Why does a business need a Vulnerability Assessment?

Written By Todd Mitchell

A business owner needs to think ahead of all the possible things that can affect a business and have a plan to prevent them from happening or at least minimize the damage if it does. Cybersecurity is more than just adding antivirus, you have human errors, natural disasters, and many other outside factors that can make you vulnerable beside just a hacker.

The purpose of a vulnerability assessment is to identify assets and their value, then analyze those assets for vulnerabilities against cyber-attack, natural disaster, and human factors. The vulnerability assessment should be dynamic and updated as needed to include any new risks as they occur. The scope of the assessment should be very wide and include any risk and threat possible.

The first step to conduct an assessment is to gather information on an organization’s assets including people, processes, and technology. The next step is to analyze the data for the impact of loss and the probability of that occurring. The third step is to prioritize the responses based on the needs of the stakeholders and members of the organization. The final step is implementing mitigations to control the damage and providing a plan to recover.

References:

University of Maryland University College. (2016). Vulnerability Assessment Instructional Module. Retrieved from https://learn.umuc.edu/d2l/le/content/172466/viewContent/7559993/View

Todd Mitchell
Previous

Is Open Wi-Fi safe to use?
Next

25% of #smallbusiness don’t realize cyberattacks will cost them money.