| 摘要 |
A method, programmed digital computer and computer program product for assessing and managing security risks in an iterative fashion is provided. The invention is adaptable for use with any system with security targets that are accessible to a security threat. The invention is applicable to all systems with physical, electronic and virtual targets that can be accessed by a threat, thus creating a risk to the system, e.g., systems surrounding hospitals, blood banks, mass transit operations, power production and transmission facilities, communication systems, internet service providers, email and web hosting service providers, electronic commerce, financial institutions and school district lunch programs. Under the invention, if a security threat can access a security target within a system then a risk to the system is present. The invention provides an iterative process by which the system may be analyzed as an undivided whole or may, alternatively, be divided into discrete sections where all known security targets are identified within each section. All threats to each individual target are then identified and it is determined whether each threat has access to the associated target. If access is present, a qualitative or quantitative risk level is assigned. Then, appropriate countermeasures are considered and, where appropriate, implemented if the risk level is unacceptably high. A second inquiry is made regarding whether the particular threat has access to its identified target, considering the implemented countermeasure(s), and a second risk level assignment performed. If the risk level remains high, the process is repeated until the risk level for the subject target is acceptably low. All remaining targets are secured in this manner.
|
