How does a vulnerability assessment differ from a risk assessment?
A vulnerability risk assessment is using a scanner that is automated to look around for the vulnerabilities in the systems and it is using an automated scanner to look for the vulnerabilities in the systems and in the applications. The vulnerabilities are the gaps and the weakness that undermine an organization’s It and its efforts. A firewall is a flaw that is letting. the hackers into each of the networks. The risks that need to be calculated during an assessment of the possible threats to established security and the vulnerabilities that are within the network and the data systems. A risk assessment is there and it identifies the threats and the threat actors and the likelihood that these factors will result in a possible loss.
What does the National Infrastructure Protection Plan provide?
Protecting and ensuring the continuity of the critical infrastructure and key resources (CIKR) of the United States is essential to the Nationâ€™s security, public health and safety, economic vitality, and way of life. CIKR includes physical or virtual assets, systems, and networks so vital to the United States that the incapacity or destruction of such assets, systems, or networks would have a debilitating impact on security, national economic security, public health or safety, or any combination of those matters. The National Infrastructure Protection Plan (NIPP) provides the coordinated approach that is used to establish national priorities, goals, and requirements for CIKR protection so that Federal resources are applied in the most effective and efficient manner to reduce vulnerability, deter threats, and minimize the consequences of attacks and other incidents. It establishes the overarching concepts relevant to all CIKR sectors identified under the authority of Homeland Security Presidential Directive 7, and addresses the physical, cyber, and human considerations required for effective implementation of protective programs and resiliency strategies.Â
A risk assessment differs from a vulnerability assessment because risk assessments identify possible, or likely hazards, and the overall affect those hazards can have on the organization. A proficient risk assessment includes identifying all the risk factors that can potentially cause hazards, this includes high risk locations, dangerous equipment, or cases of workplace violence. A vulnerability assessment is a systematic review of organization weaknesses that include potential flaws in physical security, or information systems security. It evaluates if the organization is susceptible to any known vulnerabilities, along with assigning severity levels to those vulnerabilities, and recommends remediation or mitigation, whenever needed.
The National Infrastructure Protection Plan (NIPP) created in 2009 to issue guidance for the protection of the national infrastructure and key assets within the infrastructure. The primary goal of the National Infrastructure Protection Plan is to prevent, protect, mitigate, deter, and neutralize the impact on our nation’s infrastructure as a result of a terroristic attack, natural disaster, or national emergency that would threaten critical assets within the infrastructureâ€™s. This plan supplyâ€™s detailed instruction on risk analysis procedures and solutions.