A Novel Threat and Risk Assessment Mechanism for Security Controls in Service Management

2013 ◽  
Author(s):  
Ping Wang ◽  
Kuo-Ming Chao ◽  
Chi-Chun Lo
Keyword(s):  
Risk Assessment ◽  
Service Management ◽  
Security Controls ◽  
Risk Assessment Mechanism

Agent of Opportunity Risk Mitigation: People, Engineering, and Security Efficacy

2010 ◽  
Vol 4 (4) ◽  
pp. 291-299 ◽  
Author(s):  
Margaret E. Graham ◽  
Michael G. Tunik ◽  
Brenna M. Farmer ◽  
Carly Bendzans ◽  
Aileen M. McCrillis ◽  
...  
Keyword(s):  
Risk Assessment ◽  
Health Care ◽  
Risk Mitigation ◽  
Care Delivery ◽  
Front Door ◽  
Security Controls ◽  
Wide Range ◽  
Access Controls ◽  
Survey Interviews ◽  
The Impact

ABSTRACTBackground: Agents of opportunity (AO) are potentially harmful biological, chemical, radiological, and pharmaceutical substances commonly used for health care delivery and research. AOs are present in all academic medical centers (AMC), creating vulnerability in the health care sector; AO attributes and dissemination methods likely predict risk; and AMCs are inadequately secured against a purposeful AO dissemination, with limited budgets and competing priorities. We explored health care workers' perceptions of AMC security and the impact of those perceptions on AO risk.Methods: Qualitative methods (survey, interviews, and workshops) were used to collect opinions from staff working in a medical school and 4 AMC-affiliated hospitals concerning AOs and the risk to hospital infrastructure associated with their uncontrolled presence. Secondary to this goal, staff perception concerning security, or opinions about security behaviors of others, were extracted, analyzed, and grouped into themes.Results: We provide a framework for depicting the interaction of staff behavior and access control engineering, including the tendency of staff to “defeat” inconvenient access controls. In addition, 8 security themes emerged: staff security behavior is a significant source of AO risk; the wide range of opinions about “open” front-door policies among AMC staff illustrates a disparity of perceptions about the need for security; interviewees expressed profound skepticism concerning the effectiveness of front-door access controls; an AO risk assessment requires reconsideration of the security levels historically assigned to areas such as the loading dock and central distribution sites, where many AOs are delivered and may remain unattended for substantial periods of time; researchers' view of AMC security is influenced by the ongoing debate within the scientific community about the wisdom of engaging in bioterrorism research; there was no agreement about which areas of the AMC should be subject to stronger access controls; security personnel play dual roles of security and customer service, creating the negative perception that neither role is done well; and budget was described as an important factor in explaining the state of security controls.Conclusions: We determined that AMCs seeking to reduce AO risk should assess their institutionally unique AO risks, understand staff security perceptions, and install access controls that are responsive to the staff's tendency to defeat them. The development of AO attribute fact sheets is desirable for AO risk assessment; new funding and administrative or legislative tools to improve AMC security are required; and security practices and methods that are convenient and effective should be engineered.(Disaster Med Public Health Preparedness. 2010;4:291-299)

scholarly journals The Vicious Circle of Non-performing Assets: An introspection for Indian banks to ensure their profitability amidst COVID – 19 pandemic

2020 ◽  
pp. 179-185
Keyword(s):  
Risk Assessment ◽  
Credit Risk ◽  
Financial Institutions ◽  
Service Providers ◽  
Credit Scoring ◽  
Developed Countries ◽  
Basic Function ◽  
Credit Risk Assessment ◽  
Indian Banks ◽  
Risk Assessment Mechanism

The non performing assets (NPAs) or bad loans, as we understand generally, have always been one of the key challenges for Indian banks and financial institutions and they have been adversely affecting the sustainability of these financial service providers. While performing the basic function of extending credit in order to earn interest income, however, it is also important for these institutions to have an efficient and effective credit risk assessment mechanism in place, so that, a proper balance between profitability and sustainability is maintained. Credit scoring models are one of the most important components of credit risk assessment mechanism and banks and financial institutions of many developed countries have developed credit scoring models based on advanced technologies. On the contrary, most of the Indian banks are still dependent on the traditional way of developing credit scoring models, which might be a deterrent against ensuring safe credit policy amidst the COVID – 19 pandemic.

scholarly journals An Adaptive, Situation-Based Risk Assessment and Security Enforcement Framework for the Maritime Sector

Sensors ◽  
2021 ◽  
Vol 22 (1) ◽  
pp. 238
Author(s):  
Christos Grigoriadis ◽  
Romain Laborde ◽  
Antonin Verdier ◽  
Panayiotis Kotzanikolaou
Keyword(s):  
Risk Assessment ◽  
Security Policy ◽  
Risk Mitigation ◽  
Assessment Process ◽  
Adaptive Security ◽  
Efficient Manner ◽  
Worst Case ◽  
Risk Assessment Process ◽  
Security Controls ◽  
Dynamic Risk

Maritime processes involve actors and systems that continuously change their underlying environment, location and threat exposure. Thus, risk mitigation requires a dynamic risk assessment process, coupled with an adaptive, event driven security enforcement mechanism, to efficiently deal with dynamically evolving risks in a cost efficient manner. In this paper, we propose an adaptive security framework that covers both situational risk assessment and situational driven security policy deployment. We extend MITIGATE, a maritime-specific risk assessment methodology, to capture situations in the risk assessment process and thus produce fine-grained and situation-specific, dynamic risk estimations. Then, we integrate DynSMAUG, a situation-driven security management system, to enforce adaptive security policies that dynamically implement security controls specific to each situation. To validate the proposed framework, we test it based on maritime cargo transfer service. We utilize various maritime specific and generic systems employed during cargo transfer, to produce dynamic risks for various situations. Our results show that the proposed framework can effectively assess dynamic risks per situation and automate the enforcement of adaptive security controls per situation. This is an important improvement in contrast to static and situation-agnostic risk assessment frameworks, where security controls always default to worst-case risks, with a consequent impact on the cost and the applicability of proper security controls.

Development and Research of an Integrated Platform System for Management and Control

2015 ◽  
Vol 719-720 ◽  
pp. 732-736 ◽  
Author(s):  
Wei Mei Zhao ◽  
Chao Yang Zhu ◽  
Zhen Yu
Keyword(s):  
Communication Systems ◽  
Service Management ◽  
Process Management ◽  
Current Status ◽  
Security Controls ◽  
Operation And Maintenance ◽  
Integrated Platform ◽  
Problems And Solutions ◽  
Platform System ◽  
And Control

This paper describes the current status of power communication systems, problems and solutions, proposed to build an integrated platform system for communications management and control.The integrated platform system is divided into four parts: Comprehensive Monitoring Subsystem, Resource Management Subsystem, Operation and Maintenance Management Subsystem, Security Management and Control Subsystem, which can monitor the resource, operation and maintenance, and security controls etc.This system can implement communication professional management, process management, user management, daily operation, maintenance work management standardization, process and automation; promote systematic and integrated for communication network, improve service management level and efficiency of operation and maintenance; and provide better support and protection for developing the grid and the smart grid.

scholarly journals Establishing a Security Control Framework for Blockchain Technology

10.28945/4837 ◽  
2021 ◽  
Vol 16 ◽  
pp. 307-330
Author(s):  
Maitha Al Ketbi ◽  
Khaled Shuaib ◽  
Ezedin Barka ◽  
Marton Gergely
Keyword(s):  
Risk Assessment ◽  
Information Security ◽  
Risk Identification ◽  
International Standards ◽  
Use Cases ◽  
Future Research ◽  
Security Risks ◽  
Security Controls ◽  
Blockchain Technology ◽  
Security Standards

Aim/Purpose: The aim of this paper is to propose a new information security controls framework for blockchain technology, which is currently absent from the National and International Information Security Standards. Background: Blockchain technology is a secure and relatively new technology of distributed digital ledgers, which is based on inter-linked blocks of transactions, providing great benefits such as decentralization, transparency, immutability, and automation. There is a rapid growth in the adoption of blockchain technology in different solutions and applications and within different industries throughout the world, such as finance, supply chain, digital identity, energy, healthcare, real estate, and the government sector. Methodology: Risk assessment and treatments were performed on five blockchain use cases to determine their associated risks with respect to security controls. Contribution: The significance of the proposed security controls is manifested in complementing the frameworks that were already established by the International and National Information Security Standards in order to keep pace with the emerging blockchain technology and prevent/reduce its associated information security risks. Findings: The analysis results showed that the proposed security controls herein can mitigate relevant information security risks in blockchain-based solutions and applications and, consequently, protect information and assets from unauthorized disclosure, modification, and destruction. Recommendations for Practitioners: The performed risk assessment on the blockchain use cases herein demonstrates that blockchain can involve security risks that require the establishment of certain measures in order to avoid them. As such, practitioners should not blindly assume that through the use of blockchain all security threats are mitigated. Recommendation for Researchers: The results from our study show that some security risks not covered by existing Standards can be mitigated and reduced when applying our proposed security controls. In addition, researchers should further justify the need for such additional controls and encourage the standardization bodies to incorporate them in their future editions. Impact on Society: Similar to any other emerging technology, blockchain has several drawbacks that, in turn, could have negative impacts on society (e.g., individuals, entities and/or countries). This is mainly due to the lack of a solid national and international standards for managing and mitigating risks associated with such technology. Future Research: The majority of the blockchain use cases in this study are publicly published papers. Therefore, one limitation of this study is the lack of technical details about these respective solutions, resulting in the inability to perform a comprehensive risk identification properly. Hence, this area will be expanded upon in our future work. In addition, covering other standardization bodies in the area of distributed ledger in blockchain technology would also prove fruitful, along with respective future design of relevant security architectures.

Social Risk Assessment Mechanism Based on the Neural Networks

2019 ◽  
Author(s):  
Vadym Mukhin ◽  
Yaroslav Komaga ◽  
Valerii Zavgorodnii ◽  
Anna Zavgorodnya ◽  
Oksana Herasymenko ◽  
...  
Keyword(s):  
Neural Networks ◽  
Risk Assessment ◽  
Social Risk ◽  
The Neural Networks ◽  
Risk Assessment Mechanism
Sign in / Sign up

Export Citation Format

Share Document