[Isabelle Tubbs]

Some risks to a company can be natural damage, like a natural disaster or an accident. What can be done to at least reduce the damage of this is to have physical controls in place in case something happens. For example, making sure everything in the building is up to code and that there is a plan for when something happens.
A major threat to a company is the potential for hackers to add malware or crack passwords. Keeping up with updates and running antimalware are just a few ways to maintain security against malware, and creating good password policies for users can prevent passwords from being guessed so quickly or easily.
Finally, it is important to prevent against attacks that are based in social engineering. Educating users to be wary of what information they give to people and how fake messages might look is a good way to reduce the effectiveness of this type of attack. Also, to reduce the damage that this can create, it is important not to give one person too much access on a system to begin with so that a potential hacker cannot get too much access either.