What Is the Meaning and Purpose of Risk Management in Cyber Security?

Year : 2025 | Volume : 03 | Issue : 01 | Page : 46-53
    By

    Dhaval Chudasama,

  1. Assistant Professor, Department of Cyber Security, Gandhinagar University, Gandhinagar, Gujarat, India

Abstract

Organizations and their information systems are increasingly exposed to risk and uncertainty from a variety of sources, including computer fraud, espionage, and sabotage or cyber-attacks. The purpose of this article is to outline several steps, protocols, and factors that any organization should consider in the event of a cyber-attack. Over time, some damage causes, including denial of service or intrusion attacks, have grown more frequent, aggressive, and complex. Complete security is unattainable. For this reason, companies need to implement strategies and tactics that allow them to rank risks according to their impact and likelihood, which indicates a higher risk to the company. When preparing for possible cyber-attacks, it is important to understand the logical flow of actions that can be taken during an attack, to incorporate best practices, to assess the level of risk the organization faces and proactively design a handbook to respond to these situations.

Keywords: Cyber-attack, incident response, cyber security, cyber risk analysis, risk management

[This article belongs to International Journal of Information Security Engineering ]

How to cite this article:
Dhaval Chudasama. What Is the Meaning and Purpose of Risk Management in Cyber Security?. International Journal of Information Security Engineering. 2025; 03(01):46-53.
How to cite this URL:
Dhaval Chudasama. What Is the Meaning and Purpose of Risk Management in Cyber Security?. International Journal of Information Security Engineering. 2025; 03(01):46-53. Available from: https://journals.stmjournals.com/ijise/article=2025/view=201807



References

  1. Gerber M, Von Solms R. Management of risk in the information age. Computers Security. 2005; 24 (1): 16–30.
  2. Bagchi K, Udo G. An analysis of the growth of computer and internet security breaches. Commun Assoc Inform Syst. 2003; 12 (1): 46.
  3. Sage AP, White EB. Methodologies for risk and hazard assessment: a survey and status report. IEEE Trans Syst Man Cybernet. 1980; 10 (8): 425–446.
  4. Stoneburner G, Goguen A, Feringa A. Risk management guide for information technology systems. NIST Special Publication. 2002; 800 (30): 800-30. Available at https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30.pdf
  5. Baskerville R. Information systems security design methods: implications for information systems development. ACM Comput Surveys. 1993; 25 (4): 375–414.
  6. Avolio BJ, Bass BM, Jung DI. Re‐examining the components of transformational and transactional leadership using the multifactor leadership. J Occup Organ Psychol. 1999; 72 (4): 441–462.
  7. Kure HI, Islam S, Razzaque MA. An integrated cyber security risk management approach for a cyber-physical system. Appl Sci. 2018; 8 (6): 898.
  8. Taveras P. Cyber risk management, procedures and considerations to address the threats of a cyber attack. In: Proceedings of the ForenSecure: Cybersecurity and Forensics Conference, Chicago, IL, USA, April 12, 2019.
  9. Fenz S, Ekelhart A, Neubauer T. Information security risk management: in which security solutions is it worth investing? Commun Assoc Inform Syst. 2011; 28 (1): 22.
  10. Burnap P, Anthi E, Reineckea P, Williams L, Cao F, Aldmoura R, Jones K. Mapping automated cyber attack intelligence to context-based impact on system-level goals. J Cybersecurity Privacy. 2024; 4 (2): 340–356.
  11. Zwikael O, Ahn M. The effectiveness of risk management: an analysis of project risk planning across industries and countries. Risk Anal. 2011; 31 (1): 25–37.
  12. Kamal Y, Ahmad S. Strategic approaches to e-business transformation: navigating digital disruption in the Indian business landscape. In: Taherdoost H, Drazenovic G, Madanchian M, Khan IU, Arshi O, editors. Business Transformation in the Era of Digital Disruption. Hershey, PA, USA: IGI Global; 2025. pp. 89–126.
  13. Neware R, Shrawankar U, Mangulkar P, Khune S. Review on multi-factor authentication (MFA) sources and operation challenges. Int J Smart Security Technol. 2020; 7 (2): 62–76.
  14. Ometov A, Bezzateev S, Mäkitalo N, Andreev S, Mikkonen T, Koucheryavy Y. Multi-factor authentication: a survey. Cryptography. 2018; 2 (1): 1.
  15. Chudasama D. Why choose cyber security as a career. Curr Trends Inform Technol. 2021; 11 (1): 14–19.
  16. Shah A, Chudasama D. Investigating various approaches and ways to detect cybercrime. J Netw Security. 2021; 9 (2): 12–20.
Regular Issue Subscription Review Article
Volume 03
Issue 01
Received 13/12/2024
Accepted 28/01/2025
Published 12/02/2025
Publication Time 61 Days
Total Visits: 44


My IP

PlumX Metrics