Download presentation
Presentation is loading. Please wait.
Published byYuliana Angers Modified over 9 years ago
1
STRATEGIC INTELLIGENCE MANAGEMENT Chapter by Ivan Launders, Simon Polovina Chapter 13 - A Semantic Approach to Security Policy Reasoning, Pg. 150
2
13. A Semantic Approach to Security Policy Reasoning, Pg. 150 The automation of business transactions across the Internet has brought about many benefits. As such, enterprises and individuals enjoy the provision of many goods and services that hitherto were inaccessible to them. This success has relied on the use of payment cards instead of cash, as these cards enable instant electronic transfer directly between supplier and customer including remotely across the Internet. The growing sophistication of business transactions using payment cards continues to heighten the issue, causing its policing to be increasingly difficult. Nonetheless both public and private sector organizations are required by law to comply with industry standards for information technology (IT) security, and these standards mandate the creation of security policies and audit trails for these enterprises, especially from key systems holding sensitive information. Section 3: Technologies, Information, and Knowledge for National Security
3
13. A Semantic Approach to Security Policy Reasoning, Pg. 150 Almost every hardware and software component within enterprise architecture has the capability of producing a detailed record of its activity. Records are produced through audit logs often used for problem diagnostics and problem identification. Audit logs are a vital resource used to improve information security and compliance with regulatory standards (ISO2702, 2005). Organizations are looking to industry best-practice standards for guidance on how best to manage these new enterprise security challenges (Parkin et al., 2009). Industry best practice has tended to rely on technical controls, assessing identifiable vulnerability and then assessing the associated risk of a threat on that vulnerability. Industry-best practice is provided through organizations such as the Information Security Forum (ISF, 2012a). Section 3: Technologies, Information, and Knowledge for National Security
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.