|
| |
simplicable technology guide
»
security
»
security risks
»
threats facing your business
Get to Know the Threats Facing Your Business
posted by John Spacey, March 07, 2011
If you know the enemy and know yourself you need not fear the results of a hundred battles.
~ Sun Tzu
Threat analysis is about understanding your enemy - or at least the information security risks facing your organization. Threat analysis has 3 basic steps:
Model the SystemModels should include all the places where security typically breaks down — data flows, entry and exit points, trust boundaries, processes and components.
Identify ThreatsThe model is used to generate a list of potential threats. Threat identification is a brainstorming activity that draws upon known threats and vulnerabilities and analysis of the system model by architects, developers, business SMEs and security experts.
Rank ThreatsThreat-risks are ranked according to impact and likelihood.
|
Continuous Controls Monitoring for Transactions (CCM-T) is a governance, risk and compliance technology. There are 4 typical functions of a CCM system.
|
|
In the real world, SOA often fails.
|
|
Take a few minutes to learn about the Zachman Framework — a framework for Enterprise Architecture.
|
|
The 90 second version of TOGAF — a popular enterprise architecture framework.
|
Recently on Simplicable
| |
posted by Anna Mar
A list of information security strategies and techniques.
|
| |
posted by Anna Mar
Popular ideas such as cloud computing get twisted, turned and flipped upside down before anyone can agree on common definitions.
|
| |
posted by Anna Mar
Modern technology customers and industry insiders are faced with a constant stream of change. Human ability to adapt to this pace of change is remarkable.
|
| |
posted by Anna Mar
Enterprise architects are leaders. They're near the top of the technical food chain in any organization. As leaders, there are a lot of people in the organization EAs can help.
|
|
