Cyber-Risk Management: Technical and Insurance Controls for Enterprise-Level Security
Traditional approaches to security architecture and design have attempted to achieve the goal of the elimination of risk factors - the complete prevention of system compromise through technical and procedural means. Insurance- based solutions to risk long ago admitted that a complete elimination of...
Gespeichert in:
| Veröffentlicht in: | Information systems security 2002-09, Vol.11 (4), p.33-49 |
|---|---|
| Hauptverfasser: | , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 49 |
|---|---|
| container_issue | 4 |
| container_start_page | 33 |
| container_title | Information systems security |
| container_volume | 11 |
| creator | Siegel, Carol A. Sagalow, Ty R. Serritella, Paul |
| description | Traditional approaches to security architecture and design have attempted to achieve the goal of the elimination of risk factors - the complete prevention of system compromise through technical and procedural means. Insurance- based solutions to risk long ago admitted that a complete elimination of risk is impossible and, instead, have focused more on reducing the impact of harm through financial avenues, providing policies that indemnify the policy holder in the event of harm. |
| doi_str_mv | 10.1201/1086/43322.11.4.20020901/38843.5 |
| format | Article |
| fullrecord | <record><control><sourceid>pascalfrancis_infor</sourceid><recordid>TN_cdi_pascalfrancis_primary_13910011</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>13910011</sourcerecordid><originalsourceid>FETCH-LOGICAL-c288t-67d4e4c823ff2d26fee113e22402b980437f3e6939423970001fcc1bae8f65413</originalsourceid><addsrcrecordid>eNqNkE9Lw0AQxYMoWKvfIRfBS9L9l3TXkxKqFiuCttDbst3MajTdlN1Uybd301q8epqBmXlv3i-KrjBKMUF4hBHPR4xSQlKMU5YShAgSYUA5ZzTNjqIBFpQlPBfL49CjPEu44MvT6Mz7D4RQOOWDaFF0K3DJS-U_4ydl1RuswbbX8Rz0u620qmNly3hq_dYpqyEuGtu6pvaxaVw8sS24jas8JDP4gjp-Bb11VdudRydG1R4ufuswWtxN5sVDMnu-nxa3s0QTztskH5cMmOaEGkNKkhsAjCkQwhBZCY4YHRsKuaCCESrG4WlstMYrBdzkGcN0GN3sdbVrvHdgZPhmrVwnMZI9JtljkjtMEmPJ5AGT3GGSWZC43EtslA9xTR-z8n86VOBg21s97vcqG6Kv1Xfj6lK2qqsbdzii_3b9AUGef8k</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Cyber-Risk Management: Technical and Insurance Controls for Enterprise-Level Security</title><source>EBSCOhost Business Source Complete</source><creator>Siegel, Carol A. ; Sagalow, Ty R. ; Serritella, Paul</creator><creatorcontrib>Siegel, Carol A. ; Sagalow, Ty R. ; Serritella, Paul</creatorcontrib><description>Traditional approaches to security architecture and design have attempted to achieve the goal of the elimination of risk factors - the complete prevention of system compromise through technical and procedural means. Insurance- based solutions to risk long ago admitted that a complete elimination of risk is impossible and, instead, have focused more on reducing the impact of harm through financial avenues, providing policies that indemnify the policy holder in the event of harm.</description><identifier>ISSN: 1065-898X</identifier><identifier>EISSN: 1934-869X</identifier><identifier>DOI: 10.1201/1086/43322.11.4.20020901/38843.5</identifier><identifier>CODEN: ISSEFH</identifier><language>eng</language><publisher>Boca Raton, FL: Taylor & Francis Group</publisher><subject>Applied sciences ; Computer science; control theory; systems ; Exact sciences and technology ; Memory and file management (including protection and security) ; Memory organisation. Data processing ; Operation, maintenance, reliability of teleprocessing networks ; Operational research and scientific management ; Operational research. Management science ; Risk theory. Actuarial science ; Software ; Telecommunications ; Telecommunications and information theory ; Teleprocessing networks. Isdn</subject><ispartof>Information systems security, 2002-09, Vol.11 (4), p.33-49</ispartof><rights>Copyright Taylor & Francis Group, LLC 2002</rights><rights>2002 INIST-CNRS</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c288t-67d4e4c823ff2d26fee113e22402b980437f3e6939423970001fcc1bae8f65413</citedby></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27924,27925</link.rule.ids><backlink>$$Uhttp://pascal-francis.inist.fr/vibad/index.php?action=getRecordDetail&idt=13910011$$DView record in Pascal Francis$$Hfree_for_read</backlink></links><search><creatorcontrib>Siegel, Carol A.</creatorcontrib><creatorcontrib>Sagalow, Ty R.</creatorcontrib><creatorcontrib>Serritella, Paul</creatorcontrib><title>Cyber-Risk Management: Technical and Insurance Controls for Enterprise-Level Security</title><title>Information systems security</title><description>Traditional approaches to security architecture and design have attempted to achieve the goal of the elimination of risk factors - the complete prevention of system compromise through technical and procedural means. Insurance- based solutions to risk long ago admitted that a complete elimination of risk is impossible and, instead, have focused more on reducing the impact of harm through financial avenues, providing policies that indemnify the policy holder in the event of harm.</description><subject>Applied sciences</subject><subject>Computer science; control theory; systems</subject><subject>Exact sciences and technology</subject><subject>Memory and file management (including protection and security)</subject><subject>Memory organisation. Data processing</subject><subject>Operation, maintenance, reliability of teleprocessing networks</subject><subject>Operational research and scientific management</subject><subject>Operational research. Management science</subject><subject>Risk theory. Actuarial science</subject><subject>Software</subject><subject>Telecommunications</subject><subject>Telecommunications and information theory</subject><subject>Teleprocessing networks. Isdn</subject><issn>1065-898X</issn><issn>1934-869X</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2002</creationdate><recordtype>article</recordtype><recordid>eNqNkE9Lw0AQxYMoWKvfIRfBS9L9l3TXkxKqFiuCttDbst3MajTdlN1Uybd301q8epqBmXlv3i-KrjBKMUF4hBHPR4xSQlKMU5YShAgSYUA5ZzTNjqIBFpQlPBfL49CjPEu44MvT6Mz7D4RQOOWDaFF0K3DJS-U_4ydl1RuswbbX8Rz0u620qmNly3hq_dYpqyEuGtu6pvaxaVw8sS24jas8JDP4gjp-Bb11VdudRydG1R4ufuswWtxN5sVDMnu-nxa3s0QTztskH5cMmOaEGkNKkhsAjCkQwhBZCY4YHRsKuaCCESrG4WlstMYrBdzkGcN0GN3sdbVrvHdgZPhmrVwnMZI9JtljkjtMEmPJ5AGT3GGSWZC43EtslA9xTR-z8n86VOBg21s97vcqG6Kv1Xfj6lK2qqsbdzii_3b9AUGef8k</recordid><startdate>20020901</startdate><enddate>20020901</enddate><creator>Siegel, Carol A.</creator><creator>Sagalow, Ty R.</creator><creator>Serritella, Paul</creator><general>Taylor & Francis Group</general><general>Auerbach</general><scope>IQODW</scope><scope>AAYXX</scope><scope>CITATION</scope></search><sort><creationdate>20020901</creationdate><title>Cyber-Risk Management: Technical and Insurance Controls for Enterprise-Level Security</title><author>Siegel, Carol A. ; Sagalow, Ty R. ; Serritella, Paul</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c288t-67d4e4c823ff2d26fee113e22402b980437f3e6939423970001fcc1bae8f65413</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2002</creationdate><topic>Applied sciences</topic><topic>Computer science; control theory; systems</topic><topic>Exact sciences and technology</topic><topic>Memory and file management (including protection and security)</topic><topic>Memory organisation. Data processing</topic><topic>Operation, maintenance, reliability of teleprocessing networks</topic><topic>Operational research and scientific management</topic><topic>Operational research. Management science</topic><topic>Risk theory. Actuarial science</topic><topic>Software</topic><topic>Telecommunications</topic><topic>Telecommunications and information theory</topic><topic>Teleprocessing networks. Isdn</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Siegel, Carol A.</creatorcontrib><creatorcontrib>Sagalow, Ty R.</creatorcontrib><creatorcontrib>Serritella, Paul</creatorcontrib><collection>Pascal-Francis</collection><collection>CrossRef</collection><jtitle>Information systems security</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Siegel, Carol A.</au><au>Sagalow, Ty R.</au><au>Serritella, Paul</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Cyber-Risk Management: Technical and Insurance Controls for Enterprise-Level Security</atitle><jtitle>Information systems security</jtitle><date>2002-09-01</date><risdate>2002</risdate><volume>11</volume><issue>4</issue><spage>33</spage><epage>49</epage><pages>33-49</pages><issn>1065-898X</issn><eissn>1934-869X</eissn><coden>ISSEFH</coden><abstract>Traditional approaches to security architecture and design have attempted to achieve the goal of the elimination of risk factors - the complete prevention of system compromise through technical and procedural means. Insurance- based solutions to risk long ago admitted that a complete elimination of risk is impossible and, instead, have focused more on reducing the impact of harm through financial avenues, providing policies that indemnify the policy holder in the event of harm.</abstract><cop>Boca Raton, FL</cop><pub>Taylor & Francis Group</pub><doi>10.1201/1086/43322.11.4.20020901/38843.5</doi><tpages>17</tpages></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 1065-898X |
| ispartof | Information systems security, 2002-09, Vol.11 (4), p.33-49 |
| issn | 1065-898X 1934-869X |
| language | eng |
| recordid | cdi_pascalfrancis_primary_13910011 |
| source | EBSCOhost Business Source Complete |
| subjects | Applied sciences Computer science control theory systems Exact sciences and technology Memory and file management (including protection and security) Memory organisation. Data processing Operation, maintenance, reliability of teleprocessing networks Operational research and scientific management Operational research. Management science Risk theory. Actuarial science Software Telecommunications Telecommunications and information theory Teleprocessing networks. Isdn |
| title | Cyber-Risk Management: Technical and Insurance Controls for Enterprise-Level Security |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-22T05%3A44%3A46IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-pascalfrancis_infor&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Cyber-Risk%20Management:%20Technical%20and%20Insurance%20Controls%20for%20Enterprise-Level%20Security&rft.jtitle=Information%20systems%20security&rft.au=Siegel,%20Carol%20A.&rft.date=2002-09-01&rft.volume=11&rft.issue=4&rft.spage=33&rft.epage=49&rft.pages=33-49&rft.issn=1065-898X&rft.eissn=1934-869X&rft.coden=ISSEFH&rft_id=info:doi/10.1201/1086/43322.11.4.20020901/38843.5&rft_dat=%3Cpascalfrancis_infor%3E13910011%3C/pascalfrancis_infor%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |