The Issue of Security{Comments Off on The Issue of Security}


by Monica G
Summary:

There has to be something said about security, every day we enter more and more companies investing more money into it. And this is not a bad thing. In this publishing, the writer explores different ways for companies to assess risk factors within the IT infrastructure and manage these threats. The author proposes for companies to analyze risk by using Bayesian networks which actually help the administrator of the information to quantify the chances of network breaches at various levels of the company. This way the administrator or administrators can come up with a solid management plan, just in case. And it allows the owner to make reasonable decisions even in a resource scarce environment.

Reflection:

This is pretty neat and can definitely relate to the class. We are always talking about how to make databases more secure for the businesses as well as the information, and here is one solution. If the user is able to analysis at what levels their information is most vulnerable then it becomes easier to manage and come up with plans on how to solve the issue or back-up plans. Because there is no concrete way to solve every occurrence then it is always better to be prepared.

Because money can be an issue then how can this approach be made more economically efficient. That is not to say that companies do not invest money in security but what about the startup businesses, or little ‘mom and pop’ shops that what to expand? New ways of analyzing risks factors is always great but how to make it affordable for the average business is key.

Citation:

Poolsappasit, N., Dewri, R., & Ray, I. (2012, January). Dynamic Security Risk Management Using Bayesian Attack Graphs. Retrieved November 20, 2011, from ABI/INFORM Complete: http://0-search.proquest.com.opac.library.csupomona.edu/abicomplete/docview/903467742/abstract/13329F2E0B244D12F8/2?accountid=10357