Re: Intrusions

Ira S. Winkler (winkler@c3i.saic.com)
Tue, 30 Jan 96 09:40:33 EST

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Chester Ratcliffe: "Re: Intro; Question -Reply"
Previous message: Brad Powell: "Re: Intrusions"
Maybe in reply to: Paul G. Seldes: "Intrusions"
Next in thread: Dale Whiteaker-Lewis: "Advice for Risk Assessment consultant (was Re: Intrusions)"

When you conduct a thorough risk assessment, you have to look at the threats
and vulnerabilities by default.  I tend to believe that vulnerabilities are
more important to consider than threats, in most cases, because threats would
be irrelevant if there are no vulnerabilities.  It is true that vulnerabilities
would be irrelevant without threats, but if you have anything of value than
there will be a threat.  

The big question becomes how much money do you want to put towards 
countermeasures, which is dependent upon the value of your information and
the value of the services dependent upon your information resources.

Ira

[Quoted Article Deleted]

Next message: Chester Ratcliffe: "Re: Intro; Question -Reply"
Previous message: Brad Powell: "Re: Intrusions"
Maybe in reply to: Paul G. Seldes: "Intrusions"
Next in thread: Dale Whiteaker-Lewis: "Advice for Risk Assessment consultant (was Re: Intrusions)"