Identifying Potential Malicious Attacks, Threats, and Vulnerabilities, you were recently hired as an Information Security Engineer for a videogame development company. After viewing a growing number of reports detailing malicious activity, the CIO requested you identify and draft a report identifying potential malicious attacks, threats, and vulnerabilities specific to your organization. He asked you to include a brief explanation of each item and the potential impact it could have on the organization. After review of your report, the CIO requests that you develop a follow-up plan developing a strategy for dealing with all risks (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance) identified in
Problem: Further, your plan should identify controls (i.e., administrative, preventative, detective, and corrective) that will be used to mitigate each risk previously identified.
Write a four to five (4-5) page paper in which you:
1. For each malicious attack and threat identified in above, choose a strategy for dealing with the risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance).
2. For each malicious attack and threat identified in above, develop controls (i.e., administrative, preventative, detective, and corrective) that will be used to mitigate each risk.
3. For each vulnerability identified in above, choose a strategy for dealing with the risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance).
4. For each vulnerability identified in above, develop controls (i.e., administrative, preventative, detective, and corrective) that will be used to mitigate each risk.