IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations

The Challenge of Adequately Defining Technical Risk

The Challenge of Adequately Defining Technical Risk
View Sample PDF
Copyright: 2021
Pages: 30
Source title: Real-Time and Retrospective Analyses of Cyber Security
Source Author(s)/Editor(s): David Anthony Bird (British Computer Society, UK)
DOI: 10.4018/978-1-7998-3979-8.ch002

Purchase

View The Challenge of Adequately Defining Technical Risk on the publisher's website for pricing and purchasing information.

Abstract

Chapter 2 investigates the risk and compliance conundrum as fundamental principles that better inform the governance of cyber security in organizations. Public cloud computing examples are used to highlight the deficiencies of legacy risk assessment methods but also to provide a stark warning about using compliance mapping approaches instead of considered security control implementations. Ultimately using blanket compliance frameworks does not necessarily influence, but rather conversely, creates a vacuum that does not drill deep enough into the controls needed to safeguard cloud environments; this is particularly relevant since public cloud systems are connected to and accessed via the internet and therefore exposed to external threats. This chapter explores the use of threat modelling to contextualize risks more accurately in order to mitigate them more effectively.

Related Content

. © 2021. 44 pages.
. © 2021. 30 pages.
. © 2021. 30 pages.
. © 2021. 33 pages.
. © 2021. 35 pages.
. © 2021. 29 pages.
. © 2021. 32 pages.
Body Bottom