Abstract
Threat vectors against information systems are constantly changing and increasing in both diversity and frequency. This talk will review the latest threats to global information assets and mechanisms to assess risk exposure and mitigation approaches. Using examples from academia, industry, personal experience, and audience members; a spotlight will be cast on the major vulnerabilities that pervade our daily lives.
Appropriate access to most information technology resources inherently requires some risk. Assessing, eliminating, mitigating, and accepting risk then become functions that are necessarily performed by both individuals and organizations. Just as the threats themselves are misunderstood, so too are each of these four risk management elements often mismanaged. We’ll explore structures to address each element, common theoretical and practical errors in application, and how these gaps might be closed by a different approach or through future research.
Finally, we’ll review how the very actions that expose individuals and companies to significant risk may be exploited to thwart and prosecute criminals, by looking at recent approaches in digital forensics.
Chapter PDF
Similar content being viewed by others
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Weiser, M. (2013). Critical Issues and Information Security and Managing Risk. In: Meesad, P., Unger, H., Boonkrong, S. (eds) The 9th International Conference on Computing and InformationTechnology (IC2IT2013). Advances in Intelligent Systems and Computing, vol 209. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-37371-8_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-37371-8_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-37370-1
Online ISBN: 978-3-642-37371-8
eBook Packages: EngineeringEngineering (R0)