This project demonstrates a quantitative approach to managing high-impact cyber threats. I conducted a risk analysis of a destructive malware attack targeting developer infrastructure and proposed a technical mitigation strategy to protect business continuity.
Threat: A hacker gains unauthorized access to a developer's workstation and executes a script to wipe the entire system. Inherent Risk Score: 15/25 (High)
To move the risk from High to Low, I implemented a triple-layer defense:
- MFA (Preventive): Stops unauthorized access at the front door.
- EDR (Detective): Kills malicious "wiper" processes in real-time.
- Cloud Backups (Recovery): Ensures zero data loss even if a system is wiped.
How to read the heat map
- The Red Dot: This is the "Inherent Risk." It shows that without your plan, the risk is in the "Danger Zone" (High Impact/Moderate Likelihood).
- The Arrow: This represents your security strategy. It shows the risk being "pushed" down into the Green Zone.
- The Green Dot: This is the "Residual Risk"—where the risk sits after you’ve implemented MFA, EDR, and Backups.