Verified Document

Security Breaches Can Occur Either Research Paper

Both types -- qualitative and quantitative -- have their advantages and disadvantages. One of the most well-known of the quantitative risk metrics is that that deals with calculation of annual loss expectancy (ALE) (Bojanc & Jerman-Blazoc, 2008). ALE calculation determines the monetary loss associated form a single occurrence of the risk (popularly known as the single loss exposure (SLE)). The SLE is a monetary amount that is assigned to a single event that represents the amount that the organizations will potentiality lose when threatened. For intangible assets, this amount can be quite difficult to assess. The SLE is calculated by multiplying the monetary value of the asset (AV) with the exposure factor (EF). The EF represents the percentage of loss that a threat can have on a particular asset. The equation, therefore, is thus: SLE=AV*EF. Applying this practically, if the AV of an e-commerce web server is $50,000 and a virus infection caused a loss of 35%, the SLE, in this case, would result in $17, 500.

Once the SLE has...

If nothing is done to mitigate it. The calculation to determine that is ALE= SLE*ARO.
According to Bojanc and Jerman-Blazoc (2008), calculating estimations for SLE or ARO is exceedingly difficult as very few companies track and report risks hence little actuarial data is available. Independent surveys, insurance claim data, or academic research provides the most reliable information.

Reference

Bojanc, R. & Jerman-Blazoc, B. (2008), An economic modelling approach to information security risk management. International Journal of Information Management 28 (2008) 413 -- 422

Chowdhary, A., & Mezzeapelle, M.A. (n.d.) Inforamtion Security metrics. Hewlett Packard.

Pedro, G.L., & Ashutosh, S. (2010). An approach to quantitatively measure Information security 3rd India Software Engineering Conference, Mysore, 25-27

Sources used in this document:
Reference

Bojanc, R. & Jerman-Blazoc, B. (2008), An economic modelling approach to information security risk management. International Journal of Information Management 28 (2008) 413 -- 422

Chowdhary, A., & Mezzeapelle, M.A. (n.d.) Inforamtion Security metrics. Hewlett Packard.

Pedro, G.L., & Ashutosh, S. (2010). An approach to quantitatively measure Information security 3rd India Software Engineering Conference, Mysore, 25-27
Cite this Document:
Copy Bibliography Citation

Related Documents

Healthcare and Security Breaching
Words: 815 Length: 3 Document Type: Case Study

Security Breaching in healthcareHow serious was this e-mail security breach? Why did the Kaiser Permanente leadership react so quickly to mitigate the possible damage done by the breach?Data breaches are regarded as severe violations of privacy and security. For HIPAA violations, the county prosecutor has the right to file legal actions on the representation of the individuals. When they were informed of the breach, the Kaiser Permanente leadership immediately investigated

VA Security Breach the Veteran's Affairs Department
Words: 577 Length: 2 Document Type: Essay

VA Security Breach The Veteran's Affairs department has had several notable security breeches in recent years. In one 2006 incident, patient data was downloaded onto an unsecured laptop and stolen. Patient records at the VA were unencrypted at the time. "If data is properly encrypted there is no data breach. The device can be stolen but no data can be accessed" because the thief lacks the 'key' to decode the data

Crisis Management The E Mail Security Breach by the KP Online Pharmacy...
Words: 776 Length: 3 Document Type: Case Study

How serious was this e-mail security breach? Why did the Kaiser Permanente leadership react so quickly to mitigate the possible damage done by the breach?The e-mail security breach by the KP online Pharmacy was grave because it violated various HIPPA and State laws that protect patients from health information disclosure without prior consent. Moreover, such a breach of confidential and private information could cause harm and affect the patients' dignity.

Data Security Breaches at the Department of Veterans Affairs
Words: 3984 Length: 15 Document Type: Essay

Internet Risk and Cybercrime at the U.S. Department of Veterans Affairs Internet Risk Cybercrime Today, the mission of the U.S. Department of Veterans Affairs (VA) as taken from President Lincoln's second inaugural address is, "To care for him who shall have borne the battle, and for his widow, and his orphan." To this end, this cabinet-level organization provides healthcare services through the Veterans Health Administration (VHA) to nine million veteran patients each year.

Preventing Security Breaches and Hackers
Words: 582 Length: 2 Document Type: Essay

Network Security Controls and Issues The many challenges of network security can be understood by realizing who needs access to the network itself. Access to secure networks should be accompanied by a certain need or reason by a person who has the authority to view, manipulate or reproduce information and data contained within that network. Access problems arise when there are no clear boundaries or guidelines as to who should have

Breach of Faith
Words: 1740 Length: 6 Document Type: Research Paper

Breach of Faith Over the course of twenty-two years, from 1979 to 2001, Robert Hanssen participated in what is possibly the most severe breach of national intelligence in the United States' history. Through a combination of skill and sheer luck, Hanssen was able to pass critical information from his job at the FBI to Soviet and later Russian intelligence agencies, information that may have contributed to the capture and execution of

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now