Response for Sujith Diddi

ASSET:

As discussed earlier an Asset can be anything that has a value. There are different types of Assets. Basically, it can be personal or business asset. I will be discussing business Assets. Also, There are many personal assets which generally everyone has such as:

Don't use plagiarized sources. Get Your Custom Essay on
Response for Sujith Diddi
Just from $13/Page
Order Essay

Automobile

Checking and Saving Accounts

Jewelry

Artwork

Property (Land, House etc.)

These above all fall under personal assets.

Here I would like to discuss my company which I work.

Asset identification: At the Media and Entertainment company which I work for, we are given laptops to work remote. I manage some of the applications which are SOX compliant. I store some revenue related data in my laptop and have the admin capabilities to certain servers which add more weight when it comes to protecting my laptop and credentials.

Attacker/threat identification:  Any person with a malicious intent is a possible attacker of my asset. It can either be a competitor to gain the intellectual property information or a hacker who can sell the information gained in the black market. There are severe penalties for SOX non-compliance which ranges from 10-20 years in prison and/or $1 million to $5 million fine.

Impact:  If my work asset is stolen or if my credentials are compromised, in first place all the proprietary data will be lost which affects the company’s profitability. This results in the monetary loss to the company. Secondly, as I have almost an Administrative privilege the consequences would be worse if someone manages to get into the company’s network/servers and destroy the integrity of data leading to SOX non-compliance. Attackers can possibly do anything and everything to bring the share value down, compromise the user information (which people provide when buying the merchandise, subscribing to the movie services etc.)  

Remediation:  Securing the work laptop with a hardware lock whenever I am away, being cautious of the social engineering that tricks me into revealing my credentials and not using the internet which is freely available in public places are all the preventive measures I should take to combat the threats to my work asset.

References

Managing Risk in Information Systems: second edition. By Darril Gibson. (2015), Jones and Bartlett Learning.

Order your essay today and save 20% with the discount code: RESEARCH

Live Chat+1(978) 822-0999EmailWhatsApp