organizational factors,…like the type of technology used and the security posture…will affect the risks that are introduced by humans.…Threat likelihood levels are usually categorized…as high, moderate, and low.…The likelihood is determined by considering…the motivation, the source,…the annualized rate of occurrence, and trend analysis.…Motivation is what causes somebody to act.…
Author
Jason Dion
Released
4/5/2018We are a CompTIA Content Publishing Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Risk mitigation strategies and controls
- Data security classification
- Extreme scenario and worst-case scenario planning
- Risk management of new products, technologies, and user behaviors
- Business models and strategies
- Third-party outsourcing and security
- Integrating diverse industries
- Security, privacy policies, and procedures in risk management
- Metrics collection and analysis
- Analyzing security solutions
Skill Level Advanced
Duration
Views
-
Introduction
-
Welcome1m 11s
-
What you should know1m 10s
-
About the exam1m 43s
-
Risk management fundamentals3m 39s
-
-
1. Risk Mitigation Strategies and Controls (Obj. 1.3)
-
The CIA triad3m 45s
-
Data security classification2m 40s
-
Access control categories2m 34s
-
Access control types2m 1s
-
The aggregate CIA score3m 23s
-
Risk determination2m 4s
-
Magnitude of impact3m 13s
-
Likelihood of threat2m 48s
-
Return on investment5m 5s
-
Total cost of ownership1m 43s
-
Risk management strategies2m 51s
-
Risk management process4m 2s
-
IT governance4m 45s
-
-
2. Business and Industry Influences and Associated Security Risks (Obj. 1.1)
-
Partnerships1m 10s
-
Outsourcing1m 55s
-
Cloud2m 20s
-
De-perimeterization3m 38s
-
3. Security, Privacy Policies, and Procedures in Risk Management (Obj. 1.2)
-
Business Impact Analysis5m 19s
-
Memorandum of Understanding1m 27s
-
Non-Disclosure Agreement1m 3s
-
Master service agreement1m 1s
-
Privacy considerations1m 39s
-
Separation of duties1m 52s
-
Least privilege1m 50s
-
Incident response4m 57s
-
Digital forensics1m 47s
-
Continuous monitoring1m 32s
-
User training and awareness2m 30s
-
4. Measurements and Metrics in Risk Management (Obj. 1.4)
-
Benchmarks and baselines1m 42s
-
Cost benefit analysis1m 12s
-
Reviewing security controls1m 25s
-
-
Conclusion
-
Next steps1m
-
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.
CancelTake notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Likelihood of threat