Information Technology Reference
In-Depth Information
known targets of interest or speculative targets of interest in your asset space must
move high on your priority list for receiving risk mitigation resources.
Subsequent details regarding threat
durability
(how long the threat may last)
provide parameters for calculating the duration of the security safeguards. For
example, if a known thief desires a museum's rare diamond, then the threat remains
as long as the thief is free and the museum remains in possession of the diamond.
If the museum transfers possession of the diamond, the threat refocuses interest on
another target, thus freeing up some of the museum's security resources. While the
diamond remains at the museum, however, ongoing security resources are neces-
sary and become part of the total cost of the diamond's ownership.
The threat class and threat status assist in determining the appropriate risk
management stance, that is, to accept, ignore, share, transfer, or mitigate the risk.
To continue with the example, the museum's board may choose to accept the risk
of theft. They may choose to share the risk by purchasing an insurance policy. They
may transfer the risk by sending the diamond to a security service that guards such
valuables and completely accepts liability for its safekeeping. The museum may
mitigate the risks by installing a secure display and an alarm system. All expenses
to safeguard the diamond become part of the cost of ownership. The price of the
diamond may be X; the cost of owning the diamond is X + Y, where Y includes
safeguards, storage, and insurance. Indeed, there is a significant difference between
price
and
cost
, where cost is much more than just the purchase price.
Figure 5.3 presents attributes to calculate threat probability. A threat from inci-
dental effects of malware in e-mail is still a risk; however, malware targeted specifi-
cally at the organization is a greater risk. Motivation determines if there is a person
or group with reason to target your organization specifically. Status determines
if the threat is a potential threat (e.g., it is hurricane season, so hurricanes are a
potential threat) versus a kinetic threat, which is a threat currently in action (e.g.,
Hurricane Terri is 12 hours from landfall within 20 miles of the data center).
The likelihood of identifying all these factors with a high degree of certainty
is low. However, such a threat probability assessment decomposes threat and per-
mits focus on its specific attributes. The macro perspective of identifying viable
threats, their prospective intention, and
the organization's vulnerabilities pro-
vides guidance to risk assessments to
look for the highest business value assets
with the vulnerabilities subject to the
highest probable threats. This results in
intelligent resource allocation for risk
mitigation.
Figure 5.4 presents attributes that
reflect asset value. An asset may have
intrinsic value
, e.g., money, gold, or
jewel; it may have a business value,
hreat Probability
Means
Method
Motivation
Mission
Status
Potential
Kinetic
Figure 5.3
threat probability
attributes.
