Developing Countermeasures to Threats
Define threats and countermeasures.
The way to eliminate or mitigate risk is to develop and follow countermeasures for each identified threat to information systems. It sounds so simple, doesn't it? What complicates this seemingly straightforward approach to security is the existence of multiple threats and their continually changing nature. Threats that yesterday were considered unlikely are now possible. Some threats seem to have little risk, and therefore companies are less likely to apply the countermeasure if costly or inconvenient. Not all that long ago, although airlines recognized the threat of airplane hijacking, they felt the inconvenience of applying extra countermeasures outweighed the slight ...
Get CISSP Training Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
