The IRMA Community
Newsletters
Research IRM
Click a keyword to search titles using our InfoSci-OnDemand powered search:
|
Developing Intelligence-Based Threat Definitions for Global Information Security Management
Abstract
One of the major problems with global information security management is the piecemeal nature of pertinent information. An alert or item of interest might not mean anything in and of itself; however, combined with other items of interest and data, the last item might be the piece of the puzzle missing to uncover the nature of suspicious activity or unexplained problems. This research attempts to define how the pieces of data can be combined into information forming the basis of a possible scenario. Information systems using the database approach have generally failed to provide adequate information security because databases are not generally designed to discover facts or knowledge. Unlike databases, Model bases are generally integrative facilities that allow the capture of not just data, but the combination of data and information to form knowledge by storing combined data in a scenario. The proposed new threat definition model classifies the internal and external forces facing a trans-national organization from the relatively common operating environment for many organizations and the intra-organization environment. Businesses using information systems need to continuously monitor their common operating environment (COE). This threat definition model identifies the sources of macro-level potential threat forces and micro-level potential threat forces. These include nation-states, terrorists, hackers, and even software developers worldwide. Keywords: Threat Definition, scenario, military intelligence, information system security
|
|