O'Reilly logo

Advanced Persistent Security by Araceli Treu Gomes, Ira Winkler

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 4

Risk Management

Abstract

Security is unattainable. What security programs are trying to achieve is risk management. In other words, they are trying to cost effectively control the potential loss. Risk is a combination of value, threat, vulnerability, and countermeasures. Traditionally, a security program strives to implement countermeasures that primarily mitigate the vulnerabilities that, if exploited, will create a loss of value.

This chapter categorizes the factors that contribute to, and mitigate, risk. The goal is not to get rid of all risk, as that is not practical, but to optimize the risk, given the potential loss and available resources.

Keywords

Countermeasures; Malicious; Malignant; Risk; Threat; Vulnerability; Value
Security is ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required