Construction of Effective Database System for Information Risk Mitigation

Nagata, Kiyoshi

doi:10.5772/38492

Cited by 3 publications

(3 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…They output a set of mitigation controls. A precise method to select effective risk mitigation measures is proposed in [17], and that for identifying information-related assets is in [18].…”

Section: Some Issues On Information Security Management and Policymentioning

confidence: 99%

Establishing Information Security Policy as an Organizational Risk Management

Nagata

2024

The Future of Risk Management [Working Title]

View full text Add to dashboard Cite

In the advanced information and communication network society, every organization faces information-related risks such as information leaks, system, and service malfunctions, unauthorized intrusions, business email compromise, ransom attacks, etc. In order to deal with these various types of risks, it is necessary to take measures that emphasize the balance of the entire organization rather than individual technical measures. In this chapter, we will provide an overview of various risks related to information and consider the establishment of information security policies as a means of overall risk management. Especially keeping in mind SMEs with limited financial and human resources, we will discuss the information security policy automatic generation system by utilizing ontology.

show abstract

Section: Some Issues On Information Security Management and Policymentioning

confidence: 99%

Establishing Information Security Policy as an Organizational Risk Management

Nagata

2024

The Future of Risk Management [Working Title]

View full text Add to dashboard Cite

show abstract

“…We have proposed some system for evaluation of risks and find out a set of proper mitigation controls (Nagata et al 2009). To identify information related assets, we will prepare a list of possible ones (Nagata 2012).  On procedure stage after information risk analysis, summarize and document the procedures for each department, and the document will be completed after hearing the opinions of each department.…”

Section: Figure 1 Tree-layer Model For Information Security Policymentioning

confidence: 99%

Untitled

2023

AJTE

View full text Add to dashboard Cite

ATINER is an independent and non-profit Association with a Mission to become a forum where Academics and Researchers from all over the world can meet in Athens, exchange ideas on their research and discuss future developments in their disciplines, as well as engage with professionals from other fields. Athens was chosen because of its long history of academic gatherings, which go back thousands of years to Plato"s Academy and Aristotle"s Lyceum. Both these historic places are within walking distance from ATINER"s downtown offices. Since antiquity, Athens was an open city. In the words of Pericles, Athens"…is open to the world, we never expel a foreigner from learning or seeing". ("Pericles" Funeral Oration", in Thucydides, The History of the Peloponnesian War). It is ATINER"s mission to revive the glory of Ancient Athens by inviting the World Academic Community to the city, to learn from each other in an environment of freedom and respect for other people"s opinions and beliefs. After all, the free expression of one"s opinion formed the basis for the development of democracy, and Athens was its cradle. As it turned out, the Golden Age of Athens was in fact, the Golden Age of the Western Civilization. Education and (Re)searching for the "truth" are the pillars of any free (democratic) society. This is the reason why Education and Research are the two core words in ATINER"s name.

show abstract

“…The process making following steps: determine a threat path W; select controls by evaluating their initial mitigation degree dependent on W; define the desirable mitigation control a 0 , as an acceptable impacts and probability vector V 0 (v (i0) ,p); calculate for each element out its mitigation degree with respect to each of impacts and probability (by considering the type of assets, threat path, and impact or probability in some criteria); calculate aj= Vj(v(ij) ,p) as the alternative vectors; apply the fuzzy method; determine the set of effective mitigation controls. [13]…”

Section: Useful Toolsmentioning

confidence: 99%

Security Information and Risk Management Assessment

Anton

Nedelcu

2015

AMM

View full text Add to dashboard Cite

This work approaches the assessment of the security and information risks in order to find the optimal values of the risks by applying and comparing different methods to measure and assess the security risks. By describing structural characteristics of standards and methods implemented in the information security management system (ISMS), this paper underlines the necessity, means and effectiveness of information security modeling. The conclusions of this paper highlights the importance of standards and methods of risk management assessment.

show abstract

Construction of Effective Database System for Information Risk Mitigation

Cited by 3 publications

References 6 publications

Establishing Information Security Policy as an Organizational Risk Management

Establishing Information Security Policy as an Organizational Risk Management

Untitled

Security Information and Risk Management Assessment

Contact Info

Product

Resources

About