RISKS
and THREATS for I.T.
Cybersecurity - Risk, Threat, Vulnerability, Costs explained see also witiger.com/ecommerce/RiskAndThreatIntroTypesOfAttacks.htm |
. | This page
used in the following courses taught by Prof. Richardson
.
|
What
is a Risk - definitions |
, | Risk,
as it is used in information security consists of three basis components;
from www.transactionworld.com/articles/2005/May/compliance1.asp |
What
is a Risk - definitions |
, | The
Risk Equation
Risk
= Threat x Vulnerability
x Cost ( $ $)
- therefore in order to evaluate and quantify Risk, you need to
|
What
is a Risk |
, | The
difference between a Risk and a Threat
Risk
Threat
Simply put:
|
What
is a Risk |
, | Example
|
What
is a Vulnerability |
, | Vulnerability
is the chances of success of a particular threat against some asset.
For example, we have a threat
of heavy rain.
If the awning is tied down well, and made of heavy canvas, then there is no vulnerability with a normal heavy rain. If the rain approaches that of a hurricane, than we have a graduation to the level of being vulnerable. |
What
is a Vulnerability - assessment of the threat happening |
, | The key point in evaluating vulnerability is determining, as close as possible, the chances of the threat happening. One of the essential points in security management is using information about past indicents and the current environment to properly guesstimate the chances that a threat will, or will not take place - because it is this guess that determines how seriously you need to take the threat. |
What
are Costs |
, | "Cost is the total cost of the impact of a particular threat experienced by a vulnerable target. Hard-dollar costs are measured in terms of "real" damages to hardware or software, as well as quantifiable IT staff time and resources spent repairing these damages. Semi-hard costs might include such things as lost business or transaction time during a period of downtime. Soft costs include such things as lost end user productivity, public relations damage control, a decrease in user or public confidence or lost business opportunities." |
What
are Costs |
, | Evaluating
costs
In the case of the awning
in the backyard - we can hypothesize the following scenario
|
|
CONTACT I MAIN PAGE I NEWS GALLERY I E-BIZ SHORTCUTS I INT'L BIZ SHORTCUTS I MKTG&BUSINESS SHORTCUTS I TEACHING SCHEDULE |
. | |
MISTAKES ITEXTS USED I IMAGES I RANK IDISCLAIMER I STUDENT CONTRIBUTORS I FORMER STUDENTS I | |
. |