- This topic has 8 replies, 6 voices, and was last updated 3 weeks, 3 days ago by
Logan Krape.
-
AuthorPosts
-
-
March 28, 2022 at 11:21 am #65889
Mile2Test
ParticipantDiscuss the various risks and vulnerabilities companies face today as well as mitigating policies that help reduce a network compromise.
-
June 19, 2026 at 4:39 pm #116394
Seth Brumfield
ParticipantOrganizations today face an increasingly complex threat landscape as cybercriminals exploit weaknesses in technology, processes, and human behavior. Some of the most common risks include malware, ransomware, phishing attacks, insider threats, unsecured mobile devices, misconfigured cloud environments, and vulnerabilities caused by outdated software. Attackers often take advantage of weak passwords, unpatched systems, and poor access controls to gain unauthorized access to sensitive information. In addition, remote work environments and the growing use of IoT devices have expanded the attack surface, creating more opportunities for network compromise.
To mitigate these risks, organizations should implement security policies. Access control policies based on the principle of least privilege ensure users only have access to the resources necessary to perform their jobs. Strong password requirements and MFA reduce the likelihood unauthorized people gaining access. Patch management policies help ensure operating systems and applications are regularly updated to address known vulnerabilities. Security awareness training educates employees on recognizing phishing attempts and social engineering attacks.
https://www.nist.gov/cyberframework-
June 20, 2026 at 2:17 pm #116407
Rodnika Brown
ParticipantI like how you pointed out that organizations face risks not only from technology but also from human error. I agree that phishing attacks and weak passwords are still some of the biggest threats companies deal with today. Your discussion of security awareness training was especially important because employees are often the first line of defense against cyberattacks. I also think implementing MFA and keeping systems updated are some of the most effective ways to reduce the risk of a network compromise. Thanks for sharing such a detailed overview.
-
-
June 19, 2026 at 10:45 pm #116399
Lenay Nichols
ParticipantCompanies today face many risks and vulnerabilities that can lead to a network compromise. Some of the most common threats include phishing attacks, malware, ransomware, weak passwords, insider threats, and unpatched systems. Cybercriminals often look for the easiest way into a network, which is why human error is still one of the biggest security concerns. For example, a phishing email may trick an employee into clicking a malicious link and unknowingly giving an attacker access to company resources. To reduce these risks, organizations implement security policies and controls. Access control policies help ensure that employees only have access to the systems and data necessary to perform their job duties. This follows the principle of least privilege, which limits unnecessary access and reduces the potential damage if an account is compromised. Companies also use strong password policies, multi factor authentication, firewalls, antivirus software, and regular patch management to protect their networks from known vulnerabilities. Another important mitigation strategy is security awareness training. Employees are often the first line of defense against cyber threats. Teaching users how to recognize phishing attempts, suspicious websites, and social engineering attacks can significantly reduce the likelihood of a successful attack. Just like teaching a child not to talk to strangers, security awareness training helps employees recognize and avoid potential dangers before they become a larger problem. By combining technical controls, security policies, and user education, organizations can reduce vulnerabilities and better protect their networks from compromise. A layered security approach, often referred to as defense in depth, provides multiple levels of protection and helps strengthen an organization’s overall security posture.
-
June 22, 2026 at 12:59 pm #116424
Rodnika Brown
ParticipantYou really did a good job explained the different risks that companies face today and the steps they can take to reduce those risks. You did a good job pointing out that human error is still one of the biggest security concerns. It is easy to focus only on technology, but employees play a huge role in keeping networks secure.
Your example comparing security awareness training to teaching a child not to talk to strangers. That was a simple but effective way to explain why training is so important. Even with strong security tools like firewalls, antivirus software, and multi-factor authentication, one mistake can still create a security problem.
I also agree with your point about defense in depth. Having multiple layers of security helps protect an organization if one security control fails. No single solution can stop every threat, so combining policies, technical controls, and employee education is the best approach.
Overall, your post was well organized and easy to understand. You did a great job explaining why a layered security strategy is important for protecting an organization’s network and data.
-
-
June 20, 2026 at 11:00 am #116403
Eugene Estes
ParticipantComputer networks are important for modern businesses because they allow communication, store data, and perform day-to-day activities. These networks have many advantages, but they expose enterprises to several threats and weaknesses that might lead to a network compromise. Understanding these hazards and their effective mitigation measures is critical to maintaining a secure and reliable computer environment.
Today, the threats to companies from malware attacks are among the greatest. Malware includes viruses, worms, ransomware, and spyware and can infect systems, steal sensitive data, disrupt company operations, and cost companies a lot of money. Phishing attacks are also common, where fraudsters trick employees into revealing passwords, bank details, or other sensitive information using fake emails and websites.
Weak passwords and poor authentication methods could leave businesses vulnerable. Weak and often used passwords are often targeted by attackers to gain unauthorized access to company resources. Unpatched software faults could also serve as avenues of entry for hackers. Attackers can use known vulnerabilities to attack computers when operating systems and apps are not regularly updated.
Organizations should have robust security measures in place to mitigate these dangers. “Robust password and authentication policies requiring complex passwords and multi-factor authentication are critical.” As a result, the chances of unwanted access are considerably reduced. Another key strategy is a regular patch management policy that ensures the prompt application of software updates and security patches to address known vulnerabilities.
Employee security awareness training is also critical. Many of these problems can be prevented by training personnel on social engineering techniques, phishing attempts, and safe online activities. To strengthen network security, businesses should introduce more technical measures such as firewalls, antivirus software, intrusion detection systems, and data encryption.
Another technique to make sure workers only have access to the data they need to do their tasks is to enforce access control limitations. With incident response strategies and regular backups, companies may recover quickly from a security breach.-
June 21, 2026 at 10:36 pm #116414
Seth Brumfield
ParticipantIt is kind of insane how everything is interconnected. With everything being intertwined it makes more vulnerabilities in my opinion. Large corporations have software and computer systems to manage inventory levels and view that everything is happening on time. This system might also be connected to payroll systems which could pose a threat to individuals. Like you said it is important for modern business for communication, store data, and day-to-day activities, we are so reliant on that!
-
-
June 20, 2026 at 2:13 pm #116406
Rodnika Brown
ParticipantCompanies today face many risks and vulnerabilities that can lead to a network compromise. Some of the most common threats include phishing attacks, malware, ransomware, weak passwords, insider threats, and unpatched software. Cybercriminals often target employees because human error is one of the easiest ways to gain access to a network. As technology continues to grow, companies must also deal with risks from cloud services, remote work environments, and connected devices.
To reduce these risks, organizations need strong security policies and procedures. Some effective mitigation strategies include requiring strong passwords and multi-factor authentication keeping systems updated with security patches, providing regular cybersecurity training for employees, and using firewalls and intrusion detection systems. Companies should also perform regular backups and create incident response plans so they can recover quickly if an attack occurs.
-
June 22, 2026 at 11:39 pm #116679
Logan Krape
ParticipantHey Rodnika, I think the importance of strong security policies and procedures is definitely at an all time high today. It is so important to have a strong password and multi-factor authentication for all systems. I know when I started my job that the device they gave me had a password I couldn’t memorize because of security precautions. I know most places of employment now are big on cybersecurity training for employees, and I think as cyberthreats grow stronger, there will have to be multiple trainings just to cover everything. I think you did a good job explaining; thank you!
-
-
-
AuthorPosts
- You must be logged in to reply to this topic.



