Risk Assessment Essay For CONVXYZ: Cybersecurity Vulnerabilities And Hazards.

This work entails designing, completing, and documenting a risk assessment for CONVXYZ, a conveyancing and estate business in the United Kingdom. Cyber-attacks have caused business losses due to system failures, data theft, data alteration, deletion, destruction, and recent harmful conveyancing scams. Following such cyber-attacks, it is only natural for the corporation to scan its network architecture and perform a thorough hazard assessment. There are some faults in its current network architecture, which must severely evaluate the vulnerabilities that hackers exploit. Risk assessment should be based on specific standards as it provides a framework and recommendations for examining and evaluating online security threats and hazards. ISO / IEC 27005: 2018 Risk management data is one of the gold standards for risk assessment. They can apply this standard to all corporate IT network services, such as CONVXYZ, transfer services and locations in the United Kingdom. The ISO27k standard is securely regulated, which means that businesses must support risk assessments and urger the companies to analyze risk in their data. Based on the bar, the assumption is that firms' knowledge, rather than their infrastructure, should be assessed to prepare for trouble through practical application and management (Shirazi & Kazemi, 2020).

To apply the principles of ISO27k standards, it is necessary first to understand the organization's context. The standard states that establishing a risk management context is essential. The company used an IT network infrastructure that included other PCs utilizing an estate agent and attorney, an employee database, which is a database of its employees, a client-server and an asset database server, which is its employees' database server. Its customers and vendors, a verification confirmation server (usernames and passwords) for both customers and employees (attorneys and real estate agents), and a separate mail server. In addition, the company maintains a web server where they host customers. External users access the company's infrastructure via their browsers and, as a result, enter the company's infrastructure over the Internet, which a firewall protects. These users evaluate the real estate information available, and some of them even register so that they can communicate with the workers (Shirazi & Kazemi, 2020). A router serves as a gateway between internal and external networks, such as the Internet, whereas a network switch offers network connectivity and connects all IT resources.

There are flaws in the existing setup, such as the Internet, which can be a source of cyber-attacks. Many external users access business services like real estate information and network infrastructure installation (Shirazi & Kazemi, 2020).The infrastructure is quiet regarding any internal firewalls or internal filters that deploy the staff to block undesired access:

The network architecture of the CONVXYZ

After discovering the background, it is essential to note the purpose of this work, as outlined in the ISO Standard guidelines, for detecting information hazards, self-assessment, and developing a risk management strategy (Fikri et al., 2019). This research will focus on the information hazard posed by the absence of adequate solutions, such as a computer hardware or software firewall, as well as the built-in protection that users appear to give.

Purpose of the Work

The company's infrastructure is insecure, making it exposed to cyber-attacks. Multiple security events will probably occur due to a lack of suitable security tools and approaches, such as installing a firewall in the middle. A security occurrence occurs when the security of hardware, software, information, process, or organization is compromised or violated partially or entirely (Fikri et al., 2019). Therefore, a security incident can result from an error, an unforeseen negative consequence of a thoughtless/intentional change. Generally, they consider the following activities as a breach of security policy:

1. We are using systems to handle or store data without authorization.
2. Without the consent of the system owners, changes to the firmware, software, or hardware
3. The disruption of service.
4. Unauthorized access to a system

The System Owner was responsible for the information system's acquisition, upgrade, integration, modification, operation, maintenance, and termination.

Primary assets are:

1. Pcs
2. Mail server
3. Staff database
4. Customer and property database
5. Switches
6. Routers

The above-listed assets are primary because they contain sensitive data or can be used to access such information.

Secondary assets are: 

1. VPN tunnel.

The above-listed assets are secondary because they protect information and indirect access to information.

Threats to each asset

1. Pcs:
2. Mail server:
3. Staff database: Insider Threats, SQL/NoSQL Injection Attacks.
4. Customer and property database: Denial of Service (DoS/DDoS) Attacks, Exploitation of Database Software Vulnerabilities.
5. Switches: ARP Spoofing.
6. Routers: Unauthorized access, information theft.
7. Firewall: Outdated Firewall Software.
8. Internet:
9. VPN tunnel: man-in-the-middle attacks. 

vulnerability to each asset

1. Pcs: Virus Infection -CVE-2003-1443
2. Mail server: Malware attack -CVE-2006-5270
3. Staff database: Insider Threats - CVE-2021-40842
4. Customer and property database: Denial of Service (DoS/DDoS) Attacks- CVE-2017-13679
5. Switches: ARP Spoofing- CVE-1999-0667
6. Routers: Unauthorized access-CVE-2019-11988
7. Firewall: Vulnerability to Insider Attack- CVE-2021-27899
8. Internet: Botnets erorr-CVE-2007-2651
9. VPN tunnel: Man-in-the-middle attacks-CVE-2001-1473

Likelihood level computation, using Boston gird

Risk Scale: High (>50 to 100); Medium (>10 to 50); Low (1 to 10)

Risk Matrix Chart 

The company's Cyber ??Security Risk Assessment indicates that incidents are likely to increase. They expected the number of "error" violations to increase. Deliberately targeted attacks may also increase. They distinguish these attacks by their longevity and the use of advanced resources. This seems to lack effective defences, which leaves a strong network at risk of accidental and planned attacks (Fikri et al., 2019). They use additional resources and individuals to effectively prevent or resolve these situations and an integrated approach to a well-thought-out strategy. Low risk is all that is required for an attacker to gain access. The safety aspects will need to be considered for all hazards to close those errors.

A security breach isn't always obvious or apparent. As a result, the first step in preparing is raising awareness and training in detecting and reporting occurrences. No formal procedure for reducing security incidents exists at this time. Many factors can cause security events

• Failure of service, equipment, or location.
• Failure or strain on the system (including interference with the support system).
• Human errors cause system failure or performance disruption.
• Physical and psychological safety features of the item are broken.
• Loss of performance and management.
• Unauthorized system changes.
• Failure to adhere to ethical policies or procedures.
• Viruses alerts
• Company assets are lost or stolen.
• Excessive use of force.
• Damage to property and intentional damage
• Cyber ??attacks on social networks such as the Internet.
• Unusual system function.
• Unauthorized pairing of mobile devices.
• Connecting removable media without permission.
• Networks connected without permission.
• Logical inconsistent access.
• Suspicious or compromised system or part of a network
• Unsuitable computer program detected.
• There are new weaknesses.

Based on the existing architecture, known levels of security, and the most recent study conducted from the extant literature chamber, the following are the greatest dangers to the organization:

Register of Hazards

1. Computer malware
2. Damage to the Dignity
3. Anonymous Attack
4. Expired Security
5. Unknown Decisions
6. Loggers
7. Bots
8. Program Access
9. Webserver Login
10. Smart Devices
11. Online transactions

The distribution of malware is widely, and it can infiltrate a network if operational security, such as malware software, is not in place. Uncontrolled attacks are also a possibility, and many risks originate from outdated security due to a lack of definition of the tools and procedures employed. The organization's materials are likewise devoid of information about the decisions I can make. The most dangerous security risks right now are vital loggers and botnets. These attacks allow the thief to see what the work is doing and obtain the financial information needed to launch the next major attack (Mohammadian, 2018). This attack is plausible because the corporation is known to have lost money. Unauthorized access to the system is a big concern that this company has investigated.

Based on user behaviour, CONVXYZ Company may not have complete knowledge regarding good security access, roles, and safety standards. If there is no suitable security policy, it may attack the webserver (Mohammadian, 2018). Smart gadgets can identify a network and take sensitive data from a company's website. Online actions might record and read to prepare for future attacks.

Risk identification with the risk priority using risk matrix (Boston grid). 

Conclusions and Suggestions

Based on risk and size risk assessments, the following  are the  recommendations:

The most critical risk element is sorted first in the risk matrix. Because it has expired security and no security features, it is apparent that this organization is undergoing security. The organization lacks expertise or vision regarding online safety potential or information threats (Agyepong et al., 2020). They are also subject to attacks; therefore, the corporation should consider dedicating a budget to minimize security concerns right now to stay ahead of future episodes. As a quick cure, they should hire a security expert or at the very least modernize their IT network and add firewalls. Hackers frequently utilize the Internet to hack one of these high-security installations, and internet dangers are already considerable. As a result, most attacks may originate on the Internet. The organization should consider securing its route by utilizing built-in security measures that can assist them in delivering more undesirable transactions at the gate or route level.

The company is also under attack from an unknown source, as many people cannot pinpoint the basis of the attack (Agyepong et al., 2020). They may avoid most seizures by using suitable anti-malware software, hardware repair, and software firewall and keeping an updated anti-virus program that can block various web servers, botnets, and key loggers. The Agency must begin working on the specified priorities and provide a timetable and budget for implementation.  

References

Agyepong, E., Cherdantseva, Y., Reinecke, P., & Burnap, P. (2020). Cyber security operations centre concepts and implementation. Modern Theories and Practices for Cyber Ethics and Security Compliance, 88-104. https://doi.org/10.4018/978-1-7998-3149-5.ch006

Fikri, M. A., Putra, F. A., Suryanto, Y., & Ramli, K. (2019). Risk assessment using NIST SP 800-30 revision one and ISO 27005 combination technique in the profit-based organization: A ZZZ The case study of information system application in ABC agency. Procedia Computer Science, 161, 1206-1215. https://doi.org/10.1016/j.procs.2019.11.234

Mohammadian, M. (2018). Network security risk assessment using intelligent agents. 2018 International Symposium on Agent, Multi-Agent Systems and Robotics (ISAMSR). https://doi.org/10.1109/isamsr.2018.8540557

Shirazi, A., & Kazemi, M. (2020). A new model for information security risk management. Lecture Notes in Information Systems and Organisation, 551-566. https://doi.org/10.1007/978-3-030-34269-2_38