AN APPROACH FOR DESIGNING OF ENTERPRISE IT LANDSCAPES TO PERFORM QUANTITAVE INFORMATION SECURITY RISK ASSESSMENT

Anton Romanov; Eiji Okamoto

doi:10.5220/0002224803130318

AN APPROACH FOR DESIGNING OF ENTERPRISE IT LANDSCAPES TO PERFORM QUANTITAVE INFORMATION SECURITY RISK ASSESSMENT

Anton Romanov, Eiji Okamoto

2009

Abstract

Nowadays most of enterprises must consider information security aspects as of the highest concern. It is caused not only by growing hacker’s activity but also because of increasing legal requirements and compliance issues. One of required procedures to manage information security is regular performing of information security risk assessment. This article describes an approach for designing and managing of an enterprise IT landscapes which makes possible to perform quantitative information security risk assessment using already established methodologies which were previously inapplicable by some reasons. Moreover, application of the proposed framework allows transformation of any IT landscape to such state. Other relevant key features of the proposed approach are unification and reduction of maintenance cost.

Download

Paper Citation

in Harvard Style

Romanov A. and Okamoto E. (2009). AN APPROACH FOR DESIGNING OF ENTERPRISE IT LANDSCAPES TO PERFORM QUANTITAVE INFORMATION SECURITY RISK ASSESSMENT . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2009) ISBN 978-989-674-005-4, pages 313-318. DOI: 10.5220/0002224803130318

in Bibtex Style

@conference{secrypt09,
author={Anton Romanov and Eiji Okamoto},
title={AN APPROACH FOR DESIGNING OF ENTERPRISE IT LANDSCAPES TO PERFORM QUANTITAVE INFORMATION SECURITY RISK ASSESSMENT},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2009)},
year={2009},
pages={313-318},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002224803130318},
isbn={978-989-674-005-4},
}

in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2009)
TI - AN APPROACH FOR DESIGNING OF ENTERPRISE IT LANDSCAPES TO PERFORM QUANTITAVE INFORMATION SECURITY RISK ASSESSMENT
SN - 978-989-674-005-4
AU - Romanov A.
AU - Okamoto E.
PY - 2009
SP - 313
EP - 318
DO - 10.5220/0002224803130318