This diagram represents risk as the intersection of the threat-vulnerability pair (a splotch). Where there is a splotch, there is a risk. A threat without a corresponding vulnerability is not a risk. Likewise, a vulnerability without a threat is not a risk. Keep in mind, a threat can exploit more than one vulnerability.
Content Notes The actual Maxus website from which he conducted business… Presentation Notes
Content Notes The actual Maxus website from which he conducted business… Presentation Notes
Our critical infrastructures are illustrated here. As you can see, these infrastructures play a crucial role in our society and daily lives. As such, the destruction or degradation of one or more of these infrastructures could cause serious harm to our economic and national security. The President has recognized this potential threat and has ordered that steps be taken to protect our infrastructures from an attack. In the past, threats to our nation’s infrastructures were mainly physical in nature. We used to be concerned primarily about threats from terrorist groups and hostile nations. Now, criminal groups, terrorists, and hostile nations can interrupt critical infrastructures through cyber attacks on crucial automation systems. As our society becomes more global and utilizes technology to increase the efficiency of our enterprises, our nation’s critical infrastructures are becoming increasingly interdependent — within an enterprise, across several enterprises, even across industries. For example, the financial services industry depends on the availability and reliability of the telecommunications infrastructure, which in turn relies on electric power. Hence, future attacks against one infrastructure could have cascading effects in the operations of others…. within one enterprise, across several enterprises, or industries, and potentially all over the world.
Matrix: 3a POINTS OUT HOW EASY IT IS TO GET, AND USE HACKER TOOLS. ALSO POINTS OUT “POINT AND CLICK” HACKER TOOLS ARE UNSOPHISTICATED. Fact: Hackers post 30-40 new tools to Internet hacking sites every month, according to NIST (National Institute of Standards and Technology). Even an unsophisticated hacker can search the Internet, find and download exploitable tools, and then "point and click" to start a hack. REMINDER: Hacking for “fun” or to “see how it’s done” is against the law & Entity Policy. The Entity has no obligation to defend you under such circumstances. REMINDER IS OPTIONAL , DEPENDING ON YOUR POLICY, AND YOU COUNSEL’S OPINION. Legal Decision Box: Consult with legal counsel when developing your network policy to include hacking and use of hacker tools and sanctions that will be applied for not following the policy. Decision Box: Is hacking and use of hacker tools addressed in your network policy?
Content Notes This is a site where you can enter the name and address of a computer and have the site itself try to break in to it. URL: http://bluemoon.virtual-power.net/start. html Presentation Notes