• DocumentCode
    3408623
  • Title

    ICITST-2013: Keynote speaker 1: Principles of information security risk management

  • Author

    Wiley, Jeffrey J.

  • fYear
    2013
  • fDate
    9-12 Dec. 2013
  • Firstpage
    13
  • Lastpage
    13
  • Abstract
    This presentation discusses Risk-based Information Security as the follow-on to a checklist, compliance-based approach to information security. The presentation begins with an overview of the principles of information security and then covers risk concepts and risk management, including risk assessment, ratings and loss calculations. Next, the discussion turns to the two different information security approaches and the current methodologies to follow while using a risk-based approach. I provide a contrast and comparison of the methodologies and conclude by providing some useful takeaways for those in attendance to begin using immediately.
  • Keywords
    risk analysis; security of data; compliance-based approach; loss calculation; ratings; risk assessment; risk management; risk-based information security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Internet Technology and Secured Transactions (ICITST), 2013 8th International Conference for
  • Conference_Location
    London
  • Type

    conf

  • DOI
    10.1109/ICITST.2013.6750148
  • Filename
    6750148