DocumentCode
3408623
Title
ICITST-2013: Keynote speaker 1: Principles of information security risk management
Author
Wiley, Jeffrey J.
fYear
2013
fDate
9-12 Dec. 2013
Firstpage
13
Lastpage
13
Abstract
This presentation discusses Risk-based Information Security as the follow-on to a checklist, compliance-based approach to information security. The presentation begins with an overview of the principles of information security and then covers risk concepts and risk management, including risk assessment, ratings and loss calculations. Next, the discussion turns to the two different information security approaches and the current methodologies to follow while using a risk-based approach. I provide a contrast and comparison of the methodologies and conclude by providing some useful takeaways for those in attendance to begin using immediately.
Keywords
risk analysis; security of data; compliance-based approach; loss calculation; ratings; risk assessment; risk management; risk-based information security;
fLanguage
English
Publisher
ieee
Conference_Titel
Internet Technology and Secured Transactions (ICITST), 2013 8th International Conference for
Conference_Location
London
Type
conf
DOI
10.1109/ICITST.2013.6750148
Filename
6750148
Link To Document