Disaster recovery plan  Any disaster recovery plan must provide for:  (a)  Standby procedures

PART C: ACCOUNTING AND REPORTING SYSTEMS, CONTROLS AND COMPLIANCE 
 
258
 
6.4 Cyber risk, cyber-attack and cyber security 
Cyber-attacks have been briefly mentioned in this section, we shall now consider them in more detail in 
connection with cyber risk and cyber security. 

Cyber risk
is a term that covers a number of organisational risks which are possible 
consequences of a cyber-attack. Cyber risks include; financial losses, reputational damage and 
operational disruption. 

Cyber-attacks
are deliberate attempts to damage an organisation by using the Internet to take 
advantage of poor security controls and system integrity. 

Cyber security
is the protection of computer systems from the risk of cyber-attack through the 
use of hardware and software security procedures and controls.
6.4.1 Key cyber risks 
The 
main risks 
to an organisation that cyber-attacks may bring include: 
(a) 
Financial loss 
- the risk that the organisation will lose money, either through having funds 
directly stolen, but also the cost of repairing the damage caused by a cyber-attack (including the 
payment of fines if IT controls are deemed not sufficient to protect customer data). 
(b) 

Download 5,67 Mb.

Do'stlaringiz bilan baham: