New approach for threat classification and security risk estimations based on security event management

2020 ◽  
Vol 113 ◽  
pp. 488-505 ◽  
Author(s):  
José Carlos Sancho ◽  
Andrés Caro ◽  
Mar Ávila ◽  
Alberto Bravo
Keyword(s):  
Security Risk ◽  
Event Management ◽  
New Approach ◽  
Security Event

Mitigating Risk

2011 ◽  
Vol 2 (2) ◽  
pp. 67-75 ◽  
Author(s):  
Ken Lozito
Keyword(s):  
Planning Process ◽  
Deep Level ◽  
Historical Event ◽  
Event Management ◽  
Efficient Manner ◽  
Business Decision ◽  
Security Event ◽  
Security Information ◽  
Security Standards ◽  
Level Analysis

Business Intelligence (BI) has often been described as the tools and systems that play an essential role in the strategic planning process of a corporation. The application of BI is most commonly associated with the analysis of sales and stock trends, pricing and customer behavior to inform business decision-making. There is a growing trend in utilizing the tools and processes used in the analysis of data and applying them to security event management. Security Information and Event Management (SIEM) has emerged within the last 10 years providing a centralized source to enable both real-time and deep level analysis of historical event data to drive security standards and align IT resources in a more efficient manner.

IT Security Risk Management Model for Cloud Computing

2013 ◽  
Vol 4 (4) ◽  
pp. 1-19 ◽  
Author(s):  
Gunnar Wahlgren ◽  
Stewart Kowalski
Keyword(s):  
Cloud Computing ◽  
Risk Management ◽  
It Security ◽  
Maturity Model ◽  
Security Risk ◽  
Cloud Computing Environment ◽  
New Approach ◽  
Capability Maturity ◽  
Security Risk Management ◽  
Security Incidents

The authors combined ISO 27005 framework for IT Security Risk Management with NIST Multitier framework. With this combined framework the authors create a new approach to IT Security Risk Management where IT Security Risk Management is place at the strategic, tactical and operational levels of an organizational. In this paper the authors concentrate on the monitoring and communication steps of IT Security Risk Management and especially escalation of new IT Security Incidents. The authors present a first draft to an IT Security Risk Escalation Capability Maturity Model based on ISACA´s Risk IT Framework. Finally the authors apply the approach to typical cloud computing environment as a first step to evaluate this new approach.

Mitigating Risk

2012 ◽  
pp. 261-269
Author(s):  
Ken Lozito
Keyword(s):  
Planning Process ◽  
Deep Level ◽  
Historical Event ◽  
Event Management ◽  
Efficient Manner ◽  
Business Decision ◽  
Security Event ◽  
Security Information ◽  
Security Standards ◽  
Level Analysis

Business Intelligence (BI) has often been described as the tools and systems that play an essential role in the strategic planning process of a corporation. The application of BI is most commonly associated with the analysis of sales and stock trends, pricing and customer behavior to inform business decision-making. There is a growing trend in utilizing the tools and processes used in the analysis of data and applying them to security event management. Security Information and Event Management (SIEM) has emerged within the last 10 years providing a centralized source to enable both real-time and deep level analysis of historical event data to drive security standards and align IT resources in a more efficient manner.

Sign in / Sign up

Export Citation Format

Share Document