PR Apex

Risk Management Key to Threat Management Assessment for Business

upadastra does on-site sara/sprint risk assessments

 

London, UK -- (SBWIRE) -- 03/17/2017 -- "Risk is essential to progress," says Roger L. Van Scoy, author of 'Software Development Risk: Opportunity, Not Problem', "and failure is often a key part of learning. But we must learn to balance the possible negative consequences of risk against the potential benefits of its associated opportunity." A part of owning software and doing business within the cloud and over the internet is taking a risk. In today's world, Risk Management is a key component of any business' threat management assessment.

Businesses must be prepared for the inevitable, such as Ddos (distributed denial of service) attacks, which can take a business offline anywhere from minutes to hours. Recently this was seen when Amazon's cloud services were attacked creating an outage that took many of their customer's websites offline for hours. Service disruptions can hurt business productivity and customer relations. How can a business turn a Ddos attack into an opportunity?

Staying current with patches and updates is one way to mitigate Ddos attacks and should be a permanent arrangement of ANY risk mitigation strategy. One should also be constantly reviewing their security configurations and settings as well as monitoring one's network flows. But again, it is time to ask, where is the opportunity? The opportunity here lies within training one's end users.

One man who can help companies review all parts of their internet, software and network risk assessment strategy from the inside out is Kieran Upadrastra. Upadrasta has over eighteen years experience as an expert in incident response, crises management, major incident management, threat analysis and risk management.

"DDoS attacks can take websites and servers down by overwhelming them with data or the application server with requests that only appear as valid," says Upadastra. "This data and these requests appear valid, but are in fact invalid and fake. To beat them, one must treat their technology like playing a video game. To get to the next level, it becomes necessary to look for the secret passage or find the vulnerability."

Upadastra will come to businesses and put together a team that can evaluate your business risk using the Fundamental Information Risk Management (Firm) and the Firm Scorecard, the Information Security Status Survey, Information Risk Analysis Methodologies (IRAM), the Simple to Apply Risk Analysis (Sara), and the Simplified Process for Risk Identification (Sprint) tools endorsed by the Information Security Forum.

For more information, visit www.kieranupadrasta.com.

About Kieran Upadrasta
Kieran Upadrasta (www.kieranupadrasta.com) offers both full risk assessments while teaching corporate cultures a climate of cyber hygiene for those companies seeking to take a proactive approach to cyber security. Upadrasta has over eighteen years experience in the fields of business analysis, consulting, security architecture, assessments, threat analysis and risk management. An expert in incident response, crises management, major incident management, stakeholder engagement, and mapping requirements he is also a member of the London chapter of International Information Systems Security Certification Consortium, Inc., of the International Information Systems Security Certification Consortium as well as a member of the London chapter of the Information Systems Audit and Control Association and the Professional Risk Management International Association.