The Vulnerability Assessment & Mitigation Methodology

Abstract

As information systems become increasingly important to the functions of organizations, security and reliable operation of these systems are also becoming increasingly important. Interoperability, information sharing, collaboration, design imperfections, limitations, and the like lead to vulnerabilities that can endanger information system security and operation. Unfortunately, understanding an organization's reliance on information systems, the vulnerabilities of these systems, and how to mitigate the vulnerabilities has been a daunting challenge, especially for less wellknown or even unknown vulnerabilities that do not have a history of being exploited.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2003
Accession Number
ADA440505

Entities

People

  • Michael Scheiern
  • Philip S. Anton
  • Richard Mesic
  • Robert H. Anderson

Organizations

  • RAND Corporation

Tags

Communities of Interest

  • C4I
  • Cyber
  • Engineered Resilient Systems
  • Human Systems

DTIC Thesaurus Topics

  • Air Force
  • Application Software
  • Computer Programming
  • Computer Programs
  • Computers
  • Cyberattacks
  • Cybersecurity
  • Failure Mode And Effect Analysis
  • Information Exchange
  • Information Processing
  • Information Science
  • Information Systems
  • Operating Systems
  • Psychological Operations
  • Risk Analysis
  • Test And Evaluation
  • Web Browsers

Fields of Study

  • Computer science

Readers

  • Emergency Management and Homeland Security.
  • Systems Analysis and Design