Risk analysis as it pertains to computer resources, is a process of determining potential fiscal cost of having one or more of the three elements(reliability, integrity, and confidentiality)
First what are we risk analyzing? A Website that is hosted by a third party
Why are we risk analyzing? To determine if we need more security (more resources)
A vulnerability analysis involves what could occur if the system was compromised and thus affect (reliability, integrity, and confidentiality)
A threat analysis is a process of identifying who can negatively affect (reliability, integrity, and confidentiality)
in these assessments a percentage chance of likelihood of attack on the system
what is the value of the website?
Out of the various analyses we can start to create a Risk Assessment matrix for each device or website. For each software
One unfortunate aspect of Risk assessment is not being able to asses the Unknown unknowns.
A new Zero-day attack could negatively affect the systems and thus either degrade or bring down the site for a while. One needs to decide on the value of the computing resources to decide the level of testing and monitoring.
Contact us to make an analysis for your situation.
Tony Zafiropoulos 314-504-3974