O'Reilly logo

Metrics and Methods for Security Risk Management by Carl Young

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 6. Mitigating security risk
reducing vulnerability
The best diplomat that I know is a fully-loaded phaser bank. — Lt. Cdr. Montgomery Scott
"A Taste of Armageddon," Star Trek, Stardate 3192.1
6.1. Introduction
The decision to invoke a particular risk mitigation strategy for a unique threat is in part dependent on the answers to five questions:
1. What is the likelihood or potential for threat occurrence?
2. What is the vulnerability to loss assuming a threat does occur?
3. Do the consequences of a threat merit mitigation (i.e., what will be the impact of an occurrence)?
4. What methods of risk mitigation are available?
5. Can my company afford the required mitigation and/or are there less expensive options to manage the risk associated with a ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required