Startseite Principles for Better Information Security through More Accurate, Transparent Risk Scoring
Artikel
Lizenziert
Nicht lizenziert Erfordert eine Authentifizierung

Principles for Better Information Security through More Accurate, Transparent Risk Scoring

  • Kenneth G Crowther , Yacov Y. Haimes und M. Eric Johnson
Veröffentlicht/Copyright: 11. Mai 2010
Journal of Homeland Security and Emergency Management
Aus der Zeitschrift Journal of Homeland Security and Emergency Management Band 7 Heft 1

This paper explores approaches for scoring information security risk that could lead to investment drivers and drive appropriate levels of security. Our approach is grounded on two important factors that determine cyber risk: (1) the information security resources (e.g., technologies, skills, and policies) that reduce the likelihood and consequences of successful information exploits; and (2) the security processes and capabilities that drive a continuous improvement of the security resources in use. The quality of a cyber defense system is the result of the integration of these two factors. This manuscript proposes such a two-factor hierarchical system of scoring, details candidate measures, and explores economic conditions for selecting appropriate measures. We review several scoring systems available that contain elements from this proposed system and discuss conditions for market adoption of information security scoring.

Keywords: risk scoring; cyber security; information security; vulnerability; resilience
Published Online: 2010-5-11

©2011 Walter de Gruyter GmbH & Co. KG, Berlin/Boston

Artikel in diesem Heft

  1. Book Review
  2. Review of Building an Enterprise-Wide Business Continuity Program
  3. Review of Filling the Ark: Animal Welfare in Disasters
  4. Review of Anti-Americanism and the American World Order
  5. Review of Homeland Security: Assessing the First Five Years
  6. Review of Disaster Management: Global Challenges and Local Solutions
  7. Review of Who's In Charge?: Leadership during Epidemics, Bioterror Attacks, and Other Public Health Crises
  8. Review of Managing Security Overseas: Protecting Employees and Assets in Volatile Regions
  9. Review of Floodplain Management: A New Approach for a New Era
  10. Review of The Law of Emergencies: Public Health and Disaster Management
  11. Review of Terrorism, the Worker and the City: Simulations and Security in a Time of Terror
  12. Review of Social Science for Counterterrorism: Putting the Pieces Together
  13. Review of High Tech Terror: Recognition, Management and Prevention of Biological, Chemical, and Nuclear Injuries Secondary to Acts of Terrorism
  14. Review of Debating Terrorism and Counterterrorism: Conflicting Perspectives on Causes, Contexts, and Responses
  15. Review of A Paradise Built in Hell: The Extraordinary Communities That Arise in Disaster
  16. Review of Women, Gender and Disaster: Global Issues and Initiatives
  17. Review of Safeguarding Homeland Security: Governors and Mayors Speak Out
  18. Review of Disasters and Public Health: Planning and Response
  19. Review of Terrorism, Risk and the Global City: Towards Urban Resilience
  20. Review of The New Global Insecurity: How Terrorism, Environmental Collapse, Economic Inequalities and Resource Shortages Are Changing Our World
  21. Review of Willful Neglect: The Dangerous Illusion of Homeland Security
  22. Review of The Political Economy of Hazards and Disasters
  23. Review of Is America Safe? Terrorism, Homeland Security, and Emergency Preparedness
  24. Review of Catastrophe: Law, Politics, and the Humanitarian Impulse
  25. Review of Rebecca Gilman's Play A True History of the Johnstown Flood: A Back to the Future View of Environmental Disasters
  26. Review of Emergency Response to Domestic Terrorism: How Bureaucracies Reacted to the 1995 Oklahoma City Bombing
  27. Review of The Disaster Game
  28. Review of Risk Analysis and Security Countermeasure Selection
  29. Review of The Economics of Climate Change Policy: International, National and Regional Mitigation Strategies
  30. Review of Unfunding Terror: The Legal Response to the Financing of Global Terrorism
  31. Review of Would-Be Warriors: Incidents of Jihadist Terrorist Radicalization in the United States Since September 11, 2001
  32. Review of Clear as Mud: Planning for the Rebuilding of New Orleans
  33. Review of Building Safer Communities, Risk Governance, Spatial Planning and Responses to Natural Hazards
  34. Review of Catastrophic Disaster Planning and Response
  35. Review of Terrorism, Security and the Power of Informal Networks
  36. Research Article
  37. Liability in Search and Rescues: Should Individuals who Necessitate Their Own Rescues Have to Pay?
  38. Adaptation and Application of Federal Capabilities-Based Planning Models to Individual States: State of Colorado Case Study
  39. Does Federal Assistance to Health Departments for Bioterrorism Preparedness Improve Local Public Health Activity? An Empirical Evaluation Using the 2005 NACCHO Profile of Local Health Departments
  40. Public Health Components of Academic Programs in Homeland Security
  41. Valuing the Risk of Death from Terrorist Attacks
  42. Hospital Group Preparation for the 2008 Democratic National Convention
  43. Leaving Deterrence Behind: War-Fighting and National Cybersecurity
  44. A Survey of County Emergency Managers' Response to Ice Storms
  45. Critical Infrastructure Protection Systems Effectiveness Evaluation
  46. A New Generation of National Security Strategies: Early Findings from the Netherlands and the United Kingdom
  47. Principles for Better Information Security through More Accurate, Transparent Risk Scoring
  48. Collaborative Relationships Resulting from the Urban Area Security Initiative
  49. A Study of First Moments in Underground Mine Emergency Response
  50. Enhancing Disaster Recovery: Lessons from Exemplary International Disaster Management Practices
  51. An Analysis of Texas Sheriffs' Opinions Concerning Domestic Terrorism: Training, Equipment, Funding and Perceptions Regarding Likelihood of Attack
  52. Policing and Community Relations in the Homeland Security Era
  53. Interorganizational Network Coordination under Stress Caused by Repeated Threats of Disasters
  54. Wet and Dry Tsunami Warning Systems: Lessons from High Reliability Organizations
  55. The Influence of Collaborative Partnerships on Private Sector Preparedness and Continuity Planning
  56. Crisis Preparedness Capabilities in Health
  57. Building Mass Fatality Management at the Regional Level for Pandemic and Catastrophic Response
  58. Disaster Resilience Indicators for Benchmarking Baseline Conditions
  59. Towards Shared Situational Awareness and Actionable Knowledge - An Enhanced, Human-Centered Paradigm for Public Health Information System Design
  60. Decision Evaluation of Response Strategies in Emergency Management Using Imprecise Assessments
  61. Understanding the Dynamics of Emergency Communication: Propositions for a Four-Channel Model
  62. Politics or Risks? An Analysis of Homeland Security Grant Allocations to the States
  63. A Review of Nurses in Disaster Preparedness and Response: Military and Civilian Collaboration
  64. Analysis of Informal Networking in Emergency Management
  65. Intelligence-Led Mitigation
  66. An Investigation of Hospital Disaster Preparedness in Turkey
  67. Live Fire Exercise: Preparing for Cyber War
  68. Effects on the U.S. of an H1N1 Epidemic: Analysis with a Quarterly CGE Model
  69. Next Generation 9-1-1: Architecture and Challenges in Realizing an IP-Multimedia-Based Emergency Service
  70. Enhancing Border Security: Local Values and Preferences at the Blue Water Bridge (Point Edward, Canada)
  71. Opinion
  72. The Elephant in the JIC: The Fundamental Flaw of Emergency Public Information within the NIMS Framework
  73. Resilience as a Goal and Standard in Emergency Management
  74. Law, Emergencies, and the Constitution: A Review of Outside the Law: Emergency and Executive Power
  75. Meeting Educational Challenges in Homeland Security and Emergency Management
  76. When Status Quo Becomes Obsolete: The Changing Use of Outdoor Warning Sirens
  77. Communication/News
  78. Domestic Federal Interagency Planning: Meeting a Homeland Security Need
  79. Health Care Logistics Response in a Disaster
  80. Preparedness versus Reactiveness: An Approach to Pre-Crisis Disaster Planning
  81. Comment
  82. Letter to the Editor
https://doi.org/10.2202/1547-7355.1658
Schlagwörter für diesen Artikel
risk scoring; cyber security; information security; vulnerability; resilience

Artikel in diesem Heft

  1. Book Review
  2. Review of Building an Enterprise-Wide Business Continuity Program
  3. Review of Filling the Ark: Animal Welfare in Disasters
  4. Review of Anti-Americanism and the American World Order
  5. Review of Homeland Security: Assessing the First Five Years
  6. Review of Disaster Management: Global Challenges and Local Solutions
  7. Review of Who's In Charge?: Leadership during Epidemics, Bioterror Attacks, and Other Public Health Crises
  8. Review of Managing Security Overseas: Protecting Employees and Assets in Volatile Regions
  9. Review of Floodplain Management: A New Approach for a New Era
  10. Review of The Law of Emergencies: Public Health and Disaster Management
  11. Review of Terrorism, the Worker and the City: Simulations and Security in a Time of Terror
  12. Review of Social Science for Counterterrorism: Putting the Pieces Together
  13. Review of High Tech Terror: Recognition, Management and Prevention of Biological, Chemical, and Nuclear Injuries Secondary to Acts of Terrorism
  14. Review of Debating Terrorism and Counterterrorism: Conflicting Perspectives on Causes, Contexts, and Responses
  15. Review of A Paradise Built in Hell: The Extraordinary Communities That Arise in Disaster
  16. Review of Women, Gender and Disaster: Global Issues and Initiatives
  17. Review of Safeguarding Homeland Security: Governors and Mayors Speak Out
  18. Review of Disasters and Public Health: Planning and Response
  19. Review of Terrorism, Risk and the Global City: Towards Urban Resilience
  20. Review of The New Global Insecurity: How Terrorism, Environmental Collapse, Economic Inequalities and Resource Shortages Are Changing Our World
  21. Review of Willful Neglect: The Dangerous Illusion of Homeland Security
  22. Review of The Political Economy of Hazards and Disasters
  23. Review of Is America Safe? Terrorism, Homeland Security, and Emergency Preparedness
  24. Review of Catastrophe: Law, Politics, and the Humanitarian Impulse
  25. Review of Rebecca Gilman's Play A True History of the Johnstown Flood: A Back to the Future View of Environmental Disasters
  26. Review of Emergency Response to Domestic Terrorism: How Bureaucracies Reacted to the 1995 Oklahoma City Bombing
  27. Review of The Disaster Game
  28. Review of Risk Analysis and Security Countermeasure Selection
  29. Review of The Economics of Climate Change Policy: International, National and Regional Mitigation Strategies
  30. Review of Unfunding Terror: The Legal Response to the Financing of Global Terrorism
  31. Review of Would-Be Warriors: Incidents of Jihadist Terrorist Radicalization in the United States Since September 11, 2001
  32. Review of Clear as Mud: Planning for the Rebuilding of New Orleans
  33. Review of Building Safer Communities, Risk Governance, Spatial Planning and Responses to Natural Hazards
  34. Review of Catastrophic Disaster Planning and Response
  35. Review of Terrorism, Security and the Power of Informal Networks
  36. Research Article
  37. Liability in Search and Rescues: Should Individuals who Necessitate Their Own Rescues Have to Pay?
  38. Adaptation and Application of Federal Capabilities-Based Planning Models to Individual States: State of Colorado Case Study
  39. Does Federal Assistance to Health Departments for Bioterrorism Preparedness Improve Local Public Health Activity? An Empirical Evaluation Using the 2005 NACCHO Profile of Local Health Departments
  40. Public Health Components of Academic Programs in Homeland Security
  41. Valuing the Risk of Death from Terrorist Attacks
  42. Hospital Group Preparation for the 2008 Democratic National Convention
  43. Leaving Deterrence Behind: War-Fighting and National Cybersecurity
  44. A Survey of County Emergency Managers' Response to Ice Storms
  45. Critical Infrastructure Protection Systems Effectiveness Evaluation
  46. A New Generation of National Security Strategies: Early Findings from the Netherlands and the United Kingdom
  47. Principles for Better Information Security through More Accurate, Transparent Risk Scoring
  48. Collaborative Relationships Resulting from the Urban Area Security Initiative
  49. A Study of First Moments in Underground Mine Emergency Response
  50. Enhancing Disaster Recovery: Lessons from Exemplary International Disaster Management Practices
  51. An Analysis of Texas Sheriffs' Opinions Concerning Domestic Terrorism: Training, Equipment, Funding and Perceptions Regarding Likelihood of Attack
  52. Policing and Community Relations in the Homeland Security Era
  53. Interorganizational Network Coordination under Stress Caused by Repeated Threats of Disasters
  54. Wet and Dry Tsunami Warning Systems: Lessons from High Reliability Organizations
  55. The Influence of Collaborative Partnerships on Private Sector Preparedness and Continuity Planning
  56. Crisis Preparedness Capabilities in Health
  57. Building Mass Fatality Management at the Regional Level for Pandemic and Catastrophic Response
  58. Disaster Resilience Indicators for Benchmarking Baseline Conditions
  59. Towards Shared Situational Awareness and Actionable Knowledge - An Enhanced, Human-Centered Paradigm for Public Health Information System Design
  60. Decision Evaluation of Response Strategies in Emergency Management Using Imprecise Assessments
  61. Understanding the Dynamics of Emergency Communication: Propositions for a Four-Channel Model
  62. Politics or Risks? An Analysis of Homeland Security Grant Allocations to the States
  63. A Review of Nurses in Disaster Preparedness and Response: Military and Civilian Collaboration
  64. Analysis of Informal Networking in Emergency Management
  65. Intelligence-Led Mitigation
  66. An Investigation of Hospital Disaster Preparedness in Turkey
  67. Live Fire Exercise: Preparing for Cyber War
  68. Effects on the U.S. of an H1N1 Epidemic: Analysis with a Quarterly CGE Model
  69. Next Generation 9-1-1: Architecture and Challenges in Realizing an IP-Multimedia-Based Emergency Service
  70. Enhancing Border Security: Local Values and Preferences at the Blue Water Bridge (Point Edward, Canada)
  71. Opinion
  72. The Elephant in the JIC: The Fundamental Flaw of Emergency Public Information within the NIMS Framework
  73. Resilience as a Goal and Standard in Emergency Management
  74. Law, Emergencies, and the Constitution: A Review of Outside the Law: Emergency and Executive Power
  75. Meeting Educational Challenges in Homeland Security and Emergency Management
  76. When Status Quo Becomes Obsolete: The Changing Use of Outdoor Warning Sirens
  77. Communication/News
  78. Domestic Federal Interagency Planning: Meeting a Homeland Security Need
  79. Health Care Logistics Response in a Disaster
  80. Preparedness versus Reactiveness: An Approach to Pre-Crisis Disaster Planning
  81. Comment
  82. Letter to the Editor
Jetzt anmelden und 20% sparen
Institutioneller Zugang
Wie funktioniert Authentifizierung?
Haben Sie eine Idee, wie wir unsere Website verbessern können?
Bitte schreiben Sie uns.
© 2025 De Gruyter Brill
Heruntergeladen am 7.9.2025 von https://www.degruyterbrill.com/document/doi/10.2202/1547-7355.1658/html
Button zum nach oben scrollen