A Quantitative Security Assessment of Modern Cyber Attacks. A Framework for Quantifying Enterprise Security Risk Level Through System's Vulnerability Analysis by Detecting Known and Unknown Threats

Munir, Rashid

January 2014

Cisco 2014 Annual Security Report clearly outlines the evolution of the threat landscape and the increase of the number of attacks. The UK government in 2012 recognised the cyber threat as Tier-1 threat since about 50 government departments have been either subjected to an attack or a direct threat from an attack. The cyberspace has become the platform of choice for businesses, schools, universities, colleges, hospitals and other sectors for business activities. One of the major problems identified by the Department of Homeland Security is the lack of clear security metrics. The recent cyber security breach of the US retail giant TARGET is a typical example that demonstrates the weaknesses of qualitative security, also considered by some security experts as fuzzy security. High, medium or low as measures of security levels do not give a quantitative representation of the network security level of a company. In this thesis, a method is developed to quantify the security risk level of known and unknown attacks in an enterprise network in an effort to solve this problem. The identified vulnerabilities in a case study of a UK based company are classified according to their severity risk levels using common vulnerability scoring system (CVSS) and open web application security project (OWASP). Probability theory is applied against known attacks to create the security metrics and, detection and prevention method is suggested for company network against unknown attacks. Our security metrics are clear and repeatable that can be verified scientifically

International workshop on safety assessment of consumer goods coming from recovered materials in a global scale perspective: Event report

Bilitewski, Bernd, Barceló, Damià, Darbra, Rosa Mari, Voet, Ester van der, Belhaj, Mohammed, Benfenati, Emilio, Ginebreda, Antoni, Grundmann, Veit

09 November 2012

Chemicals and additives in products being produced and marketed globally, this makes an international harmonised assessment and management essential. Chemical testing, research on risks, impacts and management options are carried out throughout the globe but quite fractionated to certain areas and sectors and much too often with little linkages between the different scientific communities. The coordination action (CA) \'RISKCYCLE\' is aimed to establish and o-ordinate a global network of European and international experts and stakeholders to define together future needs of R+D contributions for innovations in the risk-based management of chemicals and products in a circular economy of global scale leading to alternative strategies to animal tests and reduced health hazards. The partners joining this action seek to explore the synergies of the research carried out within different programmes and countries of the EU, in Asia and overseas to facilitate the intensified communication with researchers, institutions and industries about the risks of hazardous chemicals and additives in products and risk reduction measures and to improve the dispersion of available information. The RISKCYCLE network will closely collaborate with related projects, EU and international bodies and authorities such as for example the Organisation for Economic Co-operation and Development (OECD), the European Chemical Industry Council (CEFIC) and the Scientific Committee on Health and Environmental Risks in Europe. / Mục đích chính của RISKCYCLE là xác đinh các nghiện cứu và sự phát triển trong tương lai cấn thiết để thành lập một phương pháp đánh giá dựa trện rủi ro cho các hoá chất và các sản phấm. Phương pháp này sẽ giúp giảm bớt các thủ nghiệm trện động vật, đổng thời đảm bảo sự phát triển các hóa chất mới và một mô hình quản lý sản phấm để giảm thiểu rủi ro đối với sức khởe và môi trường. để đạt được mục tiệu này, trước hết cấn thu thập và đánh giá thông tin hiện có về các hoá chất và đặc biệt là các chất phụ gia được sủ dụng trong sản phấm công nghiệp và tiệu dùng. Nhiều hợp chất độc hại tiềm tàng được giao dich mua bán trện toàn thế giới như là chất phụ gia trong các sản phấm khác nhau. RISKCYCLE sẽ tập trung vào tác động và hậu quả của các chất phụ gia trong sáu lĩnh vực: dệt may, điện tủ, nhựa, da, giấy và dấu mớ bôi trơn. Trong ngành công nghiệp dệt may việc sủ dụng các chất phụ gia sẽ được nghiện cứu, trong khi ở ngành điện tủ và công nghiệp dệt may, việc sủ dụng các chất chống cháy, đặc biệt là chất chống cháy chứa brôm như PBDEs và HBCD, sẽ được phân tích. Trong công nghiệp da, kim loại nặng như crom sẽ được quan tâm. Việc sủ dụng chất diệt côn trùng trong ngành công nghiệp giấy cũng sẽ là một mối quan tâm chính của các hoạt động phối hợp.

info:eu-repo/classification/ddc/363

ddc:363

Managing Exposure to Pipeline’s Risks: Improving Brazil’s Risk-Based Regulatory Process

Naime, Andre

21 June 2010

Traditional risk-based decision-making processes have limitations that often compromise the management of technological hazards. The research is organized into three major components. Firstly, it investigates concepts and thinking outside the literature on risk regulation that offer opportunities to improve risk-based processes, such as governance and risk governance, environmental and social justice, vulnerability, resilience, complex systems, ethics, and the precautionary principle. Secondly, identified opportunities to improve risk-based approaches are assessed in the context of the Brazilian environmental licensing process for gas and oil transmission pipelines. The Brazilian case study is explored through interviews and surveys with thirty-two key stakeholders, aimed at describing and understanding the situation. Finally, it is discussed how the implications of the proposed conceptual framework and findings from the case study contribute to the theoretical perspectives on technological risk regulation. The research advocates that (1) regulatory processes for technological hazards need to effectively incorporate ‘human systems’ into their routines as a way to become more holistic; (2) decision-making processes need to strengthen the transition from assessment of risks to management of exposure; (3) regulators need to shift focus to the management of exposure as opposed to the current facility-centered management of risks; (4) this transition is facilitated if the regulatory process has an independent routine for management; and (5) a resilience plan, encompassing components from risk management and land-use planning, articulates the interaction between people and hazardous facilities, that share a common space, towards better practices to effectively manage exposure to risks. Considering these five points, the research suggests an adaptation of the Risk Governance Model for the regulation of hazardous linear installations.

Geography

Managing Exposure to Pipeline’s Risks: Improving Brazil’s Risk-Based Regulatory Process

Naime, Andre

21 June 2010

Traditional risk-based decision-making processes have limitations that often compromise the management of technological hazards. The research is organized into three major components. Firstly, it investigates concepts and thinking outside the literature on risk regulation that offer opportunities to improve risk-based processes, such as governance and risk governance, environmental and social justice, vulnerability, resilience, complex systems, ethics, and the precautionary principle. Secondly, identified opportunities to improve risk-based approaches are assessed in the context of the Brazilian environmental licensing process for gas and oil transmission pipelines. The Brazilian case study is explored through interviews and surveys with thirty-two key stakeholders, aimed at describing and understanding the situation. Finally, it is discussed how the implications of the proposed conceptual framework and findings from the case study contribute to the theoretical perspectives on technological risk regulation. The research advocates that (1) regulatory processes for technological hazards need to effectively incorporate ‘human systems’ into their routines as a way to become more holistic; (2) decision-making processes need to strengthen the transition from assessment of risks to management of exposure; (3) regulators need to shift focus to the management of exposure as opposed to the current facility-centered management of risks; (4) this transition is facilitated if the regulatory process has an independent routine for management; and (5) a resilience plan, encompassing components from risk management and land-use planning, articulates the interaction between people and hazardous facilities, that share a common space, towards better practices to effectively manage exposure to risks. Considering these five points, the research suggests an adaptation of the Risk Governance Model for the regulation of hazardous linear installations.

Geography

Pressure sores : risk assessment and prevention /

Lindgren, Margareta,

January 2003

Diss. (sammanfattning) Linköping : Univ., 2003. / Härtill 4 uppsatser.

Anthropogenic heavy metals in organic forest soils : distribution, microbial risk assessment and Hg mobility /

Åkerblom, Staffan,

January 2006

Diss. (sammanfattning) Uppsala : Sveriges lantbruksuniversitet, 2006. / Härtill 4 uppsatser.

Impact of imbalanced graft-to-spleen volume ratio on outcomes following living donor liver transplantation in an era when simultaneous splenectomy is not typically indicated / 同時性脾臓摘出術が標準的ではない時代における、不均衡なグラフト／脾臓容積比が生体肝移植後のアウトカムに与える影響

Yao, Siyuan

23 March 2020

京都大学 / 0048 / 新制・課程博士 / 博士(医学) / 甲第22303号 / 医博第4544号 / 新制||医||1040(附属図書館) / 京都大学大学院医学研究科医学専攻 / (主査)教授 福原 俊一, 教授 川口 義弥, 教授 松村 由美 / 学位規則第4条第1項該当 / Doctor of Medical Science / Kyoto University / DFAM

clinical reserch

liver transplantation

liver allograft function/dysfunction

graft survival

risk assessment/ risk stratification

Graft/spleen volume ratio

Hypersplenism

490

Posouzení rizik stroje dle ČSN 12100:2011 / Risk assessment of the machine according to ČSN 12100:2011

Steklý, Jakub

January 2018

This thesis deals with the safety of engraving machine. The main contribution of this thesis is the detailed implementation of the risk assessment according to valid standards. Further detailed design of measures to meet all safety requirements. Part of this thesis is familiarity with the machine and its current state and the procedure of risk analysis. Another part is the risk assessment. Conclusion of this thesis includes the documentation and ES certificate of conformity.

Návrh řízení rizik vybraného podnikatelského subjektu / Risk management proposal of select business entity

Zach, Jakub

January 2014

Diploma thesis titled „Risk management proposal of select business entity“ deals with risk management, analyzing and optimizing in the Synergent, s.r.o. The first part of thesis is focused on theoretical background, which describes the basic concepts and methods of risk management. The second part of thesis includes indentifying risks in the company that were found by the internal and external analysis and methods for risk analysis. In the conclusion of thesis are recommendations for measures to help minimize risks in company on preventive or corrective level.

Optimizacija funkcije štete u cilju procene rizika osiguranja / Damage Function Optimization in Order to Assess Insurance Risk

Novaković Tanja

16 June 2020

<p>Predmet ovog istraživanja su direktne materijalne posledice realizacije prirodnih nepogoda (direktna materijalna šteta) i procena štete na teritoriji AP Vojvodine. U prvom delu istraživanja analizirana je prostorna distribucija prirodnih nepogoda karakterističnih za područje AP Vojvodine sa ciljem utvrđivanja izloženosti populacije rizicima od prirodnih nepogoda. U drugom delu istraživanja, primenom kvantitativnih metoda koje uključuju parametarske i neparametarske statističke metode i regresiono modeliranje utvrđen je optimalni analitički izraz procene štete nastale usled realizacije rizika od oluje kao prirodne nepogode za koju je ustanovljena povećana izloženost populacije AP Vojvodine.</p> / <p>The subject of this research is the direct material consequences of the realization of natural disasters (direct material damage) and the assessment of damage in the territory of Vojvodina. In the first part of the research, the spatial distribution of natural disasters characteristic for the region of Vojvodina was analyzed in order to determine the population&#39;s exposure to natural hazards. In the second part of the research, the optimal analytical expression of damage estimation was determined by applying quantitative methods including parametric and non-parametric statistical methods and regression modeling. The optimal analytical expression of damage estimation has been identified for the risk of a storm as a natural disaster which has created increased exposure of the population of Vojvodina.</p>