RISK REGISTER



Risk ID What might happen? Likely to happen? (1-10) Impact if it happens? (1-10) Can I detect it? (1-10) Priority How to deal with risk?
1 AI Risk 1 1 1 1 Low Plan 1 to avoid or reduce risk
2 AI Risk 2 5 5 5 Medium Plan 2 to avoid or reduce risk
3 AI Risk 3 10 10 10 High Plan 3 to avoid or reduce risk


Go to the AI Risk Register



RISK RESPONSES


Train users
Train AI?
Restrict administrators privileges
Authenticate IoT devices?

Scan for vulnerabilities
White-list apps
Apply patches
Segment networks into security zones
Validate input
Install AntiMalware
Secure the on-ramps and off-ramps
Backup

Report incidents
Create a Business Continuity Plan

Cybersecurity resources



Common Weakness Enumeration (CWE)/SANS Top 25 Most Dangerous Software Errors

National Vulnerability Database (NIST) >80,000 Vulnerabilities

OWASP Top Ten Web and Mobile Risks

California's SB327 law took affect January 2020