Why 2 times 2 ain't neccessarily 4 - at least not in IT security risk assessment

Braband, Jens

Konferenzbeitrag

Why 2 times 2 ain't neccessarily 4 - at least not in IT security risk assessment

Dokumententyp

Text/Conference Paper

Dateien

1.pdf (149.41 KB)

Datum

2016

Autor:innen

Braband, Jens

Quelle

Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit

Verlag

Gesellschaft für Informatik e.V.

Zusammenfassung

Recently, a novel approach towards semi-quantitative IT security risk assessment has been proposed in the draft IEC 62443-3-2. This approach is analyzed from several different angles, e.g. embedding into the overall standard series, semantic and methodological aspects. As a result, several systematic flaws in the approach are exposed. As a way forward, an alternative approach is proposed which blends together semi-quantitative risk assessment as well as threat and risk analysis.

Braband, Jens (2016): Why 2 times 2 ain't neccessarily 4 - at least not in IT security risk assessment. Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit. Bonn: Gesellschaft für Informatik e.V.. PISSN: 1617-5468. ISBN: 978-3-88579-650-3. pp. 1-10. Bonn. 5.-7. April 2016

Sammlungen

P256 - Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit

Komplettanzeige

Why 2 times 2 ain't neccessarily 4 - at least not in IT security risk assessment

Volltext URI

Dokumententyp

Dateien

Zusatzinformation

Datum

Autor:innen

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Quelle

Verlag

Zusammenfassung

Beschreibung

Schlagwörter

Zitierform

DOI

Tags

Sammlungen