Information Security Risk Analysis

Authors:
Thomas R. Peltier
Affiliations:
-
Venue:
Information Security Risk Analysis
Year:
2000

Citing 0
Cited 11

Information security is information risk management

Proceedings of the 2001 workshop on New security paradigms
Algebraic specification of network security risk management

Proceedings of the 2003 ACM workshop on Formal methods in security engineering
Civic responsibility and information security: an information security management, service learning course

Proceedings of the 1st annual conference on Information security curriculum development
Economic acceptable risk assessment model

Proceedings of the 5th annual conference on Information security curriculum development
Employing the social-technical perspective in identifying security management systems in organisations

International Journal of Business Information Systems
Formalizing information security knowledge

Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
The design and implementation of tamper resistance for mobile game service

Mobile Information Systems - Mobile and Wireless Networks
Analyzing vulnerabilities and measuring security level at design and exploitation stages of computer network life cycle

MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Ontology-Based business knowledge for simulating threats to corporate assets

PAKM'06 Proceedings of the 6th international conference on Practical Aspects of Knowledge Management
Prioritizing countermeasures through the countermeasure method for software security (CM-Sec)

PROFES'10 Proceedings of the 11th international conference on Product-Focused Software Process Improvement
Countermeasure graphs for software security risk assessment: An action research

Journal of Systems and Software

Quantified Score

Hi-index	0.00

Visualization

Abstract

From the Publisher:Risk is a cost of doing business. The question is, "What are the risks, and what are their costs?" Knowing the vulnerabilities and threats that face your organization's information and systems is the first essential step in risk management. Information Security Risk Analysis shows you how to use cost-effective risk analysis techniques to identify and quantify the threatsboth accidental and purposefulthat your organization faces. The book steps you through the qualitative risk analysis process using techniques such as PARA (Practical Application of Risk Analysis) and FRAP (Facilitated Risk Analysis Process) to:oEvaluate tangible and intangible risksoUse the qualitative risk analysis processoIdentify elements that make up a strong Business Impact AnalysisoConduct risk analysis with confidenceManagement looks to you, its information security professional, to provide a process that allows for the systematic review of risk, threats, hazards, and concerns, and to provide cost-effective measures to lower risk to an acceptable level. You can find books that cover risk analysis for financial, environmental, and even software projects, but you will find none that apply risk analysis to information technology and business continuity planning or deal with issues of loss of systems configuration, passwords, information loss, system integrity, CPU cycles, bandwidth, and more. Information Security Risk Analysis shows you how to determine cost effective solutions for your organization's information technology.