Relevant bibliographies by topics / Security risk countermeasure

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers

Academic literature on the topic 'Security risk countermeasure'

Author: Grafiati
Published: 4 June 2021
Last updated: 8 February 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Security risk countermeasure.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Security risk countermeasure"

1

Fenz, Stefan, and Thomas Neubauer. "Ontology-based information security compliance determination and control selection on the example of ISO 27002." Information & Computer Security 26, no. 5 (November 12, 2018): 551–67. http://dx.doi.org/10.1108/ics-02-2018-0020.

Full text
Abstract:
PurposeThe purpose of this paper is to provide a method to formalize information security control descriptions and a decision support system increasing the automation level and, therefore, the cost efficiency of the information security compliance checking process. The authors advanced the state-of-the-art by developing and applying the method to ISO 27002 information security controls and by developing a semantic decision support system.Design/methodology/approachThe research has been conducted under design science principles. The formalized information security controls were used in a compliance/risk management decision support system which has been evaluated with experts and end-users in real-world environments.FindingsThere are different ways of obtaining compliance to information security standards. For example, by implementing countermeasures of different quality depending on the protection needs of the organization. The authors developed decision support mechanisms which use the formal control descriptions as input to support the decision-maker at identifying the most appropriate countermeasure strategy based on cost and risk reduction potential.Originality/valueFormalizing and mapping the ISO 27002 controls to the security ontology enabled the authors to automatically determine the compliance status and organization-wide risk-level based on the formal control descriptions and the modelled environment, including organizational structures, IT infrastructure, available countermeasures, etc. Furthermore, it allowed them to automatically determine which countermeasures are missing to ensure compliance and to decrease the risk to an acceptable level.
APA, Harvard, Vancouver, ISO, and other styles
2

Baca, Dejan, and Kai Petersen. "Countermeasure graphs for software security risk assessment: An action research." Journal of Systems and Software 86, no. 9 (September 2013): 2411–28. http://dx.doi.org/10.1016/j.jss.2013.04.023.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Sato, Naoshi. "Proposal on Measure Against Cyberattack on the Basis of Recent Trend." Journal of Disaster Research 12, no. 5 (September 27, 2017): 1050–59. http://dx.doi.org/10.20965/jdr.2017.p1050.

Full text
Abstract:
In this paper, we discuss the current situation and problems of cyberattacks from multiple viewpoints, and propose a guideline for future countermeasures. First, we provide an overview of some trends in cyberattacks using various survey data and reports. Next, we examine a new cyberattack countermeasure to control Internet use and propose a specific guideline. Specifically, we propose an Internet user qualification system as a policy to maintain cyber security and discuss ways to realize the system, the expected effects, and problems to be solved.
APA, Harvard, Vancouver, ISO, and other styles
4

Rowshan, Shahed, William C. Sauntry, Thomas M. Wood, Bruce Churchill, and Steve R. Levine. "Reducing Security Risk for Transportation Management Centers." Transportation Research Record: Journal of the Transportation Research Board 1938, no. 1 (January 2005): 17–24. http://dx.doi.org/10.1177/0361198105193800103.

Full text
Abstract:
Transportation management centers (TMCs) make an important difference in the lives of commuters around the country every day. Various types of threats could damage or destroy a TMC's ability to operate. These threats range from rare but devastating terrorist attacks to the more frequent and troublesome utility failures and severe weather conditions. The TMC risk assessment methodology (RAM) introduced in this paper is based on the best practices of several proven RAMs. Its components include asset identification, threat assessment, consequence assessment, vulnerability assessment, and countermeasure development. The research team selected 10 TMCs as a basis for gathering best practices and common challenges. As initial data were developed for the 10 centers, three sites were chosen to participate in more comprehensive on-site vulnerability assessments. This paper provides general recommendations that can be readily applied to all TMCs. These recommendations include taking the time to conduct a comprehensive risk assessment; reviewing, updating, and revising the risk assessment on a regular basis; correcting simple physical vulnerabilities; and training employees in security awareness.
APA, Harvard, Vancouver, ISO, and other styles
5

Yazdinejad, Abbas, Behrouz Zolfaghari, Amin Azmoodeh, Ali Dehghantanha, Hadis Karimipour, Evan Fraser, Arthur G. Green, Conor Russell, and Emily Duncan. "A Review on Security of Smart Farming and Precision Agriculture: Security Aspects, Attacks, Threats and Countermeasures." Applied Sciences 11, no. 16 (August 16, 2021): 7518. http://dx.doi.org/10.3390/app11167518.

Full text
Abstract:
In recent years, Smart Farming (SF) and Precision Agriculture (PA) have attracted attention from both the agriculture industry as well as the research community. Altogether, SF and PA aim to help farmers use inputs (such as fertilizers and pesticides) more efficiently through using Internet of Things (IoT) devices, but in doing so, they create new security threats that can defeat this purpose in the absence of adequate awareness and proper countermeasures. A survey on different security-related challenges is required to raise awareness and pave they way for further research in this area. In this paper, we first itemize the security aspects of SF and PA. Next, we review the types of cyber attacks that can violate each of these aspects. Accordingly, we present a taxonomy on cyber-threats to SF and PA on the basis of their relations to different stages of Cyber-Kill Chain (CKC). Among cyber-threats, we choose Advanced Persistent Threats (APTs) for further study. Finally, we studied related risk mitigation strategies and countermeasure, and developed a future road map for further study in this area. This paper’s main contribution is a categorization of security threats within the SF/PA areas and provide a taxonomy of security threats for SF environments so that we may detect the behavior of APT attacks and any other security threat in SF and PA environments.
APA, Harvard, Vancouver, ISO, and other styles
6

Shang, Jin Rui. "Lanshan Port Environmental Protection Countermeasure Research - Based on the Sustainable Development." Advanced Materials Research 726-731 (August 2013): 3961–67. http://dx.doi.org/10.4028/www.scientific.net/amr.726-731.3961.

Full text
Abstract:
This essay established port environmental strategy evaluation system, and formulated an actual and practical environmental strategy implementation security system in the light of the present environmental protection situation: to implement green enterprise culture, to constantly improve green management system, and to establish environmental risk emergency and protection system and sustainable development of ecological supporting system.
APA, Harvard, Vancouver, ISO, and other styles
7

Fenz, Stefan, Johannes Heurix, Thomas Neubauer, and Fabian Pechstein. "Current challenges in information security risk management." Information Management & Computer Security 22, no. 5 (November 10, 2014): 410–30. http://dx.doi.org/10.1108/imcs-07-2013-0053.

Full text
Abstract:
Purpose – The purpose of this paper is to give an overview of current risk management approaches and outline their commonalities and differences, evaluate current risk management approaches regarding their capability of supporting cost-efficient decisions without unnecessary security trade-offs, outline current fundamental problems in risk management based on industrial feedback and academic literature and provide potential solutions and research directions to address the identified problems. Despite decades of research, the information security risk management domain still faces numerous challenges which hinder risk managers to come up with sound risk management results. Design/methodology/approach – To identify the challenges in information security risk management, existing approaches are compared against each other, and as a result, an abstracted methodology is derived to align the problem and solution identification to its generic phases. The challenges have been identified based on literature surveys and industry feedback. Findings – As common problems at implementing information security risk management approaches, we identified the fields of asset and countermeasure inventory, asset value assignment, risk prediction, the overconfidence effect, knowledge sharing and risk vs. cost trade-offs. The reviewed risk management approaches do not explicitly provide mechanisms to support decision makers in making an appropriate risk versus cost trade-offs, but we identified academic approaches which fulfill this need. Originality/value – The paper provides a reference point for professionals and researchers by summing up the current challenges in the field of information security risk management. Therefore, the findings enable researchers to focus their work on the identified real-world challenges and thereby contribute to advance the information security risk management domain in a structured way. Practitioners can use the research results to identify common weaknesses and potential solutions in information security risk management programs.
APA, Harvard, Vancouver, ISO, and other styles
8

Abimbola, Oni Omoyemi, Akinyemi Bodunde Odunola, Aladesanmi Adegboye Temitope, Ganiyu Adesola Aderounmu, and Kamagaté Beman Hamidja. "An Improved Stochastic Model for Cybersecurity Risk Assessment." Computer and Information Science 12, no. 4 (November 22, 2019): 96. http://dx.doi.org/10.5539/cis.v12n4p96.

Full text
Abstract:
Most of the existing solutions in cybersecurity analysis has been centered on identifying threats and vulnerabilities, and also providing suitable defense mechanisms to improve the robustness of the cyberspace network. These solutions lack effective capabilities to countermeasure the effect of risks and perform long-term prediction. In this paper, an improved risk assessment model for cyberspace security that will effectively predict and mitigate the consequences of risk was developed. Real-time vulnerabilities of a selected network were scanned and analysed and the ease of vulnerability exploitability was assessed. A Risk Assessment Model was formulated using the synergy of Absorbing Markov Chain and Markov Reward Model. The model was utilized to analyse cybersecurity state of the selected network. The proposed model was simulated using R- Statistical Package, and its performance was evaluated by benchmarking with an existing model, using Reliability and Availability as metrics. The result showed that the proposed model has higher reliability and availability over the existing model. This implied that there is a significant improvement in the assessment of security situations in a cyberspace network.
APA, Harvard, Vancouver, ISO, and other styles
9

Viduto, Valentina, Carsten Maple, Wei Huang, and David López-Peréz. "A novel risk assessment and optimisation model for a multi-objective network security countermeasure selection problem." Decision Support Systems 53, no. 3 (June 2012): 599–610. http://dx.doi.org/10.1016/j.dss.2012.04.001.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Shao, Weiwei, Jiahong Liu, Haixing Zhang, Dianyi Yan, and Weijia Li. "Countermeasure Analysis on Promoting Drinking Water Safety in Shanshan County, Xinjiang Autonomous Region, China." Water 10, no. 8 (August 2, 2018): 1022. http://dx.doi.org/10.3390/w10081022.

Full text
Abstract:
In recent years, China has paid an increasing amount of attention to improving urban and rural drinking water safety, an important aspect of building a healthy and stable society. This study analyzed countermeasures to promote drinking water safety in Turpan City of Shanshan County, in the Xinjiang Autonomous Region. First, we considered the current state of drinking water safety in Shanshan, including issues such as pollution, outdated water treatment technologies, leakage in the water supply pipe network, insufficient emergency management capability in urban areas, and low water supply guarantee rates in rural areas due to poor construction standards. Second, the quantity of guaranteed water resources was estimated; on this basis, an ideal distribution of regional water plants and water supply network needs for the optimal allocation of water resources is suggested. Third, a water purification program was developed to solve untreated water quality problems, including centralized and decentralized water quality treatments alongside intelligent water flow control processes. Water resource conservation and risk control measures are also proposed in order to promote the security of drinking water; equipment updates, and the establishment of an intelligent water management platform are also suggested.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Security risk countermeasure"

1

Valičková, Monika. "Řízení bezpečnosti inteligentní domácnosti." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2018. http://www.nusl.cz/ntk/nusl-378362.

Full text
Abstract:
This diploma thesis is focused on increasing Smart Home Control System security in terms of information, network and physical security. It is based on a risk analysis of the current state of applied security management and the needs of the house owner. Both security countermeasure and cost analysis are thoroughly discussed, and the thesis also contains methodology, which describes the management of smart home security and improvement of end-user security awareness.
APA, Harvard, Vancouver, ISO, and other styles
2

Dočekal, Petr. "Návrh zavedení bezpečnostních opatření v souladu s ISMS pro obchodní společnost." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2018. http://www.nusl.cz/ntk/nusl-378344.

Full text
Abstract:
The master’s thesis focuses on area of security countermeasures in accordance with information security management system. Presents basic theoretical background of information and cyber security and describes a current state in the company. The thesis’s output is the design of security countermeasures implementation which contribute to information security in the company.
APA, Harvard, Vancouver, ISO, and other styles
3

Kalabis, Petr. "Management informační bezpečnosti v podniku." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2016. http://www.nusl.cz/ntk/nusl-241646.

Full text
Abstract:
This master thesis is focused on the design of implementation the information security management system in the company according to standards ISO/IEC 27000. First of all, it was described the theory of information security management system and it was explained the relevant terms and other requirements in the context of this issue. This assignment involves analysis of the current situation of the company and suggestions that lead to reducing discovered risks and bring improvement of the general information security.
APA, Harvard, Vancouver, ISO, and other styles
4

Šumbera, Adam. "Zavedení managementu bezpečnosti informací v podniku dle ISO 27001." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2013. http://www.nusl.cz/ntk/nusl-224217.

Full text
Abstract:
This diploma thesis deals with implementation of the information security management system in company. The theoretical part of thesis summarizes the theoretical knowledge in the field of information security and describes a set of standards ISO/IEC 27000. In the following section the specific company is analysed, and to this company there are then applied theoretical knowledge during the implementation of information security management system.
APA, Harvard, Vancouver, ISO, and other styles
5

Krídla, Matúš. "Návrh zavedení bezpečnostních opatření pro danou společnost." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2021. http://www.nusl.cz/ntk/nusl-444607.

Full text
Abstract:
This diploma thesis deals with the design and implementation of security measures within a selected company. The aim of the work is to create a proposal for measures against possible security threats. The first chapter deals with a general introduction to the issue, describes and defines the concepts from a theoretical point of view. The second part deals with the description of the current state and analysis of selected areas of the company. At the end of this work, we focus on raising awareness of security threats and proposing measures that contribute to increasing the security of information.
APA, Harvard, Vancouver, ISO, and other styles
6

Connolly, Lena Y., and D. S. Wall. "The rise of crypto-ransomware in a changing cybercrime landscape: Taxonomising countermeasures." Elsevier, 2019. http://hdl.handle.net/10454/17916.

Full text
Abstract:
Yes
Year in and year out the increasing adaptivity of offenders has maintained ransomware's position as a major cybersecurity threat. The cybersecurity industry has responded with a similar degree of adaptiveness, but has focussed more upon technical (science) than ‘non-technical’ (social science) factors. This article explores empirically how organisations and investigators have reacted to the shift in the ransomware landscape from scareware and locker attacks to the almost exclusive use of crypto-ransomware. We outline how, for various reasons, victims and investigators struggle to respond effectively to this form of threat. By drawing upon in-depth interviews with victims and law enforcement officers involved in twenty-six crypto-ransomware attacks between 2014 and 2018 and using an inductive content analysis method, we develop a data-driven taxonomy of crypto-ransomware countermeasures. The findings of the research indicate that responses to crypto-ransomware are made more complex by the nuanced relationship between the technical (malware which encrypts) and the human (social engineering which still instigates most infections) aspects of an attack. As a consequence, there is no simple technological ‘silver bullet’ that will wipe out the crypto-ransomware threat. Rather, a multi-layered approach is needed which consists of socio-technical measures, zealous front-line managers and active support from senior management.
This work was supported by the Engineering and Physical Sciences Research Council and is part of the EMPHASIS (EconoMical, PsycHologicAl and Societal Impact of RanSomware) project [EP/P011721/1].
APA, Harvard, Vancouver, ISO, and other styles
7

Schuessler, Joseph H. "General Deterrence Theory: Assessing Information Systems Security Effectiveness in Large versus Small Businesses." Thesis, University of North Texas, 2009. https://digital.library.unt.edu/ark:/67531/metadc9829/.

Full text
Abstract:
This research sought to shed light on information systems security (ISS) by conceptualizing an organization's use of countermeasures using general deterrence theory, positing a non-recursive relationship between threats and countermeasures, and by extending the ISS construct developed in prior research. Industry affiliation and organizational size are considered in terms of differences in threats that firms face, the different countermeasures in use by various firms, and ultimately, how a firm's ISS effectiveness is affected. Six information systems professionals were interviewed in order to develop the appropriate instruments necessary to assess the research model put forth; the final instrument was further refined by pilot testing with the intent of further clarifying the wording and layout of the instrument. Finally, the Association of Information Technology Professionals was surveyed using an online survey. The model was assessed using SmartPLS and a two-stage least squares analysis. Results indicate that a non-recursive relationship does indeed exist between threats and countermeasures and that countermeasures can be used to effectively frame an organization's use of countermeasures. Implications for practitioners include the ability to target the use of certain countermeasures to have desired effects on both ISS effectiveness and future threats. Additionally, the model put forth in this research can be used by practitioners to both assess their current ISS effectiveness as well as to prescriptively target desired levels of ISS effectiveness.
APA, Harvard, Vancouver, ISO, and other styles
8

Fältros, Jesper, Isak Alinger, and Bergen Axel von. "Safety risks with ZigBee smart devices : Identifying risks and countermeasures in ZigBee devices with an eavesdropping experiment." Thesis, Tekniska Högskolan, Jönköping University, JTH, Datateknik och informatik, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:hj:diva-49630.

Full text
Abstract:
With ZigBee being the world’s leading IoT protocol, users are vulnerable to attacks on the wireless communication between ZigBee devices and the information that can be gained from them. For users to protect themselves from potential attacks they need to be aware of what information can be extracted and how it can be countered. Through an eavesdropping experiment, done using three individual sensors from different vendors, various packets with potential for misuse have been identified within the area of building security. With the potential areas of misuse identified, there is also a need for countermeasures against these threats. Countermeasures were identified through a collection of literature that was summarized in order to provide a wide range of alternatives, suitable to different scenarios. The experiment was limited to the functions of the sensors used, as well as traffic using the ZigBee protocol. This study pinpoints a potential for misuse of the ZigBee traffic sent between devices and shows that the ZigBee protocol is fundamentally flawed from a security aspect. Whilst countermeasures exist, they are not applicable to every situation which is why the ZigBee protocol itself needs further development to be considered secure.
APA, Harvard, Vancouver, ISO, and other styles
9

Konečný, Martin. "GAP analýza systému řízení bezpečnosti informací." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2019. http://www.nusl.cz/ntk/nusl-399368.

Full text
Abstract:
The master’s thesis focuses on GAP analysis of information security management system. The thesis consists of theoretical, analytical and practical part. The first part discusses the theoretical background of the issue of information and cyber security. The analytical part describes the current condition of the researched company. The thesis’s output is the draft of risk register and draft of security countermeasures implementation. The draft targets on countermeasures leading to increase information security in company.
APA, Harvard, Vancouver, ISO, and other styles
10

Kameníček, Lukáš. "Návrh systém managementu ISMS." Master's thesis, Vysoké učení technické v Brně. Fakulta strojního inženýrství, 2011. http://www.nusl.cz/ntk/nusl-229425.

Full text
Abstract:
This diploma thesis analyses the current state of information security management in an organization. In the theoretical part of the thesis general concepts are described as well as the relations between risk management and information security, applicable laws and standards. Further, the theoretical part deals with the risk analysis and risk management, strategies, standard procedures and methods applied in this field. In the practical part a methodology is suggested for information risk analysis in a particular organization and appropriate measures are selected.
APA, Harvard, Vancouver, ISO, and other styles

Books on the topic "Security risk countermeasure"

1

Thomas, Norman. Risk analysis and security countermeasure selection. Boca Raton, FL: CRC Press, 2010.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
2

Thomas, Norman. Risk analysis and security countermeasure selection. Boca Raton, FL: CRC Press, 2010.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
3

Norman, Thomas. Risk analysis and security countermeasure selection. Boca Raton, FL: CRC Press, 2010.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
4

Norman, Thomas L. Risk analysis and security countermeasure selection. Boca Raton: CRC Press, 2010.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
5

Gupta, Manish. Threats, countermeasures and advances in applied information security. Hershey, PA: Information Science Reference, 2012.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
6

Threats, countermeasures and advances in applied information security. Hershey, PA: Information Science Reference, 2012.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
7

Architectural Engineering Institute. Building Rating Security Committee, ed. Building security rating system: Checklists to assess risks, consequences, and security countermeasures. Reston, Virginia: American Society of Civil Engineers, AEI, 2015.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
8

C, Ragaini Richard, ed. International Seminar on Nuclear War and Planetary Emergencies, 29th session: Society and structures--culture and ideology, equity, territorial and economics, psychology, tools and countermeasures, worldwide stability, risk analysis for terrorism ... : "E. Majorana" Centre for Scientific Culture, Erice, Italy, 10-15 May 2003. Singapore: World Scientific, 2003.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
9

Risk Analysis and Security Countermeasure Selection. CRC, 2009.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
10

Lapham, Robert. Risk Analysis and Security Countermeasure Selection. CRC Press, 2015. http://dx.doi.org/10.1201/b18632.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Book chapters on the topic "Security risk countermeasure"

1

Asnar, Yudistira, and Paolo Giorgini. "Modelling Risk and Identifying Countermeasure in Organizations." In Critical Information Infrastructures Security, 55–66. Berlin, Heidelberg: Springer Berlin Heidelberg, 2006. http://dx.doi.org/10.1007/11962977_5.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Herrmann, Andrea, Ayse Morali, Sandro Etalle, and Roel Wieringa. "Risk and Business Goal Based Security Requirement and Countermeasure Prioritization." In Workshops on Business Informatics Research, 64–76. Berlin, Heidelberg: Springer Berlin Heidelberg, 2012. http://dx.doi.org/10.1007/978-3-642-29231-6_6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Labuschagne, L., and J. F. P. Eloff. "Activating dynamic countermeasures to reduce risk." In Information Systems Security, 187–96. Boston, MA: Springer US, 1996. http://dx.doi.org/10.1007/978-1-5041-2919-0_16.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Affia, Abasi-amefon O., Raimundas Matulevičius, and Rando Tõnisson. "Security Risk Estimation and Management in Autonomous Driving Vehicles." In Lecture Notes in Business Information Processing, 11–19. Cham: Springer International Publishing, 2021. http://dx.doi.org/10.1007/978-3-030-79108-7_2.

Full text
Abstract:
AbstractAutonomous vehicles (AV) are intelligent information systems that perceive, collect, generate and disseminate information to improve knowledge to act autonomously and provide its required services of mobility, safety, and comfort to humans. This paper combines the security risk management (ISSRM) and operationally critical threat, asset, and vulnerability evaluation (OCTAVE allegro) methods to define and assess the AV protected assets, security risks, and countermeasures.
APA, Harvard, Vancouver, ISO, and other styles
5

Rjaibi, Neila, and Latifa Ben Arfa Rabai. "Monitoring the Effectiveness of Security Countermeasures in a Security Risk Management Model." In Software Engineering in Intelligent Systems, 327–37. Cham: Springer International Publishing, 2015. http://dx.doi.org/10.1007/978-3-319-18473-9_32.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

"Prioritizing Risk." In Risk Analysis and Security Countermeasure Selection, 193–202. CRC Press, 2009. http://dx.doi.org/10.1201/9781420078718-c11.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

"Prioritizing Risk." In Risk Analysis and Security Countermeasure Selection, 219–30. CRC Press, 2009. http://dx.doi.org/10.1201/9781420078718-15.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

"Security Policy Introduction." In Risk Analysis and Security Countermeasure Selection, 203–14. CRC Press, 2009. http://dx.doi.org/10.1201/9781420078718-c12.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

"Security Effectiveness Metrics." In Risk Analysis and Security Countermeasure Selection, 321–40. CRC Press, 2009. http://dx.doi.org/10.1201/9781420078718-c18.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

"Security Effectiveness Metrics." In Risk Analysis and Security Countermeasure Selection, 393–414. CRC Press, 2015. http://dx.doi.org/10.1201/b18632-26.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Security risk countermeasure"

1

Guohua, Zhu. "Enterprise Information Security Risk and Countermeasure Research under Network Environment." In 2015 Seventh International Conference on Measuring Technology and Mechatronics Automation (ICMTMA). IEEE, 2015. http://dx.doi.org/10.1109/icmtma.2015.115.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Emejeamara, Uchechukwu, Udochukwu Nwoduh, and Andrew Madu. "Trusted Computing in Data Science: Viable Countermeasure in Risk Management Plan." In 8th International Conference of Security, Privacy and Trust Management (SPTM 2020). AIRCC Publishing Corporation, 2020. http://dx.doi.org/10.5121/csit.2020.100602.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Waedt, Karl, Yongjian Ding, Antonio Ciriello, and Xinxin Lou. "Development, Distribution and Maintenance of Application Security Controls for Nuclear." In 2017 25th International Conference on Nuclear Engineering. American Society of Mechanical Engineers, 2017. http://dx.doi.org/10.1115/icone25-67499.

Full text
Abstract:
The generic concept of Security Controls, as initially deployed in the information security domain, is gradually used in other business domains, including industrial security for critical infrastructure and cybersecurity of nuclear safety I&C. A Security Control, or less formally, a security countermeasure can be any organizational, technical or administrative measure that helps in reducing the risk imposed by a cybersecurity threat. The new IAEA NST036 lists more than 200 such countermeasures. NIST SP800-53 Rev. 4 contains about 450 pages of security countermeasure descriptions, which are graded according to three levels of stringency. In order to facilitate and formalize the process of developing, precisely describing, distributing and maintaining more complex security controls, the Application Security Controls (ASC) concept is introduced by the new ISO/IEC 27034 multipart standard. An ASC is an extensible semi-formal representation of a security control (e.g. XML or JSON-based), which contains a set of mandatory and optional parts as well as possible links to other ASCs. A set of Application Security Controls may be developed by one company and shipped together with a product of another company. ISO/IEC 27034-6 assumes that ASCs are developed by an organization or team specialized in security and that the ASCs are forwarded to customers for direct use or for integration into their own products or services. The distribution of ASCs is supported and formalized by the Organization Normative Frameworks (ONF) and Application Normative Frameworks (ANF) deployed in the respective organizational units. The maintenance and continuous improvement of ASCs is facilitated by the ONF Process and ANF Process. This paper will explore the applicability of these industry standards based ASC lifecycle concepts for the nuclear domain in line with IEC 62645, IEC 62859 and the up-coming IEC 63096. It will include results from an ongoing bachelor thesis and master thesis, mentored by two of the authors, as well as nuclear specific deployment scenarios currently being evaluated by a team of cybersecurity PhD candidates.
APA, Harvard, Vancouver, ISO, and other styles
4

Rees, Daniel C., and Kenneth I. Rubin. "Managing and Protecting Infrastructure Assets." In ASME 2003 International Mechanical Engineering Congress and Exposition. ASMEDC, 2003. http://dx.doi.org/10.1115/imece2003-42612.

Full text
Abstract:
The events of September 11th focused renewed attention on protection of our nation’s critical infrastructure. Utilities across the nation have an increased awareness of risks and are recognizing the potential vulnerability of their physical assets, and also the assets embodied in their employees, their knowledge base, their information technology and their customers. Utilities must now grapple with the possibility that their infrastructure assets may be targets of direct physical threats — or serve as conduits for indirect physical threats. As the concern for protecting our nation’s infrastructure intensifies, each utility is being asked to reassess its ability to provide safe and reliable services to customers and communities as a whole. However, improvements to protection of utility assets must be performed with constraints of limited capital and operating budgets. Security threats from terrorist and related events are relatively new to the utility industry, so standard industry-wide protocols are just now being developed. Serious security practices have evolved in some discrete areas, such as high-risk government buildings, nuclear power plants, and airline terminals. Utility infrastructure physical assets are typically dispersed, so, standard approaches to security (developed for enterprises with highly centralized assets, such as nuclear weapons production facilities) are difficult to apply. Managers must then face a balancing act between demands for security and the resources needed to enact and finance those actions. This paper describes the Vulnerability Self Assessment (VSAT™) methodology and software that provides a structured, cost-effective approach for utilities to assess their vulnerabilities and to establish a risk-based methodology for making necessary changes. The VSAT™ methodology groups utility assets into the classes of People (utility staff), Physical Plant, Knowledge Base, Information Technology Platform, and Customers. The methodology and software are flexible, customizable, and user friendly. VSAT™ software is equally applicable to deliberately caused or natural disasters. In addition to a library of prototypical assets, included in the software application are threat and countermeasure libraries. As users proceed through self-assessments, VSAT™ automatically documents the analysis process during each step. VSAT™ helps users identify critical asset(s) and potential single points of failure (SPFs). The VSAT™ process culminates in a series of risk-reduction-cost reports that presents findings in clear and concise ways. This is important, because the goal is business continuity and, at the end of the day, VSAT™ provides solutions that enable utilities to mitigate risks of business interruptions at least cost.
APA, Harvard, Vancouver, ISO, and other styles
5

Brown, Wayne J., Vince Anderson, and Qing Tan. "Multitenancy - Security Risks and Countermeasures." In 2012 15th International Conference on Network-Based Information Systems (NBiS). IEEE, 2012. http://dx.doi.org/10.1109/nbis.2012.142.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Gurban, Eugen Horatiu, Bogdan Groza, and Pal-Stefan Murvay. "Risk Assessment and Security Countermeasures for Vehicular Instrument Clusters." In 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W). IEEE, 2018. http://dx.doi.org/10.1109/dsn-w.2018.00068.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Kim, Ji-Hun, Woo-Seok Cho, Jong-Myeong Lee, Jin-O. Park, and Jae-Hee Lee. "Study on Security Risk and Its Countermeasures of O2O Service." In 2017 International Conference on Platform Technology and Service (PlatCon). IEEE, 2017. http://dx.doi.org/10.1109/platcon.2017.7883730.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Zou, Zhenwan, Tao Chen, Jia Chen, Yingsa Hou, and Ruxia Yang. "Research on Network Security Risk and Security Countermeasures of 5G Technology in Power System Application." In 2021 IEEE 5th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). IEEE, 2021. http://dx.doi.org/10.1109/iaeac50856.2021.9390826.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Wang, Zezhou, Xiang Liu, Yongxin Wang, Chaitanya Yavvari, Matthew Jablonski, Duminda Wijesekera, Brian Sykes, and Keith Holt. "Cyber Security Analysis for Advanced Train Control System (ATCS) in CTC Systems: Concepts and Methods." In 2019 Joint Rail Conference. American Society of Mechanical Engineers, 2019. http://dx.doi.org/10.1115/jrc2019-1236.

Full text
Abstract:
Advanced Train Control System (ATCS) is a proprietary network protocol that expands the functionality and efficiency of Centralized Traffic Control (CTC) systems, by using radio communications (radio code line) for message delivery. However, end-to-end cyber security issues were not considered during initial design of ATCS in the 1980s. Meanwhile, the landscape of cyber-physical threats and vulnerabilities has changed dramatically over the last three decades. Even though cutting-edge systems like Positive Train Control (PTC) have adopted security properties such as integrity check and encryption methods, major railroads in North America still deploy legacy ATCS standards to maintain their individual CTC system. This paper first illustrated the background and general specifications of ATCS applications in North American railroads. The research team has noticed that few studies have systematically analyzed this topic since the emergence of ATCS, though its applications are still prevailing in the industry. Divided by both vital and non-vital operational scenarios, this paper presented case studies for ATCS-related vulnerabilities. We used a sender-receiver sequencing-based analysis and proposed a consequence-based simulation model to identify and further evaluate the cyber and physical risks under potential cyber-attacks. For the identified risk, the paper evaluated the likelihood based on the practical operational sequences, and recommended potential countermeasures for the industry to improve the security over the specific case. The research concluded that the fail-safe design in the ATCS systems would prevent the exploiting known security vulnerabilities which could result in unsafe train movements. However, the service disruptions under certain speculated attacks need further evaluation. At the end of this paper, we discussed our ongoing work for disruption evaluation in the wake of successful cyber attacks.
APA, Harvard, Vancouver, ISO, and other styles
10

Cilli, C. "An extensive approach to risk analysis for countermeasures definition." In European Conference on Security and Detection - ECOS97 Incorporating the One Day Symposium on Technology Used for Combatting Fraud. IEE, 1997. http://dx.doi.org/10.1049/cp:19970438.

Full text
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Security risk countermeasure' for particular source types:
Journal articles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography