Title :
Dynamic Assessment and VaR-Based Quantification of Information Security Risk
Author :
Qi, Wenjing ; Liu, Xue ; Zhang, Jian ; Yuan, Weihua
Abstract :
Risk assessment and quantification is crucial to the effectiveness of information security measure deployed in an organization. A dynamic risk assessment process is presented in this paper to cope with the variation and diversity of threats in the information system. To give a clear perspective of the information risk without confusing by the complexity of so many risk factors, an risk quantification model and a VaR-based risk measure are presented, through which, risk can be represented by the prospective maximum daily loss under certain confidence level. We test our risk quantification model and measure in a real network environment.
Keywords :
risk management; security of data; VaR; dynamic risk assessment process; information security measure; risk factors; risk quantification model; Biomedical measurements; Computer bugs; Computer science; Computer security; Educational institutions; Information security; Information systems; Management information systems; Reactive power; Risk management;
Conference_Titel :
e-Business and Information System Security (EBISS), 2010 2nd International Conference on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-5893-6
Electronic_ISBN :
978-1-4244-5895-0
DOI :
10.1109/EBISS.2010.5473537
