Applied data communications: a business-oriented approach
Applied data communications: a business-oriented approach
Enemy at the gate: threats to information security
Communications of the ACM - Program compaction
A teaching module to introduce encryption for web users
InfoSecCD '05 Proceedings of the 2nd annual conference on Information security curriculum development
| Hi-index | 0.00 |
Business executives often do not understand the environment in which the security function operates and what questions they should be asking their network administrators and security personnel. The purpose of this article is to address this environment and the issues from the perspective of senior management. It does not address the technical details of security implementation but strives to establish a framework from which to view the security function and the impact it has on the operations of a business. First, the tension that results from the required balancing act that must exist between security and productivity is addressed. The extended risk analysis model is then employed to show how the interaction of threats and vulnerabilities produces risk. The available options risk management are also addressed. Finally, the CIA (Confidentiality, Integrity, and Availability) model is used to show the design alternatives that are available for the implementation of a security system.