Title :
Security risk analysis based on probability of system failure, attacks and vulnerabilities
Author_Institution :
American Univ. in Dubai (AUD), Dubai
Abstract :
Network security management plays a crucial role in protecting organization assets and its computer infrastructure. This can be done by identifying the vulnerabilities and developing effective control that reduces the risk of attacks and failures. Network risk assessment is a subjective process that is linked to multiple variables. These variables are associated with the organization assets and their impact on the health of the organization. To preserve the value of these assets, they must be protected from failure or attacks. In addition vulnerability assessment must be undertaken to assess the value of these assets for possible deficiency that would cause successful attacks. The main factors affecting failure are possible of system failure, threats which can be related to internal and external attacks, environmental threat, and process related threats. A risk management methodology is described in this paper to assist managers in evaluating the security risk of their organization. This risk is based on multiple variables that are related to vulnerabilities, probability of failure, and possible attacks caused by threats.
Keywords :
probability; risk analysis; security of data; network security management; organization asset; risk management; security risk analysis; system failure probability; vulnerability assessment; Business continuity; Computer network management; Computer networks; Computer security; Information management; Information security; Management information systems; Protection; Risk analysis; Risk management; Management security; attacks; risk analysis;
Conference_Titel :
Computer Systems and Applications, 2009. AICCSA 2009. IEEE/ACS International Conference on
Conference_Location :
Rabat
Print_ISBN :
978-1-4244-3807-5
Electronic_ISBN :
978-1-4244-3806-8
DOI :
10.1109/AICCSA.2009.5069434
