Threat Category
|
Control
|
Description
|
Classification
|
Type
|
Accidental corruption of information
|
Network monitoring
|
Network traffic is monitored to identify and investigate fraud data transfers
|
Administrative
|
Prevent and detect
|
Export control
|
Unauthorized access of sensitive data is restricted by controlling ability to paste, copy and print parts of documents.
|
Physical and Administrative
|
Prevent
|
Control of physical media
|
Copy of sensitive data to unauthorized devices is prevented.
|
Physical
|
Prevent
|
Perimeter security
|
Sensitive data is prevented from leaving the perimeter
|
Physical
|
Prevent
|
Loss of intellectual property
|
Security of proprietary information
|
Access to proprietary information is controlled
|
Administrative
|
Prevent
|
Data security and encryption
|
Data is encrypted by process of cryptography such that unapproved access is prevented
|
Physical
|
Prevent and detect
|
Secure servers
|
The servers should be secured by using antivirus and firewalls.
|
Product
|
Prevent and detect
|
Remind people of access to sensitive IP
|
People is reminded continuously to protect sensitive IP.
|
Administrative
|
Prevent
|
Software piracy
|
Firewall
|
Source IP address is filtered for access to software that prevents software privacy
|
Product
|
Prevent
|
Antivirus
|
Ensures that system does not contain any malware that will facilitate software piracy
|
Product
|
Prevent
|
Policy to update antivirus
|
Software should be updated to prevent software piracy
|
Administrative
|
Prevent
|
Web application firewall
|
Identifies any piracy in software
|
Product
|
Prevent and detect
|
Plan to respond to incidents
|
Plan that will prepare to respond to software piracy quickly
|
Administrative
|
Compensate
|
Theft of information (hacker)
|
Firewall
|
Controls traffic passing through all network ports
|
Product
|
Prevent
|
Anti-malware software
|
Detects malwares in the network used by hackers to steal data
|
Product
|
Prevent and detect
|
Sensitive data encryption
|
Sensitive data stored in storage device should be encrypted so that it becomes hard to access even if hacker gains access to network.
|
Administrative
|
Prevent and detect
|
Policy to keep software updated
|
Processes and procedures are ensured that they are in place by keeping all software updated
|
Administrative
|
Prevent and detect
|
Theft of information (employee)
|
Standard and Limited user account
|
Administrative login Id and password should be given to trusted employees
|
Administrative
|
Prevent
|
Overwrite storage devices before discarding
|
Hard drives, memory cards, USB flash drives and other storage devices that stored previous personal information should be should be either destroyed physically or overwritten before discarding them.
|
Physical
|
Prevent
|
Using secured connection to send sensitive data
|
SSL/TLS protocol ensures that sensitive data is send securely such that theft of information by employees is not possible
|
Physical and product
|
Prevent and detect
|
Website defacement
|
Sucuri tool
|
Website monitoring tool that protects, provides backup and quality performance
|
Product
|
Prevent and detect
|
IPVTec tool
|
Online monitoring tool that detects website defacement
|
Product
|
Detect
|
Visualping
|
Website area that wants to be monitored can be done by the use of visual ping.
|
Product
|
Detect and prevent
|
WebOrion tool
|
Monitoring service that offers content, visual change and integrity monitoring
|
Product
|
Prevent and detect
|
Wachete tool
|
Monitors entire website or a particular area every 24 hours
|
Product
|
Prevent
|
Theft of equipment
|
Providing theft indicator to each equipment
|
This will give an alarm when equipment is stolen.
|
Physical
|
Detect
|
Keeping record of all equipment
|
Recording details of each equipment will help to identify equipment that are wiped and swapped.
|
Physical
|
Detect and prevent
|
Using spy cams
|
Advancement of technology has led to the discovery of spy cameras that helps in detecting equipment theft.
|
Product
|
Prevent and detect
|
Viruses, worms, Trojan horses
|
Antiviruses
|
Detects malwares that will prevent from any virus being installed in system
|
Product
|
Prevent
|
Web application Firewall
|
Detects application layer attacks and also helps in mitigating them
|
Product
|
Prevent and detect
|
Detection and prevention systems of intrusions
|
Uses signature database for identifying threats that alerts a system administrator of any malware
|
Product
|
Detect
|
Firewall
|
Filters IP addresses that are accessing the network that prevents attacks of viruses, Trojan horses and worms
|
Product
|
Prevent
|
Elevation of privilege
|
Decrypter
|
The encrypted exploit code should decrypted by the decrypter.
|
Product
|
Prevent and detect
|
API resolver
|
Determines the working of shell code and position-independent codes
|
Product
|
Prevent and detect
|
Environment checker
|
Identifies the platform of operating systems and version number.
|
Product
|
Prevent and detect
|
EoP exploit DLL
|
After environmental checking is done, exploit routine is done to prevent memory corruption and privileged code execution
|
Product
|
Prevent and detect
|
Fire/ Flood
|
Locating organization in safe place
|
The organization should be located in a safe place where floods do not occur to prevent from floods
|
Administrative and physical
|
Prevent
|
Using flood resistant and fire resistant techniques
|
Fire and flood resistant techniques should be used to prevent from fire and flood
|
Administrative and physical
|
Compensate and prevent
|