Chapter 4 Q5 What the Five main types of Security Risks, suggest one method to prevent the severity of risk?

There are 5 types of Security Risks:

1) Human Error: In Deloitte's sixth annual Global Security Survey, people are the problem.


"[P]eople continue to be an organization's greatest asset as well as its greatest worry," Adel Melek, global leader of security and privacy services at Deloitte Touche Tohmatsu, said in the report. "

 
 
 
 
 

2) Natural Disasters: The recent natural disasters experienced in Asia, Haiti and Chile (earthquake and tsunamis) and in Europe and North America (storms and floods) are a reminder that natural disasters can occur at anytime and any place and therefore organisations are at risks to such events.

Disruptions due to natural phenomena are far more widespread than many individuals and certainly companies are aware. People by and large, appear to be unable to retain the frequency, probability, damage, disruption and location of natural disasters in comparison to other events such as terrorism or political unrest.
Despite the fact that their impact and frequency are far greater than that of most other catastrophic incidents, organisations tend to overlook them when planning for emergencies. Whilst organisations cannot eliminate disruptions caused by such events, they can mitigate the impact on their businesses and daily operations by being better prepared and having contingency plans.

3) Technical Failures: Its the failure of a system because it no longer meets technical specifications (Example, No longer accurate within 1%] or has completely stopped working. It includes software bugs or hardware crashes.

4)Deliberate Acts: they include malwares and hackers.

a- Malware, short for malicious software, is software designed to infiltrate a computer system without the owner's informed consent. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.The term "computer virus" is sometimes used as a catch-all phrase to include all types of malware, including true viruses.
Software is considered malware based on the perceived intent of the creator rather than any particular features. Malware includes computer viruses, worms, trojan horses, spyware, dishonest adware, crimeware, most rootkits, and other malicious and unwanted software.
b- Hackers: Today, mainstream usage mostly refers to computer criminals, due to the mass media usage of the word since the 1980s. This includes script kiddies, people breaking into computers using programs written by others, with very little knowledge about the way they work. This usage has become so predominant that a large segment of the general public is unaware that different meanings exist.

5) Management failure: relates to lack of procedure, documentayion, and training.