Effective Cybersecurity: A Guide to Using Best Practices and Standards

Chapter 3 Information Risk Assessment

The art of war teaches us to rely not on the likelihood of the enemy’s not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable.

—The Art of War, Sun Tzu

Learning Objectives

After studying this chapter, you should be able to:

Understand the methodology for asset identification for the various types of assets.
Explain the STRIDE threat model.
Present an overview of vulnerability identification techniques.
Provide a comparison of quantitative and qualitative risk assessment.
Explain the purpose and approach of Factor Analysis of Information Risk.
Understand the key elements of risk analysis.
Explain the ...

Get Effective Cybersecurity: A Guide to Using Best Practices and Standards now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Effective Cybersecurity: A Guide to Using Best Practices and Standards by William Stallings

Chapter 3

Information Risk Assessment

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly