Title :
Automated Risk and Utility Management
Author :
Ekelhart, Andreas ; Neubauer, Thomas ; Fenz, Stefan
Author_Institution :
Secure Bus. Austria, Vienna
Abstract :
Information security breaches pose major threats to the reliable execution of corporate strategies and may have negative effects on business value. Information security risk management (ISRM) provides an effective approach for assessing, mitigating, and evaluating information security risks. Existing ISRM approaches are highly accepted but demand very detailed knowledge about the IT security domain and the actual company environment. This paper presents the AURUM prototype that supports decision makers in selecting security measures according to organization-specific technical and economical requirements.
Keywords :
decision making; risk management; security of data; IT security domain; decision making; information security risk management; utility management; Bayesian methods; Conference management; Information security; Information technology; Investments; Ontologies; Prototypes; Risk management; Technology management; Web services; decision support; information security; risk management; security ontology;
Conference_Titel :
Information Technology: New Generations, 2009. ITNG '09. Sixth International Conference on
Conference_Location :
Las Vegas, NV
Print_ISBN :
978-1-4244-3770-2
Electronic_ISBN :
978-0-7695-3596-8
DOI :
10.1109/ITNG.2009.23
