Technology Risk

Do you need our help?
Then discuss with our team
to help your business to
achieve true payoff.
Please Contact us

Technology risks undermine resources and procedures essential to your business and may avoid consistence with regulations, impact benefit, and harm your organization's notoriety in the commercial platform.

Information technology (IT) hazard can occur through natural disasters, eternal environmental risks and human error, malicious human activities (for example, impersonation, interception and interference). Besides, if an organization's threat is high, then their risk will also be high. In fact, risk is likelihood the financial loss of a company if there is a flood, fire outbreak or a burglar. Securing data resources like operational and money related information, client information, licensed innovation (IP), actually identifiable data (PII), or ensured well-being data (PHI) is just the starting.

Moreover, To maintain connectivity, ad-hoc networks communication nodes (often mobile) rely on wireless communication instead of fixed infrastructure. In other words security issues on these devices are a big challenge.

In the year 2009, Harrison Stewart our CEO gave a workshop where he pinpointed some of the likelihood of threats that mostly occurs in many organizations:

  • Legacy IT systems: Harrison saw that legacy systems are generally a security concern for an organization where information security is essential. He saw that many vendors have stopped providing support for their legacy systems and in fact, this increases the security concerns of these legacy systems. Certainly, some organizations might be having some compelling reasons to keep their legacy systems, but these legacy systems could easily be attacked and need to be addressed.
  • Remote and legacy protocols: The interception of information could easily be read by an attacker since legacy protocols do not encrypt network traffic. According to ISC, security has three main goals namely; confidential, integrity and availability. However, Harrison saw that legacy protocols certainly do not provide these goals.
  • Firewall: According to the Harrison, the use of internet services at many organizations certainly opens their network to cyber threats. For instance, a hacker attacking through their un-patched security holes due to the absence of firewall or poor defense mechanism configuration. In other words, unprotected data transmissions. Read Harrison Stewart's Cyber Attack Game Theory Framework published on the Derby University Library
  • Hubs: Many organizations are still hooked up with hubs. With hubs, broadcast storm will occur if several workstations send packets at the same time. According to Harrison, hubs cannot be monitored, therefore, any intrusion or malware attacks might be hard to detect. In fact all organization who are still using hubs need to be replaced.
  • Data transition: Data transmission from the a company's server to the other branches are mostly not encrypted. This could cause confidential files, trade secrets and financial documents to land into the hands of an unauthorized user. According to the Harrison, data is highly vulnerable during the transition phase.
  • Natural risk and human activities: During the work shop, Harrison Stewart (2009) certainly discouraged the art of keeping the backup disc in the manager's office because of natural disasters, eternal environmental risks and malicious human activities (for example, impersonation, interception and interference). Besides, if an organization's threat is high, then their risk will also be high. In fact, he stressed on that risk is likelihood the financial loss of any company if there is a flood, fire outbreak or a burglar.
  • Wireless connection (Ad-hoc): To maintain connectivity, ad-hoc networks communication nodes (often mobile) rely on wireless communication instead of fixed infrastructure. In other words security issues on these devices are a big challenge. Organizations need to be aware of, that confidentiality, accessibility and integrity are vital in network security. However, ad-hoc networks certainly do not provide these security features.
  • WAN: WAN connection will enable an organization's branches to collaborate and distribute workforce through web services (for example, Instant messenger (IM) and social network sites). However, this organization's risk will be high since part of the network needs to be opened to the outside world (Internet). According to the Harrison, there is a rapid spread on security threats over the internet (for example, virus, worms and malware). These threats and vulnerabilities could spread to the other system in the network causing higher damages. Other threats could be data interception and identity theft.

For more on Risk Management, please click here.

©All texts are registered trademark of ROHHAT®.