DocumentCode
3707049
Title
Business Resilient Vulnerability Analysis for Dynamic High Security Environment
Author
Klaus Zaerens
Author_Institution
Dept. of Mil. Technol., Nat. Defence Univ., Helsinki, Finland
fYear
2015
Firstpage
242
Lastpage
249
Abstract
Vulnerability analysis methods have gained more interest in recent years, due to the publicity of international cyber attacks on critical infrastructure, emerging hacktivism and business reconnaissance. This shift has sparked discussion on the costs of risk management in software development. In this paper, we discuss vulnerability analysis in the context of critical systems: systems in which an operative outage endangers the continuity of the organization. As a solution to the expenses of improved information security, we define a concept termed business resilience, which offers a general reference point for relevant improvements to a system. In this context, business refers to any profit-centered element of an organization. We present an approach to determining the criticality of an identified threat to the business. We also propose a methodology for utilizing business resilience properties in dynamic environments, such as the high security networks used by the military. The discussion and views presented in this paper can be adopted by any organization concerned about sensitive and classified contents stored and communicated in current ICT systems in the context of cloud computing.
Keywords
"Resilience","Investment","Context","Information security","Organizations"
Publisher
ieee
Conference_Titel
Network-Based Information Systems (NBiS), 2015 18th International Conference on
Type
conf
DOI
10.1109/NBiS.2015.39
Filename
7350627
Link To Document