Paper “Security Risk Management for Critical Infrastructures”, prepared by two colleagues and me, has been presented on ItAIS 2011 conference at Rome Italy on October 8th, 2011.
Citation details for the paper:
- Dragan Pleskonjic, Fabrizio Virtuani, Oscar Zoggia: “Security Risk Management for Critical Infrastructures”, ItAIS 2011, Rome, Italy, October 7-8, 2011
Abstract:
This paper presents a methodology for risk management developed and used mainly for critical infrastructures, but that can be generalized and used in other contexts. It outlines security risk assessment including identifying processes, resources / assets, threats and vulnerabilities, impacts and likelihood of failures. The methodology primary focus is the analysis of business impacts and the quantification of the different risks, together with the identification of priority intervention areas, in order to eliminate, reduce, transfer or assume calculated risks, finding the right balance between the investment (resources, money etc.) and the acceptable level / threshold of risk. The paper, based on theoretical background and on practical experiences and results achieved in real organizations that operate on global level, presents critical infrastructure characteristics, the risk management process, security goals and standards and an integrated methodology for risk management applied to critical infrastructures. Some applications cases and results obtained are shortly described, disguised for strong confidentiality issues.
Conference is held on October 7th and 8th, 2011 on LUISS “Guido Carli” University, Rome – Italy.
Paper and presentation was well accepted and generated a lot of interest in this new challenging topic among the scientific and industry community.
Loading ...
