The companyβs database server is a critical resource, supporting remote employees who query data to identify potential customers. Protecting this server ensures confidentiality, integrity, and availability of customer information and business data. If this server were compromised or disabled, it could severely disrupt operations, damage reputation, and lead to regulatory penalties. This vulnerability analysis aims to identify risks and provide remediation strategies to safeguard business continuity.
Threat source | Threat event | Likelihood | Severity | Risk |
---|---|---|---|---|
Outsider hacker | Obtain sensitive information via exfiltration | 3 | 3 | 9 |
Competitor | Perform reconnaissance and surveillance | 2 | 2 | 4 |
Privileged user | Alter or delete critical information | 2 | 3 | 6 |
This vulnerability assessment focuses on realistic and high impact risks posed by external hackers, competitors, and privileged users. These threat sources were chosen because the database server is publicly accessible and contains sensitive business information. Their associated threat events, including exfiltration, reconnaissance, and data alteration, represent significant risks that could disrupt operations and harm the companyβs reputation and customer trust.
To mitigate these risks:
- Implement the principle of least privilege to restrict user access based on roles.
- Enforce multi-factor authentication (MFA) for all user accounts accessing the database.
- Deploy defense-in-depth measures including firewalls, intrusion detection systems, and IP allow listing for known corporate locations.
- Ensure encryption of sensitive data both in transit and at rest.
- Conduct regular security audits and monitoring to detect unauthorized access attempts.
This report was created as part of my cybersecurity learning portfolio.