Frontend Developer(TypeScript/Vue)

'Intellectual property compromise' threat type - the software product is unlicensed or infringes copyright

'Sabotage' threat type - installs a worm that deletes or corrupts files

'Human error' threat type - an employee suddenly drops the organization's laptop to the ground

'Software attacks' threat type - a virus, worm or DOS attack destroys software or hardware

Impact of vulnerabilities:

Theft of the organization's product through a backdoor - Major

Malware installed on the network - Significant

Additional drivers required for the hard drive - Small impact

Vulnerabilities leading to operational shutdown - Catastrophic

Security policy:

Address security threats caused by different vulnerabilities

Monitor device usage and data transfers

Develop policies to meet legal and internal requirements

Implement through procedures

Email and domains:

High level in the [email] domain - uz

Methods to enforce the security policy - standards

Guarantee of legal compliance - regulatory documents

Policy elements:

Policy description - security stages, rules, and processes

Purpose - why the policy was established

Scope - who and what it covers

Rules and responsibilities - for employees and management

Sanctions and violations - the approval/denial process

Contacts - who to contact for violations