Threat Agent Library Helps Identify Information Security Risks
ثبت نشده
چکیده
Intel IT developed a unique standardized threat agent library (TAL) that provides a consistent, up-to-date reference describing the human agents that pose threats to IT systems and other information assets. The TAL quickly helps risk managers identify accurately and understand the importance of relevant threat agents. The library consists of 22 standardized archetypes defined using eight common attributes; the archetypes represent external and internal threat agents ranging from industrial spies to untrained employees. The library is designed to overcome the lack of standard threat agent definitions and the problem that threat information is often fragmented and sensationalized.
منابع مشابه
Users as the Biggest Threats to Security of Health Information Systems
There are a lot of researches in the world about attacks on information systems (IS). Although there have been many attempts to classify threats of IS’s especially in Health Information Systems (HIS), it is still necessary for all health organization to identify new threats and their sources which threaten security of health care domain. The main aim of this paper is to present a research agend...
متن کاملMind the Threat! A Qualitative Case Study on Information Security Awareness Programs in European Banks
This case study aims to analyze the dynamics in banks, which implement an information security awareness (ISA) program. In detail, we describe ISA programs in three major banks from three Central Eastern European countries. We examine how the specific context shapes different phases of its implementation. The contextual differentiation helps us to discover how specific characteristics of ISA pr...
متن کاملClassification of Security Threats in Information Systems
Information systems are frequently exposed to various types of threats which can cause different types of damages that might lead to significant financial losses. Information security damages can range from small losses to entire information system destruction. The effects of various threats vary considerably: some affect the confidentiality or integrity of data while others affect the availabi...
متن کاملA Six-View Perspective Framework for System Security: Issues, Risks, and Requirements
To secure information systems, the security risks and requirements must be clearly understood before the proper security mechanisms can be identified and designed. Today’s security requirement specifications are generally incomplete and narrowly focused, which leads to ineffective security designs of information systems. The author asserts that multiple views—management, threat, resource, proce...
متن کاملSecurity and Privacy Requirements Analysis within a Social Setting
Security issues for software systems ultimately concern relationships among social actors stakeholders, system users, potential attackers and the software acting on their behalf. This paper proposes a methodological framework for dealing with security and privacy requirements based on i*, an agent-oriented requirements modeling language. The framework supports a set of analysis techniques. In p...
متن کامل