Information Technology Reference
In-Depth Information
Possession
Theft
Ditto
Physical security,
asset management
Asset tag scanning,
RFIDs
CSIRT, notifying legal
authorities
Authenticity
Fraud,
counterfeit
Ditto
PKI, employee
awareness
Veriication and
validation, reliability
check (source and
content)
CSIRT, notify source
Usability
Unusable
Ditto
Cryptographic key
management, e.g.,
key escrow
User awareness
Key recovery
Nonrepudiation
Deniable, False
attribution
Ditto
Digital signatures
User awareness
SOC, CSIRT, legal
investigation
Authorized use
Theft of service
Ditto
Identity and privilege
management policy
(e.g., time of day,
day of week
restrictions)
Service use/abuse
monitoring
SOC, CSIRT, service
access review,
policy review,
review enforcement
mechanisms for
policy compliance
Privacy
Public disclosure,
misuse of
personal
information
Ditto
Cryptography,
physical controls,
irewall, IDS
variations
Log review, anomaly
awareness
SOC, CSIRT, legal
investigation
The purpose of anticipatory actions is to identify potential threats, vulnerabilities, and risks. The same general activities for
developing, performing, or using security policies, risk assessments, vulnerability assessments, BIAs, the IA
2
Process, the IA
2
Framework, SMP, SETA, and a compliance management program are relevant to all IA core principles.
a
