Formalizing information security requirements
Risk analysis, concentrating on assets, threats and vulnerabilities, used to play a major role in helping to identify the most effective set of security controls to protect information technology resources. To successfully protect information, the security controls must not only protect the infrastructure, but also instill and enforce certain security properties in the information resources. To accomplish this, a more modern top-down approach is called for today, where security requirements driven by business needs dictate the level of protection required.
No Reference information available - sign in for access.
No Citation information available - sign in for access.
No Supplementary Data.