/docs/cy5200/ Recent content in CY 5200 on Carter Codell Hugo -- gohugo.io Sat, 28 Dec 2019 18:06:54 -0500 /docs/cy5200module2/lecture2/ Fri, 17 Jan 2020 09:11:12 -0500 /docs/cy5200module2/lecture2/ <h2 id="value-of-assets">Value of Assets</h2> <p>The value of assets can be classified as</p> <ul> <li><strong>High</strong> - Extremely grave injury accrues to organization if the information is compromised; could cause loss of life, imprisonment, major financial loss, or require legal action for correction.</li> <li><strong>Medium</strong> - Serious injury accrues to organization if the information is compromised; could cause significnt financial loss or require legal action for correction.</li> <li><strong>Low</strong> - Injury accrues to organization if the information is compromised; would cause only minor financial loss or require only administrative action for correction.</li> </ul> <p>With this definition of value, Risk is defined as Value times Probability of Failure</p> <h2 id="probability-of-failure">Probability of Failure</h2> <p>There are 5 levels of control effectiveness (inverse of probability failure):</p> <ol> <li>Control objective documented in a security policy (lowest)</li> <li>Security control documented as procedures</li> <li>Procedures have been implemented</li> <li>Procedures and security controls are tested and reviewed</li> <li>Procedures and security controls are fully integrated into a comprehensive program (strongest)</li> </ol> /docs/cy5200/module2/ Mon, 13 Jan 2020 22:47:54 -0500 /docs/cy5200/module2/ /docs/cy5200/module1/ Tue, 07 Jan 2020 09:34:58 -0500 /docs/cy5200/module1/ <ul> <li>Overview of Cybersecurity and Information Assurance</li> <li>Current State of Cybersecurity</li> <li>Introduction to Information Security &amp; Risk Management Principles and Practices</li> </ul>