Abstract

A Hybrid Model for Information Security Risk Assessment

Highlights

  • The ever-changing cyber activities evolved in a manner that circumvents the confidentiality, integrity and availability of control boundaries that are built in technologies

  • The process of threat identification and analysis against information asset provide a direction for carrying out an accurate risk assessment and implement appropriate countermeasures to mitigate the risks on resources and information

  • The threat identification and analysis are expanded in threat modeling methodologies and frameworks which are designed to follow a technical process to risk assessment

Read more

Summary

INTRODUCTION

The ever-changing cyber activities evolved in a manner that circumvents the confidentiality, integrity and availability of control boundaries that are built in technologies. The process of threat identification and analysis against information asset provide a direction for carrying out an accurate risk assessment and implement appropriate countermeasures to mitigate the risks on resources and information. The scope of the methodologies of threat analysis is expanded and discussed in detail as part of the process of application development life cycle using threat modeling techniques [4]. This capability does not extend to the ongoing risk management practices in order to identify, analyze and evaluate threats appropriately.

PROBLEM STATEMENT
Risk Management
Threat Modeling
RESEARCH GAP AND FINDINGS
PROPOSED SOLUTION
Business Alignment
Asset Profiling
Vulnerability Discovery
Threat Analysis
Risk Calculation
Control Gap Analysis
Risk Treatment
COMPARISON OF THREAT ANALYSIS PROCESS
CASE STUDY
Information Security Policy
Scope Statement
Asset Inventory
Vulnerability and Threat Assessment
Risk Assessment
CONCLUSION
Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
A Survey of Information Intelligent System Security Risk Assessment Models, Standards and Methods
Zijian Ying ... Shunmei Meng
-
Zijian Ying, et. al.Zijian Ying ... Shunmei Meng
01 Jan 2020
A Survey of Information Security Risk Analysis Methods
Armaghan Behnia
The Smart Computing Review | VOL. 2
Armaghan BehniaArmaghan Behnia
01 Feb 2012
A Comparative Survey for Evaluating Information Security Risk : Assessment Methods
Edward Wadid Morcos
Compunet ( The Egyptian Information Journal ) | VOL. 13
Edward Wadid MorcosEdward Wadid Morcos
01 Apr 2014
The model of information security risk assessment based on advanced evidence theory
Hou Qing ... Li Shaobo
International Journal of System Assurance Engineering and Management | VOL. 8
Hou Qing, et. al.Hou Qing ... Li Shaobo
10 Feb 2016
View more papers

More From: International Journal of Advanced Trends in Computer Science and Engineering

Paper Title
Journal
Date
Author
A Quantitative Analysis: Students Perception on Social Media among BSICT Students
-
International Journal of Advanced Trends in Computer Science and Engineering | VOL. 13
--
10 Aug 2024
Security Analysis of the BB84 Protocol in IoT Networks
-
International Journal of Advanced Trends in Computer Science and Engineering | VOL. 13
--
10 Aug 2024
The Correlation between Java Programming and BSICT Graduate Attributes of Information Technology Students at Surigao del Norte State University
-
International Journal of Advanced Trends in Computer Science and Engineering | VOL. 13
--
10 Aug 2024
Disease Detection In Rice And Wheat Leaves: A Comparative Study On Various Deep Learning Techniques
-
International Journal of Advanced Trends in Computer Science and Engineering | VOL. 13
--
10 Jun 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.