Focused On Your Success


The All.Net Security Database


Management Cross Reference
Management Cross Reference


Management decisions and roles in information protection.

Protection management deals with the management structure of organizations and how they control their operations. The basic concept is that an organization is like a truck - and the management steers it. If the truck is out of control, it will crash. If it is in control, it will be highly competitive in delivering results. [Drill-Down]

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • [Defense54 - accountability]
    [Defense131 - adversary principle (GASSP)]
    [Defense35 - awareness of implications]
    [Defense137 - choice of location]
    [Defense49 - classifying information as to sensitivity]
    [Defense120 - clear line of responsibility for protection]
    [Defense123 - compliance with laws and regulations]
    [Defense132 - continuity principle (GASSP)]
    [Defense99 - deceptions]
    [Defense129 - democracy principle (GASSP)]
    [Defense76 - effective protection mind-set]
    [Defense18 - encryption]
    [Defense21 - fault isolation]
    [Defense6 - feeding false information]
    [Defense38 - financial situation checking]
    [Defense39 - good hiring practices]
    [Defense34 - improved morality]
    [Defense109 - independent control of audit information]
    [Defense119 - individual accountability for all assets and actions]
    [Defense136 - insurance]
    [Defense127 - integration principle (GASSP)]
    [Defense130 - internal control principle (GASSP)]
    [Defense67 - jamming]
    [Defense37 - least privilege]
    [Defense124 - legal agreements]
    [Defense110 - low building profile]
    [Defense107 - minimizing copies of sensitive information]
    [Defense126 - multidisciplinary principle (GASSP)]
    [Defense98 - perception management]
    [Defense36 - periodic reassessment]
    [Defense15 - physical security]
    [Defense25 - policies]
    [Defense12 - properly prioritized resource usage]
    [Defense11 - quotas]
    [Defense16 - redundancy]
    [Defense101 - regular review of protection measures]
    [Defense100 - retaining confidentiality of security status information]
    [Defense140 - searches and inspections]
    [Defense48 - security marking and/or labeling]
    [Defense40 - separation of duties]
    [Defense41 - separation of function]
    [Defense133 - simplicity principle (GASSP)]
    [Defense27 - standards]
    [Defense1 - strong change control]
    [Defense128 - timeliness principle (GASSP)]
    [Defense106 - tracking, correlation, and analysis of incident reporting and response information]
    [Defense24 - training and awareness]
    [Defense95 - traps]
    [Defense113 - universal use of badges]