Copyright

IT Threat Mitigation: Definition & Strategies

Instructor: Lyna Griffin

Lyna has tutored undergraduate Information Management Systems and Database Development. She has a Bachelor's degree in Electrical Engineering and a Masters degree in Information Technology.

In this lesson, we will learn the importance of mitigation strategies in combating IT threats in computer systems. We will examine how the different strategic approaches are used prevent, detect, and correct threats to programs and systems.

What is IT Threat Mitigation?

The word mitigation means the act of reducing the severity or seriousness of the impact of something on a situation. IT Threat mitigation is therefore defined as the corrective actions, prevention or remedies put in place to combat or reduce IT threats on a computer, server or network. 'IT threats' is a very broad term that envelops physical, software, and hardware threats that any IT system may encounter.

Combating IT threats is a constantly evolving process as new technologies are created and those with malicious intent endeavor to keep up. Protection cannot be one size fits all. Proper protection demands multiple layers of defensive techniques.

For example, think of home security. We may live in a gated community (layer 1). On approaching our home, we will be seen by our security camera (layer 2). We will need a key to get through the front door (layer 3), and to get to our treasures we may need to know how to access a locked safe (Layer 4). We know all too well that the secure gate to the community is no guarantee of the security of our treasured items.

General Approaches

All the tools and techniques that constitute these multi-layered protection strategies against threats can be described as either preventive, detective or corrective strategies.

  • Preventive - This is when the strategies employ techniques that prohibit the occurrence of a threat on the weaknesses of the system.
  • Detective - This is when the strategies employ techniques that identify existing system threats.
  • Corrective - This is when the strategies employ techniques that correct or reduce the impact of detected threats.

Mitigation strategies

Administrative

Administrative strategies refer to the physical security measures, training, and education of users. These include the policies and procedures that must be understood and adhered to in the daily use of the program or system. An example of prevention of threats is seen in examining IT Policy. The specifics of a typical IT policy for users may include:

  • Users must immediately report the theft or loss of company proprietary equipment and or data.
  • The company reserves the right to conduct periodic audits on its systems and network to ensure user compliance with system policies.

The corrective and detective implications of this policy are that the company can quickly assess the damage or potential damage when data or equipment are lost. It can also rate the effectiveness of user compliance policies and access their level of risk exposure due to non-compliance of users and then update with more pro-active measures.

Networking

Networking strategies are technical implementations that are applied at the hardware level of programs and system architecture. They include the implementations of properly configured network routers, firewalls, hardware connectivity devices, and the choice of operating systems.

Some examples of this include looking at network activity logging. This can be a critical line of defense for the network. It entails the installation of a network monitor. This process monitors traffic in and out of the network, who installed what on the network, and the source and frequency of resources accessed. Operating system choice is also important as some operating systems are known to be more vulnerable to attacks.

The corrective and detective implications include that breaches may be picked up as soon as they happen and can be mitigated even before they manifest themselves. From a preventive aspect, using a more robust operating system can automatically reduce the degree of vulnerability in network architecture.

To unlock this lesson you must be a Study.com Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use Study.com

Become a Study.com member and start learning now.
Become a Member  Back
What teachers are saying about Study.com
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 160 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? Study.com has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Try it risk-free for 30 days!
Create An Account
Support