Title :
Managing Security Threats and Vulnerabilities for Small to Medium Enterprises
Author :
Onwubiko, C. ; Lenaghan, A.P.
Author_Institution :
Kingston Univ., London
Abstract :
The difficulty in managing security threats and vulnerabilities for small and medium-sized enterprises (SME) is investigated. A detailed security conceptual framework, asset and threat classifications are proposed. These models assist SMEs to prevent and effectively mitigate threats and vulnerabilities in assets. The investigated conceptual framework models security issues in terms of owners, vulnerabilities, threat agents, threats, countermeasures, risks and assets, and their relationship; while the asset classification model is a value-based approach, and the threat classification model is based on attack timeline.
Keywords :
Internet; security of data; small-to-medium enterprises; Internet; asset classification model; security threat; small-to-medium enterprise; value-based approach; Asset management; Communication system security; Computer crime; Computer network management; Computer network reliability; Computer security; Computer viruses; Data security; Information security; Protection; asset classification; computer networks; economic impact; security threats; vulnerabilities;
Conference_Titel :
Intelligence and Security Informatics, 2007 IEEE
Conference_Location :
New Brunswick, NJ
Electronic_ISBN :
1-4244-1329-X
DOI :
10.1109/ISI.2007.379479
