Focused On Your Success


The All.Net Security Database


Legal Issues Cross Reference
Legal Issues Cross Reference


Issues where the legal department will have things to say about what happens.

Generally, legal requirements include laws, regulations, and liability issues and can have criminal and civil implications toward individuals and organizations.

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • [Defense54 - accountability]
    [Defense131 - adversary principle (GASSP)]
    [Defense30 - audit analysis]
    [Defense29 - auditing]
    [Defense35 - awareness of implications]
    [Defense5 - background checks]
    [Defense33 - capture and punishment]
    [Defense105 - Chinese walls]
    [Defense49 - classifying information as to sensitivity]
    [Defense120 - clear line of responsibility for protection]
    [Defense123 - compliance with laws and regulations]
    [Defense96 - content checking]
    [Defense99 - deceptions]
    [Defense118 - document and information control procedures]
    [Defense6 - feeding false information]
    [Defense119 - individual accountability for all assets and actions]
    [Defense136 - insurance]
    [Defense89 - integrity checking]
    [Defense130 - internal control principle (GASSP)]
    [Defense79 - inventory control]
    [Defense124 - legal agreements]
    [Defense59 - lockouts]
    [Defense107 - minimizing copies of sensitive information]
    [Defense31 - misuse detection]
    [Defense108 - numbering and tracking all sensitive information]
    [Defense98 - perception management]
    [Defense36 - periodic reassessment]
    [Defense15 - physical security]
    [Defense77 - physical switches or shields on equipment and devices]
    [Defense25 - policies]
    [Defense28 - procedures]
    [Defense101 - regular review of protection measures]
    [Defense100 - retaining confidentiality of security status information]
    [Defense140 - searches and inspections]
    [Defense48 - security marking and/or labeling]
    [Defense40 - separation of duties]
    [Defense41 - separation of function]
    [Defense27 - standards]
    [Defense117 - suppression of incomplete, erroneous, or obsolete data]
    [Defense128 - timeliness principle (GASSP)]
    [Defense106 - tracking, correlation, and analysis of incident reporting and response information]
    [Defense24 - training and awareness]
    [Defense95 - traps]
    [Defense73 - trunk access restriction]
    [Defense113 - universal use of badges]
    [Defense2 - waste data destruction]