{"id":49452,"date":"2024-04-23T00:00:00","date_gmt":"2024-04-22T22:00:00","guid":{"rendered":"https:\/\/jotelulu.com\/blog\/risk-and-threat-assessment-for-smes\/"},"modified":"2024-04-23T00:00:00","modified_gmt":"2024-04-22T22:00:00","slug":"risk-threat-assessment-sme","status":"publish","type":"post","link":"https:\/\/jotelulu.com\/en-gb\/blog\/risk-threat-assessment-sme\/","title":{"rendered":"Risk and Threat Assessment for SMEs"},"content":{"rendered":"<p>Today, we&rsquo;re going to look at the steps to follow when carrying out a <strong>risk and threat assessment for<\/strong><strong>&nbsp;an SME<\/strong>.<\/p>\n<p>When it comes to&nbsp;<strong>defining a business&rsquo;s security infrastructure <\/strong>or disaster recovery plan, one of the hardest steps is&nbsp;<strong>correctly identifying, evaluating and prioritising the relevant risks or threats<\/strong>.<\/p>\n<p>&nbsp;<\/p>\n<h2><strong>A brief introduction to risk and threat assessment for SMEs<\/strong><\/h2>\n<p><strong>Risk assessment&nbsp;<\/strong>is a&nbsp;<strong>fundamental component&nbsp;<\/strong>of security planning in any company. This activity aims to <strong>identify and address any potential threats&nbsp;<\/strong>that could impact the company&rsquo;s operations or even put its survival at risk.<\/p>\n<p>To help you with this task, we&rsquo;ve come up with a simple 9-step guide for you to follow and ensure that you&rsquo;re fully prepared for anything that might arise.<\/p>\n<ul>\n<li>Step 1: <strong>Identify your company&rsquo;s assets<\/strong><\/li>\n<li>Step 2: <strong>Identify the potential threats<\/strong><\/li>\n<li>Step 3: <strong>Evaluate any vulnerabilities<\/strong><\/li>\n<li>Step 4: <strong>Estimate the potential impact<\/strong><\/li>\n<li>Step 5: Estimate the <strong>probability of occurrence<\/strong><\/li>\n<li>Step 6: <strong>Rank the potential risks<\/strong><\/li>\n<li>Step 7: Implement <strong>mitigation strategies<\/strong><\/li>\n<li>Step 8: Implement <strong>control measures<\/strong><\/li>\n<li>Step 9: <strong>Continuous Improvement<\/strong><\/li>\n<\/ul>\n<p>So, let&rsquo;s now take a look at each of them in more detail.<\/p>\n<p>&nbsp;<\/p>\n<h3><strong>Step 1: Identify your company&rsquo;s assets<\/strong><\/h3>\n<p>You might remember, years ago, there was a tyre advert that carried the slogan &laquo;Power without control is nothing&raquo;. Personally, I think it&rsquo;s one of the best marketing campaigns ever. You might also be familiar with the following quote by Lord Kelvin: &laquo;What is not defined cannot be measured. What is not measured, cannot be improved. What is not improved, is always degraded&raquo;.<\/p>\n<p>Whether you&rsquo;re familiar with these maxims or not, they form the foundations of what we&rsquo;re about to talk about. The very first step to risk and threat assessment is to&nbsp;<strong>identify your company&rsquo;s assets<\/strong>, making sure that you capture all of your most&nbsp;<strong>critical assets&nbsp;<\/strong>which could impact production or the company&rsquo;s finances.<\/p>\n<p>But, what is an asset? To answer this we&rsquo;ll refer to the ITIL (Information Technology Infrastructure Library), which defines an asset as <strong>a<\/strong><strong>ny financially valuable component that can contribute to the delivery of an IT product or service<\/strong>. So, anything from a server to a chair.<\/p>\n<p>Now that you know what an asset is, it&rsquo;s time to <strong>number and categorise each element of the business, <\/strong>including your IT systems, devices, physical facilities, data and even human resources.<\/p>\n<p>You should also include any confidential information, customer data, intellectual property and other information that is critical to the running of your business.<\/p>\n<p>&nbsp;<\/p>\n<h3><strong>Step 2: Identify the potential threats<\/strong><\/h3>\n<p>Once you have identified your assets, it&rsquo;s time to&nbsp;<strong>identify the potential threats&nbsp;<\/strong>that could affect them.<\/p>\n<p>During this step, it&rsquo;s not uncommon for you to stumble across other assets that you missed in Step 1. This is one of the reasons why we have Step 9, which seeks to continually review what you have done and check whether it needs updating.<\/p>\n<p><strong>Potential threats&nbsp;<\/strong>can include both&nbsp;<strong>physical threats&nbsp;<\/strong>and&nbsp;<strong>cyber threats<\/strong>. Physical threats are things like natural disasters, such as earthquakes, flooding, fires, etc. Cyber threats include things like viruses, malware, phishing, data exfiltration, backup failures, etc. And of course, we can&rsquo;t forget other risks such as theft, a terrorist attack, an accident, sabotage or human error. You basically want to cover any possible event that has the potential to impact operations.<\/p>\n<p><strong>NOTE:<\/strong> <em>Remember <strong>threats can be both internal and external<\/strong>.<\/em><\/p>\n<p>As a reference, you might refer to the <a href=\"https:\/\/administracionelectronica.gob.es\/pae_Home\/pae_Documentacion\/pae_Metodolog\/pae_Magerit.html?idioma=en\">Magerit guides<\/a> made available by the Spanish government, particularly&nbsp;the Threats section of the book on <a href=\"https:\/\/administracionelectronica.gob.es\/pae_Home\/en\/dam\/jcr:eea9fd1f-ced2-40e6-870d-a1ba483dece7\/BIBLIOTECA_PUBLICACIONES_MAGERIT_VOL_III_INGLES.pdf\">Techniques<\/a>.<\/p>\n<p>&nbsp;<\/p>\n<h3><strong>Step 3: Evaluate any vulnerabilities<\/strong><\/h3>\n<p>Now that you&rsquo;ve identified your assets and the potential threats that could affect them, it&rsquo;s time to&nbsp;<strong>thoroughly examine your company&rsquo;s vulnerabilities<\/strong>. To do this, you&rsquo;ll need to review each system, process and security control and identify every possible point that could be exploited by an attacker.<\/p>\n<p>You will need to consider all potential security breaches, whether they concern network components, protocols, operating systems or something else. Especially review software components, such as applications or services, bearing in mind that a lack of updates or obsolescence can make these susceptible to failure or attack.<\/p>\n<p><strong>NOTE:<\/strong>&nbsp;<em>It&rsquo;s good practice to keep your apps and systems updated and check the latest attack reports, security trends or zero-day attacks.<\/em><\/p>\n<p>&nbsp;<\/p>\n<h3><strong>Step 4: Estimate the potential impact<\/strong><\/h3>\n<p>Once you&rsquo;ve identified your assets, the potential threats and your company&rsquo;s vulnerabilities, it&rsquo;s time to think about&nbsp;<strong>the potential impact of each threat<\/strong>. To do this, you should go through each asset, threat or vulnerability, one by one, and think carefully about:<\/p>\n<ul>\n<li>The&nbsp;<strong>financial impact&nbsp;<\/strong>or cost.<\/li>\n<li>The&nbsp;<strong>operational disruption&nbsp;<\/strong>to the business.<\/li>\n<li>How much <strong>data would be lost<\/strong><\/li>\n<li>Potential <strong>reputational damage<\/strong><\/li>\n<li>And, above all, the <strong>human impact<\/strong><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h3><strong>Step 5: Estimate the probability of occurrence<\/strong><\/h3>\n<p>Now it&rsquo;s time to consider how&nbsp;<strong>likely each threat is to occur<\/strong>. To do this, you should refer to&nbsp;<strong>trend data, previous risk assessments, historical data<\/strong> and any other experiences that might provide you with some insight.<\/p>\n<p>&nbsp;<\/p>\n<h3><strong>Step 6: Rank the potential risks<\/strong><\/h3>\n<p>OK. So far, you have identified your critical assets, potential threats and where the weak points are in your business. You&rsquo;ve also rated the severity of the impact and the likelihood of each threat occurring.<\/p>\n<p>Now it&rsquo;s time to use this information to rate the level of risk associated with each threat. To do this, we just use the following formula:<\/p>\n<p style=\"text-align: center\"><strong><em>RISK = PROBABILITY x IMPACT<\/em><\/strong><\/p>\n<p>By describing risk in this way, we will be able to allocate the necessary resources to the most urgent or critical threats.<\/p>\n<p>While we have used categories for this exercise (High Probability, High Impact, etc.), many companies choose to use a scale of 1-10. Choose whichever you&rsquo;re most comfortable with.<\/p>\n<p><figure id=\"attachment_6676\" aria-describedby=\"caption-attachment-6676\" style=\"width: 4079px\" class=\"wp-caption alignnone\"><img decoding=\"async\" data-recalc-dims=\"1\" loading=\"lazy\" class=\"wp-image-6676 size-full\" src=\"https:\/\/i0.wp.com\/jotelulu.com\/en-gb\/wp-content\/uploads\/sites\/3\/2024\/04\/EN_risk-threat-assessment-sme.png?resize=800%2C519&amp;ssl=1\" alt=\"risk threat assessment sme\" width=\"800\" height=\"519\"><figcaption id=\"caption-attachment-6676\" class=\"wp-caption-text\">Image. Risk assessment Matrix<\/figcaption><\/figure>\n<\/p>\n<p>Once you have carried out this exercise, you can then create a&nbsp;<strong>risk matrix,&nbsp;<\/strong>like the one shown below,&nbsp;<strong>which helps to visually show&nbsp;<\/strong>the potential risks using a&nbsp;<strong>colour map<\/strong>.<\/p>\n<p>&nbsp;<\/p>\n<h3><strong>Step 7: Implement mitigating actions<\/strong><\/h3>\n<p>Now that you&rsquo;ve carried out a thorough analysis of the potential threats, it&rsquo;s time to identify what potential&nbsp;<strong>actions you could implement to reduce or eliminate the associated risks<\/strong>. Obviously, you should start with the most critical items or those that can be easily eliminated.<\/p>\n<p>There are essential&nbsp;<strong>four basic approaches&nbsp;<\/strong>to mitigating threats:<\/p>\n<ul>\n<li><strong>Transfer the risk<\/strong>: This means the risk is taken care of by a third party, such as an insurer or a sub-contractor.<\/li>\n<li><strong>Eliminate the risk<\/strong>: This is normally done by removing the machine or service involved. Otherwise, it&rsquo;s quite complicated.<\/li>\n<li><strong>Accept the risk<\/strong>: This is a common approach when the cost of reducing or eliminating the risk is far greater than the potential impact if the threat occurs. However, this DOES NOT APPLY if the threat poses a risk to human life.<\/li>\n<li><strong>Mitigate the risk<\/strong>: This approach is chosen when a risk cannot be completely eliminated but it can be reduced or mitigated. An example of this are server clusters.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h3><strong>Step 8: Implement control measures<\/strong><\/h3>\n<p>Once you&rsquo;ve come up with your mitigating actions and reduced all the potential risks as much as possible, it&rsquo;s time to <strong>implement some control measures&nbsp;<\/strong>in order to keep risks at&nbsp;<strong>acceptable levels<\/strong>.<\/p>\n<p>To do this, you should establish an&nbsp;<strong>investment strategy&nbsp;<\/strong>to ensure that&nbsp;<strong>policies and procedures are up to date<\/strong> and <strong>new&nbsp;technology is adopted&nbsp;<\/strong>where possible. You should also ensure that&nbsp;<strong>technical staff are fully trained&nbsp;<\/strong>and that all employees are&nbsp;<strong>fully aware of the importance&nbsp;<\/strong>of IT security and the policies adopted by the company.<\/p>\n<p>&nbsp;<\/p>\n<h3><strong>Step 9: Continuous Improvement<\/strong><\/h3>\n<p>The final step in the process is to make sure that you don&rsquo;t&nbsp;<strong>rest on your laurels<\/strong>. You may have done a lot of work, but it will all be <strong>for nothing&nbsp;<\/strong>if you don&rsquo;t review your assessments and update them when new threats or risks emerge.<\/p>\n<p>There&rsquo;s no point in establishing a risk management policy if it&rsquo;s not up to date. Threats are constantly evolving, and you will need to make an effort to keep up with them.<\/p>\n<p>This means carrying out regular risk assessments, keeping up to date with the latest viruses, bugs or vulnerabilities and making sure that everything is well documented.<\/p>\n<p>&nbsp;<\/p>\n<h2><strong>Conclusion<\/strong><\/h2>\n<p>In this article, we have taken a closer look at&nbsp;<strong>risk and threat assessment for SMEs<\/strong> and we have set out a 9-step method to help you get started. While this method might be a bit of a deviation from the traditional 6-step method, we think it makes the different tasks easier to understand and allows us to put a special emphasis on continuous improvement.<\/p>\n<p>We hope that this article helps you to&nbsp;<strong>identify the threats to your business and mitigate the risks accordingly<\/strong>. That way, you can be sure that you have protected your business for the long term and are well-prepared should disaster strike.<\/p>\n<p>If you would like to learn more about business continuity planning, check out some of these articles:<\/p>\n<ul>\n<li><a href=\"https:\/\/jotelulu.com\/en-gb\/blog\/disaster-recovery-doloroso\/\" target=\"_blank\" rel=\"noopener\">Why is Disaster Recovery Such a Headache?<\/a><\/li>\n<li><a href=\"https:\/\/jotelulu.com\/en-gb\/blog\/que-es-y-por-que-necesitamos-disaster-recovery\/\" target=\"_blank\" rel=\"noopener\">Disaster Recovery: What Is It and Why Do We Need It?<\/a><\/li>\n<li><a href=\"https:\/\/jotelulu.com\/en-gb\/blog\/disaster-recovery-rpo-rto-wrt-mtd\/\" target=\"_blank\" rel=\"noopener\" class=\"broken_link\">Disaster Recovery: What are RPO, RTO, WRT and MTD?<\/a><\/li>\n<\/ul>\n<p>Thanks for reading!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Today, we&rsquo;re going to look at the steps to follow when carrying out a risk and threat assessment for&nbsp;an SME. When it comes to&nbsp;defining a business&rsquo;s security infrastructure or disaster recovery plan, one of the hardest steps is&nbsp;correctly identifying, evaluating and prioritising the relevant risks or threats. &nbsp; A brief introduction to risk and threat [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":41336,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[58],"tags":[],"class_list":["post-49452","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-recursos-sysadmin-en"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Risk and Threat Assessment for SMEs - Jotelulu<\/title>\n<meta name=\"description\" content=\"Today, we&#039;re going to look at the steps to follow when carrying out a risk and threat assessment for an SME.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jotelulu.com\/en-gb\/blog\/risk-threat-assessment-sme\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Risk and Threat Assessment for SMEs - Jotelulu\" \/>\n<meta property=\"og:description\" content=\"Today, we&#039;re going to look at the steps to follow when carrying out a risk and threat assessment for an SME.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jotelulu.com\/en-gb\/blog\/risk-threat-assessment-sme\/\" \/>\n<meta property=\"og:site_name\" content=\"Jotelulu\" \/>\n<meta property=\"article:published_time\" content=\"2024-04-22T22:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jotelulu.com\/wp-content\/uploads\/2024\/04\/markus-spiske-VO5w2Ida70s-unsplash-scaled-2.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1706\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Juan Ignacio Oller Aznar\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Juan Ignacio Oller Aznar\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/blog\\\/risk-threat-assessment-sme\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/blog\\\/risk-threat-assessment-sme\\\/\"},\"author\":{\"name\":\"Juan Ignacio Oller Aznar\",\"@id\":\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/#\\\/schema\\\/person\\\/2ae97818cae086c48f108cd74234aca9\"},\"headline\":\"Risk and Threat Assessment for SMEs\",\"datePublished\":\"2024-04-22T22:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/blog\\\/risk-threat-assessment-sme\\\/\"},\"wordCount\":1632,\"image\":{\"@id\":\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/blog\\\/risk-threat-assessment-sme\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/jotelulu.com\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/markus-spiske-VO5w2Ida70s-unsplash-scaled-2.jpg\",\"articleSection\":[\"Recursos Sysadmin\"],\"inLanguage\":\"en-GB\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/blog\\\/risk-threat-assessment-sme\\\/\",\"url\":\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/blog\\\/risk-threat-assessment-sme\\\/\",\"name\":\"Risk and Threat Assessment for SMEs - Jotelulu\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/blog\\\/risk-threat-assessment-sme\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/blog\\\/risk-threat-assessment-sme\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/jotelulu.com\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/markus-spiske-VO5w2Ida70s-unsplash-scaled-2.jpg\",\"datePublished\":\"2024-04-22T22:00:00+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/#\\\/schema\\\/person\\\/2ae97818cae086c48f108cd74234aca9\"},\"description\":\"Today, we're going to look at the steps to follow when carrying out a risk and threat assessment for an SME.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/blog\\\/risk-threat-assessment-sme\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/blog\\\/risk-threat-assessment-sme\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/blog\\\/risk-threat-assessment-sme\\\/#primaryimage\",\"url\":\"https:\\\/\\\/jotelulu.com\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/markus-spiske-VO5w2Ida70s-unsplash-scaled-2.jpg\",\"contentUrl\":\"https:\\\/\\\/jotelulu.com\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/markus-spiske-VO5w2Ida70s-unsplash-scaled-2.jpg\",\"width\":2560,\"height\":1706,\"caption\":\"evaluar riesgos pyme\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/blog\\\/risk-threat-assessment-sme\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Portada\",\"item\":\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Risk and Threat Assessment for SMEs\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/#website\",\"url\":\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/\",\"name\":\"Jotelulu\",\"description\":\"Cloud Paradise for Tech Companies\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/#\\\/schema\\\/person\\\/2ae97818cae086c48f108cd74234aca9\",\"name\":\"Juan Ignacio Oller Aznar\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/87efd80399b2c40a1d78dd5cee4e788d3f6c29d33e3b67bcfbc6abbf91d0fdcf?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/87efd80399b2c40a1d78dd5cee4e788d3f6c29d33e3b67bcfbc6abbf91d0fdcf?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/87efd80399b2c40a1d78dd5cee4e788d3f6c29d33e3b67bcfbc6abbf91d0fdcf?s=96&d=mm&r=g\",\"caption\":\"Juan Ignacio Oller Aznar\"},\"url\":\"https:\\\/\\\/jotelulu.com\\\/en-gb\\\/author\\\/juanignaciooller\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Risk and Threat Assessment for SMEs - Jotelulu","description":"Today, we're going to look at the steps to follow when carrying out a risk and threat assessment for an SME.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jotelulu.com\/en-gb\/blog\/risk-threat-assessment-sme\/","og_locale":"en_GB","og_type":"article","og_title":"Risk and Threat Assessment for SMEs - Jotelulu","og_description":"Today, we're going to look at the steps to follow when carrying out a risk and threat assessment for an SME.","og_url":"https:\/\/jotelulu.com\/en-gb\/blog\/risk-threat-assessment-sme\/","og_site_name":"Jotelulu","article_published_time":"2024-04-22T22:00:00+00:00","og_image":[{"width":2560,"height":1706,"url":"https:\/\/jotelulu.com\/wp-content\/uploads\/2024\/04\/markus-spiske-VO5w2Ida70s-unsplash-scaled-2.jpg","type":"image\/jpeg"}],"author":"Juan Ignacio Oller Aznar","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Juan Ignacio Oller Aznar","Estimated reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/jotelulu.com\/en-gb\/blog\/risk-threat-assessment-sme\/#article","isPartOf":{"@id":"https:\/\/jotelulu.com\/en-gb\/blog\/risk-threat-assessment-sme\/"},"author":{"name":"Juan Ignacio Oller Aznar","@id":"https:\/\/jotelulu.com\/en-gb\/#\/schema\/person\/2ae97818cae086c48f108cd74234aca9"},"headline":"Risk and Threat Assessment for SMEs","datePublished":"2024-04-22T22:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/jotelulu.com\/en-gb\/blog\/risk-threat-assessment-sme\/"},"wordCount":1632,"image":{"@id":"https:\/\/jotelulu.com\/en-gb\/blog\/risk-threat-assessment-sme\/#primaryimage"},"thumbnailUrl":"https:\/\/jotelulu.com\/wp-content\/uploads\/2024\/04\/markus-spiske-VO5w2Ida70s-unsplash-scaled-2.jpg","articleSection":["Recursos Sysadmin"],"inLanguage":"en-GB"},{"@type":"WebPage","@id":"https:\/\/jotelulu.com\/en-gb\/blog\/risk-threat-assessment-sme\/","url":"https:\/\/jotelulu.com\/en-gb\/blog\/risk-threat-assessment-sme\/","name":"Risk and Threat Assessment for SMEs - Jotelulu","isPartOf":{"@id":"https:\/\/jotelulu.com\/en-gb\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jotelulu.com\/en-gb\/blog\/risk-threat-assessment-sme\/#primaryimage"},"image":{"@id":"https:\/\/jotelulu.com\/en-gb\/blog\/risk-threat-assessment-sme\/#primaryimage"},"thumbnailUrl":"https:\/\/jotelulu.com\/wp-content\/uploads\/2024\/04\/markus-spiske-VO5w2Ida70s-unsplash-scaled-2.jpg","datePublished":"2024-04-22T22:00:00+00:00","author":{"@id":"https:\/\/jotelulu.com\/en-gb\/#\/schema\/person\/2ae97818cae086c48f108cd74234aca9"},"description":"Today, we're going to look at the steps to follow when carrying out a risk and threat assessment for an SME.","breadcrumb":{"@id":"https:\/\/jotelulu.com\/en-gb\/blog\/risk-threat-assessment-sme\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jotelulu.com\/en-gb\/blog\/risk-threat-assessment-sme\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/jotelulu.com\/en-gb\/blog\/risk-threat-assessment-sme\/#primaryimage","url":"https:\/\/jotelulu.com\/wp-content\/uploads\/2024\/04\/markus-spiske-VO5w2Ida70s-unsplash-scaled-2.jpg","contentUrl":"https:\/\/jotelulu.com\/wp-content\/uploads\/2024\/04\/markus-spiske-VO5w2Ida70s-unsplash-scaled-2.jpg","width":2560,"height":1706,"caption":"evaluar riesgos pyme"},{"@type":"BreadcrumbList","@id":"https:\/\/jotelulu.com\/en-gb\/blog\/risk-threat-assessment-sme\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Portada","item":"https:\/\/jotelulu.com\/en-gb\/"},{"@type":"ListItem","position":2,"name":"Risk and Threat Assessment for SMEs"}]},{"@type":"WebSite","@id":"https:\/\/jotelulu.com\/en-gb\/#website","url":"https:\/\/jotelulu.com\/en-gb\/","name":"Jotelulu","description":"Cloud Paradise for Tech Companies","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jotelulu.com\/en-gb\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/jotelulu.com\/en-gb\/#\/schema\/person\/2ae97818cae086c48f108cd74234aca9","name":"Juan Ignacio Oller Aznar","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/secure.gravatar.com\/avatar\/87efd80399b2c40a1d78dd5cee4e788d3f6c29d33e3b67bcfbc6abbf91d0fdcf?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/87efd80399b2c40a1d78dd5cee4e788d3f6c29d33e3b67bcfbc6abbf91d0fdcf?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/87efd80399b2c40a1d78dd5cee4e788d3f6c29d33e3b67bcfbc6abbf91d0fdcf?s=96&d=mm&r=g","caption":"Juan Ignacio Oller Aznar"},"url":"https:\/\/jotelulu.com\/en-gb\/author\/juanignaciooller\/"}]}},"_links":{"self":[{"href":"https:\/\/jotelulu.com\/en-gb\/wp-json\/wp\/v2\/posts\/49452","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jotelulu.com\/en-gb\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jotelulu.com\/en-gb\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jotelulu.com\/en-gb\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/jotelulu.com\/en-gb\/wp-json\/wp\/v2\/comments?post=49452"}],"version-history":[{"count":0,"href":"https:\/\/jotelulu.com\/en-gb\/wp-json\/wp\/v2\/posts\/49452\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jotelulu.com\/en-gb\/wp-json\/wp\/v2\/media\/41336"}],"wp:attachment":[{"href":"https:\/\/jotelulu.com\/en-gb\/wp-json\/wp\/v2\/media?parent=49452"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jotelulu.com\/en-gb\/wp-json\/wp\/v2\/categories?post=49452"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jotelulu.com\/en-gb\/wp-json\/wp\/v2\/tags?post=49452"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}