Title
Risk assessment tactics optimizing efficiency and threat-space coverage
Authors
Ariel Waissbein (presented by Fred Pinkett)
In
Annual Computer Network Defense Research and Technology Workshop, 22-24 June 2009
Date published
2009-06-22
Keywords
risk assessment, security metrics

Abstract

This talk is about the design of an attack-centric model for risk assessment that can be used to analyze assessment information and deduce unexplored threats, help prioritize which risks should be attended to and make predictions. The aim of this talk is to present what we see is a need for risk assessment within large enterprises. In particular, we provide a set of requirements that we discuss and show a sketch of a model that satisfies them. Further, we deduce some applications that will help organize (and plan) the risk assessment process of the large enterprise.

Attachments