Andy Jones is a research group leader at the Security Research Centre for British Telecommunications where he is doing research into the security of information and communication systems.
About this Article This article is an excerpt from Risk Management for
Computer Security: Protecting Your Network & Information Assets. Printed with
permission from Butterworth-Heinemann, a division of Elsevier. Copyright
2005. For more information about this book and other similar titles, please
visit www.books.elsevier.com.
In this excerpt we examine the role of threat assessment and its importance
in the accurate and effective assessment of risk.
Threat It seems appropriate to start this chapter by explaining what is meant
by a threat assessment. In information security, this is probably one of the
most abused and misunderstood terms and is often used interchangeably with
the term "vulnerability." In this book, the word "threat" is used to describe
those "things" that may pose a danger to the information systems, and for
clarity, the term "threat agents" is used.... (more)
Andy Jones is a research group leader at the Security Research Centre for British Telecommunications where he is doing research into the security of information and communication systems.
David Lucas
Shaul Efraim
Terence Martin Breslin
Cory Marchand
David Hughes
James Carlini
John Iffert
Dan Stolts
Joe Zeto
