Evaluation and Risk Assessment - Research Paper Example

Threats are the sources and means of particular types of attacks. Threat analysis enables information security experts to determine the most appropriate approaches to securing systems against systems attacks. Security professionals perform penetration-testing exercises to identify threat profiles, develop effective countermeasures against threats and mitigate all earlier signs of threats (Kaiya, Sakai, Ogata & Kaijiri, 2013).

The primary focus of threat analysis should be on analyzing the resources of the attackers. It is crucial for all organizations to analyze threats to help them develop specific security policies, which they can implement together with policy priorities and comprehend implementation needs for securing organizational resources. Information security threats include accidental disclosure, alteration of software, electrical disruption, acts of nature, and telecommunication malfunction. Vulnerabilities are the security flaws that allow a threat attack to be successful in a system.

Corporate organizations and private businesses should do vulnerability testing to resolve the vulnerabilities and provide data required to identify unexpected perils to information security. The management boards should realize that such vulnerabilities do not particularly belong to the technology class, but also apply to social factors, for example, personal authentication and authorization policies. Vulnerability testing is of paramount importance in maintaining ongoing security and allows the professional responsible for the security of the company’s resources to respond to new dangers as they arise (Kevin, Hackney & Edgar, 2010).

Testing for vulnerabilities is also invaluable in developing policy and technology and as part of the technology selection process. It is crucial for buyers to do effective vulnerability tests in order to select the right technology that can save time, money, and other costs of business operations. My Encounter with an Information Security Threat I am the Managing Director of a telecommunication company that offers postpaid communication services to the residents of Silicon Valley. Recently, I have realized that the costs of making calls were increasing abnormally among the callers.

I communicated to my customers and requested from them some information concerning their communication expenditures. I found out that my customers were not really consuming these huge amounts of airtime to make calls. The information security professional made a follow-up and found out that there was massive phreaking and eavesdropping. Hackers were stealing services and using them while passing the costs of making calls to my customers. It was also found that these hackers had stolen credentials and contact information of my customers, which allowed them to control their voice calls, calling plans, billing information, and call forwarding.