ASSET:
As discussed earlier an Asset can be anything that has a value. There are different types of Assets. Basically, it can be personal or business asset. I will be discussing business Assets. Also, There are many personal assets which generally everyone has such as:
Automobile
Checking and Saving Accounts
Jewelry
Artwork
Property (Land, House etc.)
These above all fall under personal assets.
Here I would like to discuss my company which I work.
Asset identification: At the Media and Entertainment company which I work for, we are given laptops to work remote. I manage some of the applications which are SOX compliant. I store some revenue related data in my laptop and have the admin capabilities to certain servers which add more weight when it comes to protecting my laptop and credentials.
Attacker/threat identification: Any person with a malicious intent is a possible attacker of my asset. It can either be a competitor to gain the intellectual property information or a hacker who can sell the information gained in the black market. There are severe penalties for SOX non-compliance which ranges from 10-20 years in prison and/or $1 million to $5 million fine.
Impact: If my work asset is stolen or if my credentials are compromised, in first place all the proprietary data will be lost which affects the company’s profitability. This results in the monetary loss to the company. Secondly, as I have almost an Administrative privilege the consequences would be worse if someone manages to get into the company’s network/servers and destroy the integrity of data leading to SOX non-compliance. Attackers can possibly do anything and everything to bring the share value down, compromise the user information (which people provide when buying the merchandise, subscribing to the movie services etc.)
Remediation: Securing the work laptop with a hardware lock whenever I am away, being cautious of the social engineering that tricks me into revealing my credentials and not using the internet which is freely available in public places are all the preventive measures I should take to combat the threats to my work asset.
References
Managing Risk in Information Systems: second edition. By Darril Gibson. (2015), Jones and Bartlett Learning.
What Students Are Saying About Us
.......... Customer ID: 12*** | Rating: ⭐⭐⭐⭐⭐"Honestly, I was afraid to send my paper to you, but splendidwritings.com proved they are a trustworthy service. My essay was done in less than a day, and I received a brilliant piece. I didn’t even believe it was my essay at first 🙂 Great job, thank you!"
.......... Customer ID: 14***| Rating: ⭐⭐⭐⭐⭐
"The company has some nice prices and good content. I ordered a term paper here and got a very good one. I'll keep ordering from this website."