Escolar Documentos
Profissional Documentos
Cultura Documentos
ABSTRACT
The increasing technology trends has turned each infrastructure to its new hazards. Present
information policies designed are not readily equipped with up-to-date analysis or problems
suffered throughout networks. This paper addresses not only technical security issues but also
providing managerial solutions. It practically targets resources allocations keeping in new
management issues with its technical adoption to available parameters. This technical solution
provided; is strategic in its nature but with self assessment criteria. Now system reliability issues
with security complexities can be targeted effectively.
Keywords: Security Risks, Security Process Management, Security Assessment, Security Plans,
Security Model, Security Audit
1 INTRODUCTION
Every movement that comes to us bring new
challenges. Where as the rising slogan of IT has
brought new horizons to our attention. Today
continuous progress & service delivery has changed
business imperatives as IT security has become
integral part for any infrastructure.
Information technology continuous advancements has
open the number of possible security threats,
vulnerabilities and security incidents are even rising pace
despite efforts done by national or international level.
The current problems faced by organizations are not
only rising trends in information technology but there
unrealistic approach to coop with evolving
environment that has caused the world the loss of
billions of US dollars.
Here is some data from real world [2],[3]:
1.1 Computer fraud in the U.S. alone exceeds $3 billion
each year.
1.2 Less than 1% of all computer fraud cases are detected.
1.3 Over 90% of all computer crime goes unreported.
1.4 Although no one is sure how much is lost to EFT
(Electronic Funds Transfer) crime annually, the
consensus is that the losses run in the billions of
dollars. Yet few in the financial community are
paying any heed.
1.5 Average computer bank theft amounts to $1.5 million
each year.
Volume 3 Number 3
Page
137
www.ubicc.org
Volume 3 Number 3
Page
138
www.ubicc.org
Volume 3 Number 3
Page 139
www.ubicc.org
60
50
40
30
20
10
0
Human
Error
Dishonest
People
Technical
Sabotage
Fire
Water
Terrorism
Outsiders
13%
Current
Employees
81%
Former
Employees
6%
Volume 3 Number 3
Page 140
www.ubicc.org
Departments
IT Division
End Users
Security
Privacy
7 CONCLUSION
Standards
& Policies
Creating
Awareness
Monitoring &
Controlling
Risk
Assessment
Volume 3 Number 3
Page 141
www.ubicc.org
2.
3.
4.
5.
6.
7.
[6]
[7]
[8]
[9]
[10]
2000
server
",
in Computing,
REFERENCES
[1]
[2]
Boran Sean,
linuxsecurity, 2003.
cookbook",
[11]
[3]
[12]
[13]
[14]
[4]
[5]
"IT
security
Volume 3 Number 3
Page
142
www.ubicc.org