Security - News

Abstract : The final public draft of Special Publication 800-39 introduces a three-tiered risk management approach that allows organizations to focus, initially, on establishing an enterprise-wide risk management strategy as part of a mature governance structure involving senior leaders/executives and a robust risk executive (function). The risk management strategy addresses some of the fundamental issues that organizations face in how risk is assessed, responded to, and monitored over time in the context of critical missions and business functions. The strategic focus of the risk management strategy allows organizations to influence the design of key mission and business processes—making these processes risk aware. Risk-aware mission/business processes drive enterprise architecture decisions and facilitate the development and implementation of effective information security architectures that provide roadmaps for allocating safeguards and countermeasures to information systems and the environments in which those systems operate.

Autor: JP

Heuristické vyhledání souvisejících článků v archívu NEWS

• Zpráva spole?nosti PwC: Risk in review 2012. Rethinking risk management for new market realities
• Americký NIST vydal: Special Publication 800-39, Managing Information Security Risk: Organization, Mission, and Information System View
• P?ehledová studie: Network security: Managing the risk and opportunity
• Epimetheus - a system for reducing the risk of phishing attacks
• KRACK WPA2 protocol Wi-Fi attack: How it works and who\'s at risk