• DocumentCode
    3707049
  • Title

    Business Resilient Vulnerability Analysis for Dynamic High Security Environment

  • Author

    Klaus Zaerens

  • Author_Institution
    Dept. of Mil. Technol., Nat. Defence Univ., Helsinki, Finland
  • fYear
    2015
  • Firstpage
    242
  • Lastpage
    249
  • Abstract
    Vulnerability analysis methods have gained more interest in recent years, due to the publicity of international cyber attacks on critical infrastructure, emerging hacktivism and business reconnaissance. This shift has sparked discussion on the costs of risk management in software development. In this paper, we discuss vulnerability analysis in the context of critical systems: systems in which an operative outage endangers the continuity of the organization. As a solution to the expenses of improved information security, we define a concept termed business resilience, which offers a general reference point for relevant improvements to a system. In this context, business refers to any profit-centered element of an organization. We present an approach to determining the criticality of an identified threat to the business. We also propose a methodology for utilizing business resilience properties in dynamic environments, such as the high security networks used by the military. The discussion and views presented in this paper can be adopted by any organization concerned about sensitive and classified contents stored and communicated in current ICT systems in the context of cloud computing.
  • Keywords
    "Resilience","Investment","Context","Information security","Organizations"
  • Publisher
    ieee
  • Conference_Titel
    Network-Based Information Systems (NBiS), 2015 18th International Conference on
  • Type

    conf

  • DOI
    10.1109/NBiS.2015.39
  • Filename
    7350627