Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
In this video we cover the topic of risk assessment in detail. We note that risk management is an umbrella term and contains three elements which were previously mentioned in the Risk Intro video. Risk assessment is the process of identifying assets and the threats and vulnerabilities focused on them. In addition, the value of an asset must be determined prior to putting controls and safeguards in place. An asset's value is examined from several vantage points: the value to the organization as well as to customers. The loss of credit card data and PII has a cost not only to customers, but also to the business in the form of fines, legal penalties, the cost of reparations, not to mention the damage to a business' trust and reputation. We also discuss the major risk assessment methodologies of OCTAVE, FRAP, and NIST.