Foreword

As we enter Cyber Security Awareness Month (CSAM),  I wanted to ensure that people are aware of some of the 'core' security concepts.

Over the course of CSAM, I will be writing posts about aspects of cybersecurity / mainframe-security.

In today's post, I shall outline what the "Circle of risk" is and explain related terminology.

|

The Circle of Risk

In its simplest form, the circle contains seven interconnected terms.

The seven phrases on this diagram are as follows:

Asset,   Threat,   Threat Agent,   Attacks,   Vulnerability,   Risk,   Countermeasures / Correctives

|

Defining the Terminology

We shall define the aforementioned terms below:

Asset  -  This is something of value to a business, that requires protection.

This may include anything from a computer file, intellectual property, hardware devices, right through to company employees.

Assets these may be compromised by …

Threat  -  This is something that could result in the damage, destruction, alteration or loss of an asset.

These may be malicious in nature, they could be accidental, or could be something else like an earthquake or other natural disaster.

Threats may be perpetrated by a …

Threat Agent  -  This is a person/system that means harm to an asset, sometimes referred to as a 'hacker'.

Examples of this may include a person who directly hacks into a bank, or a system they may use to cause a DDOS attack.

Threat Agents may carry out an …

Attacks  -  This is the damage, destruction, alteration or theft of assets.

As mentioned previously, this 'attack' could be malicious, but it could also be accidental (e.g. spilling water on your laptop).

Malicious attacks often follow the exploitation of a …

Vulnerability  -  This is a weakness or absence of a safeguard/countermeasure, which threat agents will attempt to exploit.

Areas of vulnerability could be because of a flaw in programming (e.g. Zero Day Exploits) or because of something else (e.g. Social Engineering).

Vulnerabilities are often exposed to …

Risk  -  This is the possibilities of something bad happening, whether accidental or malicious.

Risks can be mitigated by …

Countermeasures / Correctives  -  These are methods of control.

Countermeasures will generally come in three main forms:

 -> Physical (Barrier Gates, Security Doors, Fences, RFID Locks, CCTV cameras, etc…)

 -> Administrative (policies, procedures and principles)

 -> Technical Protections  (zSecure Alerts,  Command Verifier,  UACC=NONE,  PROTECTALL=YES/FAIL,  SETROPTS password rules,  etc…)

Countermeasures will help in protecting the … (circle returns to Assets)

|

Further Content

Later today (1st October) I will be delivering a session with @Henri Kuiper as part of IBM Z Day!

https://ibmzday2024-vconf.bemyapp.com/#/talks/66edf9644080f4c3936490e1

Over the following weeks, I will also be uploading further content about aspects of cybersecurity / mainframe-security.

If you are interested in reading more, I am uploading three articles on Security in October and I will be publishing further articles throughout November.

So far, I plan to cover the following topics:

• "Cybersecurity 101:  Resilience for the Uninitiated."
• "What's a 'Cyber Kill Chain' and why should I care?"
• "Who are your cyber threats?  Knowing your Keyser Söze"
• "The value of data:  What have you got to lose?"

If you wish to stay informed of these uploads, please feel free to follow me or connect with me on LinkedIn :)

https://www.linkedin.com/in/niall-ashley-a91914124/

------------------------------
Niall Ashley (he/him)
Consultant in Mainframe Security (RACF)
Vertali Ltd
------------------------------

Thanks this article is great, can't wait for the next ones! I also thoroughly enjoyed your session and recommend watching the reply to anyone who missed it

Foreword

As we enter Cyber Security Awareness Month (CSAM),  I wanted to ensure that people are aware of some of the 'core' security concepts.

Over the course of CSAM, I will be writing posts about aspects of cybersecurity / mainframe-security.

In today's post, I shall outline what the "Circle of risk" is and explain related terminology.

|

The Circle of Risk

In its simplest form, the circle contains seven interconnected terms.

The seven phrases on this diagram are as follows:

Asset,   Threat,   Threat Agent,   Attacks,   Vulnerability,   Risk,   Countermeasures / Correctives

|

Defining the Terminology

We shall define the aforementioned terms below:

Asset  -  This is something of value to a business, that requires protection.

This may include anything from a computer file, intellectual property, hardware devices, right through to company employees.

Assets these may be compromised by …

Threat  -  This is something that could result in the damage, destruction, alteration or loss of an asset.

These may be malicious in nature, they could be accidental, or could be something else like an earthquake or other natural disaster.

Threats may be perpetrated by a …

Threat Agent  -  This is a person/system that means harm to an asset, sometimes referred to as a 'hacker'.

Examples of this may include a person who directly hacks into a bank, or a system they may use to cause a DDOS attack.

Threat Agents may carry out an …

Attacks  -  This is the damage, destruction, alteration or theft of assets.

As mentioned previously, this 'attack' could be malicious, but it could also be accidental (e.g. spilling water on your laptop).

Malicious attacks often follow the exploitation of a …

Vulnerability  -  This is a weakness or absence of a safeguard/countermeasure, which threat agents will attempt to exploit.

Areas of vulnerability could be because of a flaw in programming (e.g. Zero Day Exploits) or because of something else (e.g. Social Engineering).

Vulnerabilities are often exposed to …

Risk  -  This is the possibilities of something bad happening, whether accidental or malicious.

Risks can be mitigated by …

Countermeasures / Correctives  -  These are methods of control.

Countermeasures will generally come in three main forms:

 -> Physical (Barrier Gates, Security Doors, Fences, RFID Locks, CCTV cameras, etc…)

 -> Administrative (policies, procedures and principles)

 -> Technical Protections  (zSecure Alerts,  Command Verifier,  UACC=NONE,  PROTECTALL=YES/FAIL,  SETROPTS password rules,  etc…)

Countermeasures will help in protecting the … (circle returns to Assets)

|

Further Content

Later today (1st October) I will be delivering a session with @Henri Kuiper as part of IBM Z Day!

https://ibmzday2024-vconf.bemyapp.com/#/talks/66edf9644080f4c3936490e1

Over the following weeks, I will also be uploading further content about aspects of cybersecurity / mainframe-security.

If you are interested in reading more, I am uploading three articles on Security in October and I will be publishing further articles throughout November.

So far, I plan to cover the following topics:

• "Cybersecurity 101:  Resilience for the Uninitiated."
• "What's a 'Cyber Kill Chain' and why should I care?"
• "Who are your cyber threats?  Knowing your Keyser Söze"
• "The value of data:  What have you got to lose?"

If you wish to stay informed of these uploads, please feel free to follow me or connect with me on LinkedIn :)

https://www.linkedin.com/in/niall-ashley-a91914124/

------------------------------
Niall Ashley (he/him)
Consultant in Mainframe Security (RACF)
Vertali Ltd
------------------------------

Foreword

As we enter Cyber Security Awareness Month (CSAM),  I wanted to ensure that people are aware of some of the 'core' security concepts.

Over the course of CSAM, I will be writing posts about aspects of cybersecurity / mainframe-security.

In today's post, I shall outline what the "Circle of risk" is and explain related terminology.

|

The Circle of Risk

In its simplest form, the circle contains seven interconnected terms.

The seven phrases on this diagram are as follows:

Asset,   Threat,   Threat Agent,   Attacks,   Vulnerability,   Risk,   Countermeasures / Correctives

|

Defining the Terminology

We shall define the aforementioned terms below:

Asset  -  This is something of value to a business, that requires protection.

This may include anything from a computer file, intellectual property, hardware devices, right through to company employees.

Assets these may be compromised by …

Threat  -  This is something that could result in the damage, destruction, alteration or loss of an asset.

These may be malicious in nature, they could be accidental, or could be something else like an earthquake or other natural disaster.

Threats may be perpetrated by a …

Threat Agent  -  This is a person/system that means harm to an asset, sometimes referred to as a 'hacker'.

Examples of this may include a person who directly hacks into a bank, or a system they may use to cause a DDOS attack.

Threat Agents may carry out an …

Attacks  -  This is the damage, destruction, alteration or theft of assets.

As mentioned previously, this 'attack' could be malicious, but it could also be accidental (e.g. spilling water on your laptop).

Malicious attacks often follow the exploitation of a …

Vulnerability  -  This is a weakness or absence of a safeguard/countermeasure, which threat agents will attempt to exploit.

Areas of vulnerability could be because of a flaw in programming (e.g. Zero Day Exploits) or because of something else (e.g. Social Engineering).

Vulnerabilities are often exposed to …

Risk  -  This is the possibilities of something bad happening, whether accidental or malicious.

Risks can be mitigated by …

Countermeasures / Correctives  -  These are methods of control.

Countermeasures will generally come in three main forms:

 -> Physical (Barrier Gates, Security Doors, Fences, RFID Locks, CCTV cameras, etc…)

 -> Administrative (policies, procedures and principles)

 -> Technical Protections  (zSecure Alerts,  Command Verifier,  UACC=NONE,  PROTECTALL=YES/FAIL,  SETROPTS password rules,  etc…)

Countermeasures will help in protecting the … (circle returns to Assets)

|

Further Content

Later today (1st October) I will be delivering a session with @Henri Kuiper as part of IBM Z Day!

https://ibmzday2024-vconf.bemyapp.com/#/talks/66edf9644080f4c3936490e1

Over the following weeks, I will also be uploading further content about aspects of cybersecurity / mainframe-security.

If you are interested in reading more, I am uploading three articles on Security in October and I will be publishing further articles throughout November.

So far, I plan to cover the following topics:

• "Cybersecurity 101:  Resilience for the Uninitiated."
• "What's a 'Cyber Kill Chain' and why should I care?"
• "Who are your cyber threats?  Knowing your Keyser Söze"
• "The value of data:  What have you got to lose?"

If you wish to stay informed of these uploads, please feel free to follow me or connect with me on LinkedIn :)

https://www.linkedin.com/in/niall-ashley-a91914124/

------------------------------
Niall Ashley (he/him)
Consultant in Mainframe Security (RACF)
Vertali Ltd
------------------------------