Information Technology Reference
In-Depth Information
In ISO/IEC 13335
[23]
, a risk is defined in the glossary in terms of three related
concepts:
Risk:
the potential that a given threat will exploit vulnerabilities of an asset or group of
assets and thereby cause harm to the organization.
is more explicit than the succession of steps presented in [
25]
, shows that these
definitions of a risk are compliant with RM standards, because a risk is always com-
posed of a
cause
and a
consequence
. However, the definitions introduce some new
concepts: the cause of the risk is presented as the combination of
threat
and
vul-
nerability
, and the
consequence
is considered as the
impact
or
harm
(see Table
1)
.
The concept of
asset
, which is not analysed in depth in this section, is also intro-
duced as related to the notion of risk. It is defined as anything that has value to the
Threats are categorised as the potential for abuse of protected assets. The CC characterises
a threat in terms of a threat agent, a presumed attack method, any vulnerabilities that are
the foundation for the attack, and identification of the asset under attack. An assessment of
risks
to security would qualify each threat with an assessment of the likelihood of such a
threat developing into an actual attack, the likelihood of such an attack proving successful,
and the consequences of any damage that may result. A threat shall be described in terms
of an identified threat agent, the attack, and the asset that is the subject of the attack. Threat
agents should be described by addressing aspects such as expertise, available resources, and
motivation. Attacks should be described by addressing aspects such as attack methods, any
vulnerabilities exploited, and opportunity.
Here the cause of the risk is called threat and it encompasses vulnerability, unlike
threat in
[8]
has multiple sub-components like
threat agent, attack method, attack
,
etc. Details of those sub-components can be found in [
40]
. Threat in ISO/IEC 27001
or ISO/IEC 13335 has thus not the same sense as threat in CC, which is equivalent
to the global cause of the risk, encompassing threat and vulnerability. Threat from
Risk:
The net mission/business impact considering (1) the likelihood that a particular threat
source will exploit, or trigger, a particular information system vulnerability and (2) the
resulting impact if this should occur.
Here, risk is once again defined with the help of three components:
threat source,
vulnerability
and
impact
. The concept of threat is defined as the combination of a
threat source, its motivation (for human threat) and threat actions, like hacking,
social engineering, or system intrusion [
52]
.
The use of the term risk in security related standards is more precise than in
RM standards, but remains compliant with the latter. It is thus a mere specialisa-
tion of the term. The concept of risk is therefore aligned between the sources in
Table
1.
However the precision of the components of a risk increases. The conse-
quence of the risk differs only in how it is named (
consequence
,
impact
or
harm
)
Search WWH ::
Custom Search