💥 Mitigation

Risk mitigation is the strategy to prepare and lessen the effecets of threats faced by a business.

Risk mitigation controls

- Firewall to secure internet connections
- Choose most secure settings for devices and software
- Control access to data and services
- Protection from viruses and malware
- Up-to-date software and devices
- Anti-virus and anti-malware software
- Firewalls - Both hardware and software
- Intrusion detection and prevention systems (IDS and IPS)
- Encryption - purpose, process and protocols
- User access, policies and procedures - user permission
- Staff training and CPD (Continuous professional development) - Human firewall
- Back-ups - full, incrememntal and differential
- Software and system maintenance:
-- Scheduled maintenance
-- Interruption to service
- Air gaps
- Honeypot
- Virtual Private Networks (VPNs)