• Home

  • Documents

  • Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment...
44
Daniele Daniele Spagnulo Spagnulo Risk Risk Assessment Assessment for for Security Security Economics Economics Workshop on Security Frameworks "Security Assurance“ – 16th December 2005 Dipartimento di Matematica ed Informatica Università di Catania

Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

  • Upload
    vodang

  • View
    228

  • Download
    2

Embed Size (px)

Citation preview

Page 1: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Daniele Daniele SpagnuloSpagnulo

RiskRisk AssessmentAssessment forforSecuritySecurity EconomicsEconomics

Workshop on Security Frameworks "Security Assurance“ – 16th December 2005

Dipartimento di Matematica ed Informatica Università di Catania

Page 2: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 22

WhatWhat isis IT?IT?IT : Short IT : Short forfor IInformationnformation TTechnologyechnology,, and and pronouncedpronounced asas separate separate

lettersletters, the , the broadbroad subjectsubject concernedconcerned withwith allall aspectsaspects of of managingmanagingand processing and processing informationinformation, , especiallyespecially withinwithin a a largelarge organizationorganizationor company. or company. BecauseBecause computerscomputers are are centralcentral toto informationinformationmanagement, computer management, computer departmentsdepartments withinwithin companiescompanies and and universitiesuniversities are are oftenoften calledcalled IT IT departmentsdepartments..

Business Business requirementsrequirements: : preservepreserve IT IT SystemsSystems Data Data fromfrom damagesdamagesinvolvedinvolved inin

1.1. IntegrityIntegrity = = UnauthorizedUnauthorized People People cannotcannot modifiymodifiy SystemSystem’’s s InformationInformation;;2.2. AvailabilityAvailability = = System System isis alwaysalways operative and operative and functionalfunctional;;3.3. Privacy = Privacy = UnauthorizedUnauthorized People People cannotcannot approachapproach SystemSystem’’s s InformationInformation;;

Page 3: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 33

WeWe couldcould reachreach thisthis aimaim throughthrough……Security Risk

Analysis

Risk Management(Business)

Information SecurityRisk Management

SecuritySecurity RiskRiskAnalysisAnalysis::

a a processprocess toto ensureensurethatthat the the securitysecuritycontrolscontrols forfor anan IT IT system are system are fullyfullycommensurate commensurate withwithitsits risksrisks..

Page 4: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 44

TodayToday’’s s MainMain TopicsTopics……

InformationInformation SecuritySecurity RiskRisk Management;Management;RiskRisk Management Management MethodologiesMethodologies;;AttackAttack TreesTrees, , VulnerabilityVulnerability TreesTrees, Fault , Fault TreesTreesand and EventEvent TreesTrees;;AttackAttack SceneryScenery AnalysisAnalysis through through AttackAttack TreesTrees ;;

Page 5: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 55

InformationInformation SecuritySecurity RiskRiskManagementManagement

AimAim: : watchingwatching over over business in business in orderorder totoidentifyidentify IT IT risksrisks and and tryingtrying toto managingmanagingthemthem in in orderorder toto cut cut down down impactimpact’’s s consequencesconsequences..

InformationSecurity

RiskManagement

Risk Assessment Risk Mitigation Evaluation andAssessment

Page 6: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 66

RiskRisk AssessmentAssessment

AssetAsset ((defdef.):.): Any real or personal property, tangibleor intangible, that a company or individual ownsthat can be given or assigned a monetary value. Intangible property includes things such as goodwill, proprietary information, and related property.

Page 7: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 77

RiskRisk AssessmentAssessmentSystem Features

Analysis

Controls AnalysisThreat ImpactAnalysis

ImpactAnalysis

RisksDetermination

ControlsRecommendation

Final Documentation

ThreatsIdentification

VulnerabilitiesIdentification

Phase 1

Phase 4

Phase 7

Phase 2 Phase 3

Phase 6 Phase 5

Phase 8 Phase 9

Page 8: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 88

RiskRisk AssessmentAssessment: : SourcesSources of of ThreatsThreats

Page 9: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 99

RiskRisk MitigationMitigation(def.): the process of evaluating and implementing recommended

controls as a result of the previuous phase of Risk Assessment, giving necessary support to Management planning the budget and executing controls

RiskRisk mitigationmitigation possiblepossible strategiesstrategies::1.1. RiskRisk AssumptionAssumption;;2.2. RiskRisk EliminationElimination;;3.3. RiskRisk RestrictionRestriction;;4.4. RiskRisk Planning;Planning;5.5. ResearchResearch And And ComprehensionComprehension;;6.6. RiskRisk Transfer;Transfer;

Page 10: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 1010

ActionsPrioriting

ControlsSelection

ResponsibilitiesAssignment

Safeguard PlanDeveloping

Selected ControlsImplementation

RecommendedControls Evaluation

CBAAnalysis

RiskRisk MitigationMitigation

Phase 1

Phase 4

Phase 7

Phase 2 Phase 3

Phase 6 Phase 5

Page 11: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 1111

RiskRisk MitigationMitigation: : MostMost usedused CountermeasuresCountermeasures

Page 12: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 1212

RiskRisk EvaluationEvaluation and and AssessmentAssessmentIT Systems are often modified;System Conditions are changed;We need another Risk Assessment Process?...

NO!We have just to evaluate periodicallysystem risks in order to adapt necessarychanges to applied countermeasures

Page 13: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 1313

RiskRisk Management Management MethodologiesMethodologies

ThreeThree kindkind of of approachapproach::

Qualitative ;Quantitative;Hybrid;

Page 14: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 1414

Qualitative Qualitative ApproachApproachSimpleSimple and and FlexibleFlexible;;No No TechnicalTechnical KnowledgeKnowledge requiredrequired;;UseUse of of InterviewsInterviews toto definedefine valuevalue and and riskrisk runrunforfor eacheach assetasset;;RiskRisk//ValueValue High,Medium,High,Medium,LowLow ;;UsefulUseful toolstools: : RisksRisks MatrixMatrix

Final Final aimaim? ? OutlineOutline possiblepossible attackattack sceneriessceneries

Page 15: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 1515

Quantitative Quantitative ApproachApproachNumericNumeric evaluationevaluation of of assetsassets;;TechnicalTechnical KnowledgeKnowledge requiredrequired;;UseUse of of indexesindexes toto definedefine correctcorrect forecastforecastinherentinherent the system;the system;RiskRisk//ValueValue EF,SLE,ARO,ALE,ROSI,ROA,EF,SLE,ARO,ALE,ROSI,ROA,CostCost//BenefitsBenefits AnalysisAnalysis;;

Final Final aimaim? ? OutlineOutline possiblepossible attackattack sceneriessceneries

Page 16: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 1616

Quantitative Quantitative ApproachApproachExposureExposure FactorFactor (EF): (EF): The proportion of an asset's value that is likely to be destroyed by a particular risk, expressed as a percentage.

Single Single LossLoss ExpectancyExpectancy (SLE):(SLE): The Single LossExpectancy (SLE) is the expected monetary loss everytime a risk occurs. The Single Loss Expectancy, AssetValue (AV), and exposure factor (EF) are related by the formula:

SLE = AV * EF

Page 17: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 1717

Quantitative Quantitative ApproachApproachAnnualizedAnnualized Rate of Rate of OccurenceOccurence (ARO): (ARO): The

probability that a risk will occur in a particular year.

AnnualizedAnnualized LossLoss ExpectancyExpectancy (ALE):(ALE): The AnnualizedLoss Expectancy (ALE) is the expected monetary lossthat can be expected for an asset due to a risk over a one year period. It is defined as:

ALE = SLE * AROwhere SLE is the Single Loss Expectancy and ARO is the Annualized Rate of Occurrence.

Page 18: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 1818

Quantitative Quantitative ApproachApproach

Page 19: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 1919

Quantitative Quantitative ApproachApproach

Costs/Benefits Analysis: It could be executedusing three indexes

1. ALE (prior) : ALE before applyingcountermeasures;

2. ALE (post) : ALE with in force countermeasures;

3. Annualized Cost of Safeguard (ACS) : countermeasures total cost;

CBA = ALE (prior) – ALE (post) - ACS

Page 20: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 2020

Quantitative Quantitative ApproachApproach

Return on Security Investment (ROI/ROSI): It’s a gauge used to evaluate investment rendering and tocompare other alternatives

ROI = CBA/ACS

ROSI = (Risk Exposure * % Risk Mitigated) – SC/SC

Return on Attack (ROA): It’s a gauge used fromattackers to evaluate attacks’ profit

ROA= gain from successful attack / cost before S + loss caused by S

Page 21: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 2121

Fault Fault TreeTree AnalysisAnalysis

Flamesnear

workers

AlarmFailed

Aid SquadFailed

Workers TrappedInto flames

WorkersCannot Escapefault tree analysis (a.k.a.

fault analysis) offers the ability to focus on an eventof importance, such as a highly critical safety issue, and work to minimize itsoccurrence or consequence. Fault tree analyses are performed using a top-down approach. The resulting fault tree diagram is a graphicalrepresentation of the chainof events in your system or process, built using eventsand logical gate configurations.

Page 22: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 2222

EventEvent TreesTreesAn event tree is a visual representation of all the events which can occur in a system. Event trees can be used to analyze systems in which allcomponents are continuously operating, or for systems in which some or allof the components are in standby mode. The starting point (referred to asthe initiating event) disrupts normal system operation. The event treedisplays the sequences of events involving success and/or failure of the system components.

Page 23: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 2323

VulnerabilityVulnerability TreesTrees

Vulnerability trees are hierarchytrees constructed as a result of the relationship between one vulnerability and othervulnerabilities and/or steps;A threat agent has to carry out in order to reach the top of the tree; The top of the tree is known asthe top vulnerability and we willsymbolise it with a capital ‘V’. There are a large number of ways that such a top vulnerability can be exploited. Each of these ways willconstitute a branch of the tree. The branches will beconstructed by childvulnerabilities.

HG

F

C ED

B

A

“A” zone

“B” zone

Page 24: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

AttackAttack TreesTrees

Structured attack scenarios against a system organized in a tree structure;Root node represents a main goal, child nodesare subgoals that must be achieved toaccomplish higher level goals;A given system is likely to have many attacktrees associated with its operation; A set of attack trees is referred to as an attack forest;And/Or structure;

Page 25: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 2525

AttackAttack TreesTreesOpen Safe

Break lock Steal safeHole inThe wallKnow code

Given by aPerson

Written inA note

Menace CorruptEavesdropBlackmail

Snoopingtalks

Extortcode

Page 26: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 2626

AttackAttack TreesTreesOpen Safe10.000 €

Break lock30.000 €

Steal safe100.000 €

Hole inThe wall10.000 €

Know code20.000 €

Given by aPerson

20.000 €

Written inA note

75.000 €

Menace60.000 €

Corrupt20.000 €

Eavesdrop60.000 €

Blackmai100.000 €l

SnoopingTalks

40.000 €

Extort Code20.000 €

Page 27: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 2727

AttackAttack SceneryScenery AnalysisAnalysis

AnalysingAnalysing SceneriesSceneries AttackAttack wewe’’llll followfollow thesethesesimplesimple stepssteps1.1. AttackAttack StrategiesStrategies RecognizingRecognizing;;2.2. CountermeasuresCountermeasures RecognizingRecognizing;;

WhileWhile toto examineexamine variousvarious pointspoints of of viewview analysinganalysingAttackAttack SceneriesSceneries wewe’’llll folowfolow thesethese stepssteps::

1.1. AttackAttack TreeTree LabellingLabelling;;2.2. CountermeasuresCountermeasures LabellingLabelling; ;

Page 28: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 2828

AttackAttack StrategiesStrategies RecognizingRecognizing

Attacker’s Aim: Steal data from a server

Let’s develop separately these childs…

StealData

Steal SavedData

Steal ServerPhisically

Page 29: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 2929

AttackAttack StrategiesStrategies RecognizingRecognizingSteal Saved

Data

Obtain aLogin

Have aLogin

AttackRemotely

Steal toan User

Corrupt anUser

Exploit DBVulnerability

Exploit MailVulnerability

Steal ServerPhisically

Break intobuilding

Breakthrough Door

Break intobuilding

Escapeunobserved

Obtainkeys

Escapeunobserved

Page 30: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 3030

CountermeasuresCountermeasures RecognizingRecognizingSteal Saved

Data

Obtain aLogin

Have aLogin

AttackRemotely

Steal toan User

ChangePassword

ShutdownPc After use

Add AuthMechanism

Resp.Redistr.

Corruptan User

ChangePassword

Add AuthMechanism

Resp.Redistr.

Motivateworkers

Resp.Redistr.

MotivateWorkers

Exploit DBVulnerability

SystemUpdate

Check ScriptValidation

ContentSeparation

Exploit MailVulnerability

Antivirus

Block Susp.Attachments

Page 31: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 3131

CountermeasuresCountermeasures RecognizingRecognizing

Steal ServerPhisically

Break intobuilding

Breakthrough Door

Break intobuilding

Escapeunobserved

Obtainkeys

Escapeunobserved

InstallCameras

policeman

InstallArmoured

doorInstall

Cameras

policeman

InstallCameras

policeman

Magneticlock

Installcameras

policeman

Page 32: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Business Business PointPoint of of ViewViewAttackAttack TreeTree LabellingLabelling: : 1.1. StudyStudy treetree in in orderorder toto definedefine best best investmentsinvestments and and

toto preservepreserve assetsassets;;2.2. UseUse of of labelslabels in in orderorder toto evaluateevaluate treetree in a in a

quantitative way (AV,EF,ARO)quantitative way (AV,EF,ARO)

3.3. AttacksAttacks describeddescribed byby OR OR nodesnodes: : SLE and ALE SLE and ALE calculationscalculations dependsdepends onlyonly on EF and ARO on EF and ARO valuesvalues involvedinvolved in the in the nodenode itselfitself;;

4.4. AttacksAttacks describeddescribed byby AND AND nodesnodes: : SLE and ALE SLE and ALE calculationscalculations dependsdepends on EF and ARO on EF and ARO valuesvalues involvedinvolved withwith the the actionsactions under the AND under the AND nodenode;;

Page 33: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 3333

Business Business PointPoint of of ViewView

A

B C

D E

SLEbALEb

AV

EFcAROc

SLEcALEcEFb

AROb

Page 34: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 3434

Business Business PointPoint of of ViewView

AttackAttack EFEF AROARO SLESLE ALEALE

StealSteal Data + Data + StealSteal RootRoot PermPerm.. 100%100% 0,090,09 100.000100.000€€ 9.0009.000€€

StealSteal SavedSaved Data + Data + CorruptCorrupt totogain gain RootRoot PermPerm..

100%100% 0,090,09 100.000100.000€€ 9.0009.000€€

StealSteal SavedSaved Data + Data + RootRootPermPerm..

100%100% 0,400,40 100.000100.000€€ 40.00040.000€€

StealSteal SavedSaved Data + Remote Data + Remote AttackAttack (DB)(DB)

90%90% 0,080,08 90.00090.000€€ 7.2007.200€€

StealSteal SavedSaved Data + Remote Data + Remote AttackAttack (DB)(DB)

85%85% 0,680,68 85.00085.000€€ 57.80057.800€€

Page 35: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 3535

Business Business PointPoint of of ViewViewCountermeasuresCountermeasures LabellingLabelling: : 1.1. StudyStudy treetree in in orderorder toto definedefine best best defensedefense

sceneriessceneries;;2.2. UseUse of of labelslabels in in orderorder toto evaluateevaluate best best

countermeasurescountermeasures (% (% RiskRisk MitigatedMitigated, , CostCost of of Investment,ROSI);Investment,ROSI);

3.3. CountermeasuresCountermeasures describeddescribed byby OR OR nodesnodes: : ROSI ROSI isiscalculatedcalculated forfor eacheach countermeasurecountermeasure;;

4.4. CountermeasuresCountermeasures describeddescribed byby AND AND nodesnodes: : ROSI ROSI isiscalculatedcalculated forfor eacheach countermeasurecountermeasure’’s s combinationcombination;;

Page 36: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 3636

Business Business PointPoint of of ViewViewA

B C

D E1

2

4

5

3

%RM1Cost1

%RM3Cost3

ROSI1

ROSI2

%RM4Cost4

%RM5Cost5

ROSI3,4%RM2

Cost2ROSI3,5

Page 37: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 3737

Business Business PointPoint of of ViewView

CountermeasureCountermeasure ALEALE %RM%RM CostCost ROSIROSI

ChangeChange PasswordPassword 9.0009.000€€ 60%60% 500500€€ 9,809,80

ShutdownShutdown PcPc after after useuse 9.0009.000€€ 10%10% 100100€€ 8,008,00

ResponsibilityResponsibility RedistributionRedistribution 40.00040.000€€ 50%50% 15.00015.000€€ --0,700,70

System System UpdateUpdate 7.2007.200€€ 90%90% 2.5002.500€€ 1,591,59

AntivirusAntivirus 57.80057.800€€ 80%80% 2.0002.000€€ 22,1022,10

Page 38: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 3838

AttackerAttacker PointPoint of of ViewViewAttackAttack TreeTree LabellingLabelling: : 1.1. StudyStudy treetree in in orderorder toto definedefine the the expectexpect profitprofit

gainedgained fromfrom successfulsuccessful attacksattacks;;2.2. UseUse of of labelslabels in in orderorder toto evaluateevaluate AttackAttack’’s s costcost

(Gain,(Gain,CostCost))

3.3. AttacksAttacks describeddescribed byby OR OR nodesnodes: : CostCost calculationcalculationdependsdepends onlyonly on on CostCost valuesvalues involvedinvolved in the in the nodenode itselfitself;;

4.4. AttacksAttacks describeddescribed byby AND AND nodesnodes:: CostCost calculationcalculationdependsdepends on on CostCost valuesvalues involvedinvolved withwith the the composingcomposing nodesnodes;;

Page 39: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 3939

AttackerAttacker PointPoint of of ViewView

A

B C

D E

AV

CostB CostC = CostD + CostE

CostD CostE

Page 40: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 4040

AttackerAttacker PointPoint of of ViewView

AttackAttack CostCost

StealSteal Data + Data + StealSteal RootRoot PermPerm.. 3.0003.000€€

StealSteal SavedSaved Data + Data + CorruptCorrupt toto gain gain RootRoot PermPerm.. 10.00010.000€€

StealSteal SavedSaved Data + Data + RootRoot PermPerm.. 00€€

StealSteal SavedSaved Data + Remote Data + Remote AttackAttack (DB)(DB) 2.0002.000€€

StealSteal SavedSaved Data + Remote Data + Remote AttackAttack (DB)(DB) 1.0001.000€€

Page 41: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 4141

AttackerAttacker PointPoint of of ViewView

CountermeasuresCountermeasures LabellingLabelling: : 1.1. StudyStudy treetree in in orderorder toto definedefine best best attackattack

strategiesstrategies;;2.2. UseUse of of labelslabels in in orderorder toto evaluateevaluate gain gain expectedexpected

fromfrom a a successfulsuccessful attackattack ((lossloss,ROA);,ROA);

3.3. CountermeasuresCountermeasures describeddescribed byby OR OR nodesnodes: : ROA ROA isiscalculatedcalculated forfor eacheach countermeasurecountermeasure;;

4.4. CountermeasuresCountermeasures describeddescribed byby AND AND nodesnodes: : ROA ROA isiscalculatedcalculated forfor eacheach countermeasurecountermeasure’’s s combinationcombination;;

Page 42: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 4242

AttackerAttacker PointPoint of of ViewViewA

B C

D E1

2

4

5

3

loss1

loss2

loss3

ROA1

ROA2

loss4

loss5

ROA3,4

ROA3,5

Page 43: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

Risk Assessment for Security Risk Assessment for Security Economics Economics -- Workshop on Workshop on Security Frameworks 2005Security Frameworks 2005 4343

AttackerAttacker PointPoint of of ViewView

CountermeasureCountermeasure CostCost LossLoss ROAROA

ChangeChange PasswordPassword 3.0003.000€€ 1.0001.000€€ 7,507,50

AddAdd AuthenticationAuthentication MechanismMechanism 10.00010.000€€ 1.5001.500€€ 2,602,60

ResponsibilityResponsibility RedistributionRedistribution 00€€ 700700€€ 42,8542,85

System System UpdateUpdate 2.0002.000€€ 2.5002.500€€ 6,676,67

AntivirusAntivirus 1.0001.000€€ 1.5001.500€€ 12,0012,00

Page 44: Risk Assessment for Security Economics - Unictgiamp/wsf/05Material/spagnulo.pdf · Risk Assessment for Security Economics ... Risk Assessment ... EFb ALEc AROb. Risk Assessment for

ConclusionsConclusions……

PossiblePossible future future worksworks::1.1. DevelopingDeveloping a new a new methodmethod involvedinvolved withwith ARO ARO

evaluationevaluation;;2.2. AddAdd a new a new indexindex toto ROA ROA regardingregarding a a possiblepossible

AttackAttack OppositeOpposite ExpositionExposition;;3.3. DevelopingDeveloping economicaleconomical studiesstudies toto underlineunderline the the

mostmost exploitedexploited vulnerabilitiesvulnerabilities;;


A Risk Assessment MethodA Risk Assessment Method for

A Risk Assessment MethodA Risk Assessment Method for

Documents
Risk Assessment - oaklandsnursery.co.uk€¦ · Risk Assessment 1 V3 150620 Task/Activity Covid-19 (Coronavirus) pandemic risk assessment Location ICP Nurseries This risk assessment

Risk Assessment - oaklandsnursery.co.uk€¦ · Risk Assessment 1 V3 150620 Task/Activity Covid-19 (Coronavirus) pandemic risk assessment Location ICP Nurseries This risk assessment

Documents
RISK ASSESSMENT RAISING AWARENESS RISK ASSESSMENT Purpose Explain the risk assessment process Detail 5 basic steps for carrying out a risk assessment

RISK ASSESSMENT RAISING AWARENESS RISK ASSESSMENT Purpose Explain the risk assessment process Detail 5 basic steps for carrying out a risk assessment

Documents
AROB Series Modbus Communication Module User … Modbus...AROB Series Universal Room Controller Modbus Communication Module User Guide Page | 3 Holding Register Table Register Index

AROB Series Modbus Communication Module User … Modbus...AROB Series Universal Room Controller Modbus Communication Module User Guide Page | 3 Holding Register Table Register Index

Documents
Risk Assessment - environmentclearance.nic.inenvironmentclearance.nic.in/writereaddata/FormB/EC/Risk_Assessmen… · Risk Assessment 1.1 Risk Assessment ... To control and contain

Risk Assessment - environmentclearance.nic.inenvironmentclearance.nic.in/writereaddata/FormB/EC/Risk_Assessmen… · Risk Assessment 1.1 Risk Assessment ... To control and contain

Documents
Risk estimation, model uncertainty and risk assessment ... · Risk estimation, model uncertainty and risk assessment practice ... Motivation – quantitative risk assessment ... Example

Risk estimation, model uncertainty and risk assessment ... · Risk estimation, model uncertainty and risk assessment practice ... Motivation – quantitative risk assessment ... Example

Documents
Parts Cleaner Risk Assessment - envirofluid.com€¦ · 1. Risk Assessment - Purasolve Parts Cleaner 2. Risk Assessment - Naphtha Solvent Parts Cleaner 3. Risk Assessment - Kerosene

Parts Cleaner Risk Assessment - envirofluid.com€¦ · 1. Risk Assessment - Purasolve Parts Cleaner 2. Risk Assessment - Naphtha Solvent Parts Cleaner 3. Risk Assessment - Kerosene

Documents
MynnqnraJrbHoe 6roAxerHo e o6 qeo 6p aroB aTeJrbnoe ...school37.tgl.net.ru/images/2017-2018/Davidova/inf9999.pdf · MynnqnraJrbHoe 6roAxerHo e o6 qeo 6p aroB aTeJrbnoe yrrpe4AeHrre

MynnqnraJrbHoe 6roAxerHo e o6 qeo 6p aroB aTeJrbnoe ...school37.tgl.net.ru/images/2017-2018/Davidova/inf9999.pdf · MynnqnraJrbHoe 6roAxerHo e o6 qeo 6p aroB aTeJrbnoe yrrpe4AeHrre

Documents
Environmental Health Risk Assessment—Guidelines for ...File/Environmental-health-Risk-Assessment.pdf · risk assessment. environmental health risk assessment

Environmental Health Risk Assessment—Guidelines for ...File/Environmental-health-Risk-Assessment.pdf · risk assessment. environmental health risk assessment

Documents
Risk Assessment & Data Protection Impact Assessment · Risk Assessment & Data Protection Impact Assessment 1 Guide Risk Assessment & Data Protection Impact Assessment Guide

Risk Assessment & Data Protection Impact Assessment · Risk Assessment & Data Protection Impact Assessment 1 Guide Risk Assessment & Data Protection Impact Assessment Guide

Documents
Offender Risk Assessment in Virginia... the risk assessment

Offender Risk Assessment in Virginia... the risk assessment

Documents
Health risk assessment forHealth risk assessment for · PDF fileHealth risk assessment forHealth risk assessment for ... • General approaches ... with NOAELs for various endpoints

Health risk assessment forHealth risk assessment for · PDF fileHealth risk assessment forHealth risk assessment for ... • General approaches ... with NOAELs for various endpoints

Documents
VISION ZERO 7visionzero.global/sites/default/files/2019-11... · 9 8 Risk Assessment Risk Assessment Risk Assessment Risk Assessment Risk Assessment (OSH) (Maintainance, Upkeep, Troubleshooting)

VISION ZERO 7visionzero.global/sites/default/files/2019-11... · 9 8 Risk Assessment Risk Assessment Risk Assessment Risk Assessment Risk Assessment (OSH) (Maintainance, Upkeep, Troubleshooting)

Documents
JH143 RISK ASSESSMENT SURVEYS SHIPYARDS & PROJECTS … Risk Assessment... · jh143 risk assessment surveys shipyards & projects. jh143 shipyard risk assessment evolution & methodology

JH143 RISK ASSESSMENT SURVEYS SHIPYARDS & PROJECTS … Risk Assessment... · jh143 risk assessment surveys shipyards & projects. jh143 shipyard risk assessment evolution & methodology

Documents
Gary Fletcher (Surfacing) Ltd Risk Assessment Sheets Risk Assessment Package.… · Gary Fletcher (Surfacing) Ltd Risk Assessment Sheets ... RA No. Risk Assessment Description Page

Gary Fletcher (Surfacing) Ltd Risk Assessment Sheets Risk Assessment Package.… · Gary Fletcher (Surfacing) Ltd Risk Assessment Sheets ... RA No. Risk Assessment Description Page

Documents
POPs Risk Assessment. RISK ASSESSMENT Module 2 – Risk Assessment Overview of the course This module introduces POPs Risk Assessment, including Quantitative

POPs Risk Assessment. RISK ASSESSMENT Module 2 – Risk Assessment Overview of the course This module introduces POPs Risk Assessment, including Quantitative

Documents
Assessment of Depression Diagnosis Risk Assessment Risk Management FormulationTreatmentOutcome

Assessment of Depression Diagnosis Risk Assessment Risk Management FormulationTreatmentOutcome

Documents
Business Risk-Based Risk Assessment SheetBusiness Risk-Based Risk Assessment Sheet ... systems

Business Risk-Based Risk Assessment SheetBusiness Risk-Based Risk Assessment Sheet ... systems

Documents
RISK ASSESSMENT RISK ASSESSMENT HAZOP STUDY

RISK ASSESSMENT RISK ASSESSMENT HAZOP STUDY

Documents
Soil risk assessment - soil risk assessment - ORTS - ECHA

Soil risk assessment - soil risk assessment - ORTS - ECHA

Documents
BNVH Risk Assessment - bucklandnewton.com Risk Assessment.pdf · evaluate security risk. Safety risk assessments are normally ... This safety risk assessment was ... The assessment

BNVH Risk Assessment - bucklandnewton.com Risk Assessment.pdf · evaluate security risk. Safety risk assessments are normally ... This safety risk assessment was ... The assessment

Documents
Risk Report - Washington...3. Landslide Risk Assessment: Vulnerability Assessment 4. Tsunami Risk Assessment: Hazard Overview A detailed description of the risk assessment methodology

Risk Report - Washington...3. Landslide Risk Assessment: Vulnerability Assessment 4. Tsunami Risk Assessment: Hazard Overview A detailed description of the risk assessment methodology

Documents
RISK ASSESSMENT 1.0 RISK ASSESSMENTenvironmentclearance.nic.in/writereaddata/online/Risk...RISK ASSESSMENT 1.0 RISK ASSESSMENT Industrial accident results in great personal & financial

RISK ASSESSMENT 1.0 RISK ASSESSMENTenvironmentclearance.nic.in/writereaddata/online/Risk...RISK ASSESSMENT 1.0 RISK ASSESSMENT Industrial accident results in great personal & financial

Documents
Risk Assessment to Risk Management – Terminology of Risk ...ec.europa.eu/health/sites/health/files/dialogue... · Risk Assessment to Risk Management – Terminology of Risk Assessment

Risk Assessment to Risk Management – Terminology of Risk ...ec.europa.eu/health/sites/health/files/dialogue... · Risk Assessment to Risk Management – Terminology of Risk Assessment

Documents
Guidance on Safety Risk Assessment for Chemical Transport ... · General introduction to risk assessment ... risk assessment for chemical transport ... guidance on safety risk assessment

Guidance on Safety Risk Assessment for Chemical Transport ... · General introduction to risk assessment ... risk assessment for chemical transport ... guidance on safety risk assessment

Documents
Risk Assessment/Risk Reduction ©2004-2005 Risk Assessment/Risk Reduction Risk Assessment Risk Reduction Software

Risk Assessment/Risk Reduction ©2004-2005 Risk Assessment/Risk Reduction Risk Assessment Risk Reduction Software

Documents
th AROB Anniversary - alife-robotics.co.jp

th AROB Anniversary - alife-robotics.co.jp

Documents
Risk Assessment to Risk Management- Terminology of … · Risk Assessment to Risk Management-Terminology of Risk Assessment: ... Harmonised Terminology • the basis for common

Risk Assessment to Risk Management- Terminology of … · Risk Assessment to Risk Management-Terminology of Risk Assessment: ... Harmonised Terminology • the basis for common

Documents
1 Risk Assessment Dr Mike Rejman Risk Assessment Adviser

1 Risk Assessment Dr Mike Rejman Risk Assessment Adviser

Documents
RISK ASSESSMENT & DISASTER MANAGEMENT PLAN 1.1.1 Risk ...environmentclearance.nic.in/writereaddata/online/... · RISK ASSESSMENT & DISASTER MANAGEMENT PLAN 1.1.1 Risk & Its Assessment

RISK ASSESSMENT & DISASTER MANAGEMENT PLAN 1.1.1 Risk ...environmentclearance.nic.in/writereaddata/online/... · RISK ASSESSMENT & DISASTER MANAGEMENT PLAN 1.1.1 Risk & Its Assessment

Documents