Security Impact Ratings Considered Harmful
نویسندگان
چکیده
In this paper, we question the common practice of assigning security impact ratings to OS updates. Specifically, we present evidence that ranking updates by their perceived security importance, in order to defer applying some updates, exposes systems to significant risk. We argue that OS vendors and security groups should not focus on security updates to the detriment of other updates, but should instead seek update technologies that make it feasible to distribute updates for all disclosed OS bugs in a timely manner.
منابع مشابه
The Impact of Information Security Ratings on Vendor Competition 1 May 2009
Security breaches often stem from business partner failures within the value chain. There have been several recent efforts to develop a common reference for rating the information risk posed by partners. We develop a simple analytical model to examine the impact of such information security ratings on service providers, customers, and social welfare. While some might believe that ratings would ...
متن کاملThe Impact of Professional Information Security Ratings on Vendor Competition 1 September 2009
Security breaches often stem from business partner failures within the value chain. There have been several recent efforts to develop a common reference for rating the information risk posed by partners. We develop a simple analytical model to examine the impact of such information security ratings on service providers, customers, and social welfare. While some might believe that professional i...
متن کاملThe Impact of Information Security Ratings on Vendor Competition 1 March 2009
Security breaches often stem from business partner failures within the value chain. There have been several recent efforts to develop a common reference for rating the information risk posed by partners. We develop a simple analytical model to examine the impact of such information security ratings on service providers, customers, and social welfare. While some might believe that ratings would ...
متن کاملThe Impact of Information Security Ratings on Vendor Competition
Security breaches often stem from business partner failures within the value chain. There have been several recent efforts to develop a common reference for rating the information risk posed by partners. We develop a simple analytical model to examine the impact of such information security ratings on service providers, customers, and social welfare. While some might believe that ratings would ...
متن کاملAnalyzing the Impact of Credit Ratings on Firm Performance and Stock Returns: Evidence from Taiwan
The respective study covers three aspects; factors determining credit rating, credit rating impact on performance of entities and the relation between stock returns and credit rating. The study focuses on the firms listed in Taiwan Stock Exchange (TSE) of Taiwan. The empirical analysis uses the data of 50 firms rated by Taiwan Ratings Corporation (TRC) for the period 2010-2015. Two estimation t...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/0904.4058 شماره
صفحات -
تاریخ انتشار 2009