Running head: RISK ASSESMENT ANALYSIS 1
RISK ASSESMENT ANALYSIS 1
Website Risk-Assessment Analysis
The web-based services are increasing in their use. Therefore, it is crucial to perform risk analysis on the information systems paying attention to those connected with the websites. The risk analysis must evaluate what is up against it. This is achieved by understanding who or what is likely attacking the sites (Risk Management for Your Website, n.d.). Malicious users are responsible for an attack on these websites. The website attackers use malware to threaten the security of these websites. The episodes are often such that a hacker attack takes place every thirty-nine seconds (How Often Do Cyber Attacks Occur? – AAG – Managed IT Solutions, 2019). This means that one in three Americans face hack attack attempts. It is also imperative to understand that many of these high rates of attacks target small businesses. The statistics show that approximately 64% of these small companies experience web-based attacks.
Cross-Site Scripting (XSS) is an example of a typical website security attack. It takes up to 40% of all website attacks. However, its high rate has no impact on its sophistication since even amateur cybercriminals can execute them. This attack targets the user instead of the website itself; it tricks the user into giving out their personal details. Another typical attack is referred to as injection attacks. In this attack, the SQL injection method is the most popular of them all. It is used in targeting the website and the server’s database through a direct approach. The last typical attack is known as the fuzz test. A fuzz test is essential in finding security loopholes in software; however, attackers can use this same tool. A malicious attacker puts random data (fuzz) to have the application crashing.
There are specific countermeasures that help deal with web-based attacks. For example, erecting barriers such as firewalls in the internal system is useful for an organization with internet access (Authors, 2020). A firewall provides adequate protection against attacks and helps maintain the integrity of the websites. An organization can also safeguard the website by augmenting security policies. These are policies play a role in creating and implementing a security plan for the organization. A security officer can be used in monitoring the risk related to websites. Another strategy of minimizing attacks is through providing disaster recovery plans. This is in case the business operations are interrupted. Hence, this strategy enables the businesses to quickly recover. Lastly, the risks of website attacks can be minimized by organizations transferring risks by taking insurance. This can be cost-effective if an organization experience downtime in the websites.
Authors, T. G. (2020, December 21). The Most Common Website Attacks (How to Protect Yourself). https://www.tripwire.com/state-of-security/featured/most-common-website-security-attacks-and-how-to-protect-yourself/
How often do Cyber Attacks occur? – AAG – Managed IT Solutions. (2019, June 20). https://aag-it.com/how-often-do-cyber-attacks-occur/
Risk Management for Your Website. (n.d.). Retrieved January 20, 2021, from https://www.irmi.com/articles/expert-commentary/risk-management-for-your-website