The Structure of Information Protection

Click here to start

Table of contents

The Structure of Information Protection

Slide 2

Slide 3

Slide 4


The Great Wall

The Maginot Line

Iraq’s dug in armies

Why Defenses Fail

How Cyber-Defenses Fail

Viruses in TCBs

Slide 12

Minimum firewall costs

Slide 14

E-commerce Holes

Slide 16

The Christma, Mellisa, LoveBug

Why Cyber Defenses Fail

Threat mis-assessment

Slide 20

Winning example

Slide 22

The Challenge

Threats Vulnerabilities &Consequences

The threats are real

What/Who Causes Harm?

We are vulnerable+

Examples: corruption

Examples: denial of services

Examples: information leaks

50 Ways and 40 attacks/month

Mechanisms (94 classes)

Some more facts and figures

Personal consequences

Business Consequences

Social Consequences

Global Consequences

T&V&C=> Risk

We manage risk

Approaches to Managing Risks+

An Analytical Approach

Limiting Complexity

A Feedback Control Model

An organizational approach

Organizational change process

A risk staging approach

Risk handling can be staged as

A Gaming Approach

The Network Game

Risk Analysis Approaches


Risk Management Summary

Questions and Comments?

Thank You!

Author: Fred Cohen


Best viewed with