Risk management

123456789101112131415161718192021
Across
  1. 6. Establish and enforce controls that prevent changing information without data owner permission
  2. 7. whether to accept, transfer, mitigate, or refuse the risk.
  3. 9. letting only the people with higher privilege access the files.
  4. 10. process of finding potential issues.
  5. 11. Establish and enforce controls that prevent systems, networks, and software from being out of service.
  6. 13. Conceptually,identifying the locations where your data resides seems simple enough.
  7. 14. firewalls, data encryption, data backups, keeping hardware up to date, and putting in place multi-factor authentication controls, to keep attacks at bay.
  8. 17. Building and maintaining a secure IT infrastructure is critical to preventing cybersecurity risks.
  9. 19. Any individual, group, or organization conducting an attack on a computer, network, or computerized system with the aim of compromising that system
  10. 20. The consequences of an incident to the organization, including financial loss, reputational damage, and hidden costs in operational disruption
  11. 21. When an attacker discovers a vulnerability and uses it to gain unauthorized access
Down
  1. 1. Process of determining which type of access an authenticated user, device, or system has to a given resource
  2. 2. Establish and enforce appropriate authorization controls so that only users who need access have access.
  3. 3. An individual or system is able to use a particular resource, either physically or virtually.
  4. 4. Establishing strict authentication and authorization procedures can minimize the data security risks in your organization.
  5. 5. Individuals, groups, and organizations operating to damage, steal, or disrupt an organization’s applications or data along with the strategies that accomplish these goals
  6. 8. You need to determine how the risk each poses overlaps and impacts the potential for a malicious actor to attack.
  7. 12. Trying to avoid compromising events as a way to eliminate liability.
  8. 15. Events involved in accessing and transferring data
  9. 16. potential that a given threat will exploit vulnerabilities of an asset or group of assets and thereby cause harm to the organization
  10. 18. Set of activities that detect, describe and catalog all potential risks to assets and processes