Final answer:
Mitigating the risk of attacks in an organization involves implementing preventive controls such as two-factor authentication and change management to ensure system changes are controlled. Additionally, developing resilience in critical national infrastructure and preparedness measures are crucial for robust security.
Step-by-step explanation:
To mitigate the risk of attacks, it is essential to implement preventive controls and change management processes within an organization. Preventive controls are measures put in place to avert unauthorized access or changes to systems, thereby reducing the incidence of security breaches. Examples of these can include the use of two-factor authentication, enforcing strong password policies, and educating employees on recognizing and avoiding phishing attempts.
Change controls refer to the procedures and mechanisms that ensure all changes to a system's hardware, software, or processes are introduced in a controlled and coordinated manner. The primary goal of change management is to minimize the impact of change-related incidents and improve the overall security posture. This involves having a structured approach to authorize, document, test, and implement changes while ensuring business continuity.
Moreover, ensuring the resilience of critical national infrastructure and implementing civil defense and emergency preparedness measures can strengthen an organization's capability to withstand and rapidly recover from various types of attacks, including those of a cyber nature or related to terrorism.