The Open Group Library

Visualizing the Business Impact of Technical Cyber Risks

Visualizing the Business Impact of Technical Cyber Risks

Reference: D104

$0.00

Availability: Available to download

This webinar will initially look at the work being carried out in the Architecture and ArchiMate® Forums, both Forums of The Open Group, around risk and security modeling.
Description

Details

Although enterprise risk management and IT security have become mature disciplines, and professional tools exist to detect a wide variety of vulnerabilities in IT systems and infrastructure, their use in the support of management decisions related to security investments is still very limited. This is due to the fact that the findings of these tools are presented in a very technical way, only fully understandable to experts. In most cases, it is unclear how these technical vulnerabilities will impact the business.

By incorporating the findings of so-called penetration tests of computer devices and networks into an Enterprise Architecture model of the organization, it becomes possible to analyze and visualize the impact that the technical risks have on the business processes. Also, an Enterprise Architecture model can also help to focus penetration tests on the IT infrastructure that supports the most critical business processes, thus making the tests more efficient and effective.

This webinar will initially look at the work being carried out in the Architecture and ArchiMate® Forums, both Forums of The Open Group, around risk and security modeling. We will then go on to present a method for business impact analysis of technical risks, which combines the disciplines of technical risk analysis and Enterprise Architecture. Our method is supported by software tooling to (semi-)automatically import results of a penetration test into an Enterprise Architecture model, and to analyze and visualize the business impact of these technical risks. This both enhances the value of penetration testing and increases the return-on-investment of the Enterprise Architecture effort. We will illustrate our method by applying it to a realistic case study an end with an interactive Q&A session.

Additional Information

Additional Information

Reference D104
Author(s) Henk Jonkers (Senior Research Consultant, BiZZdesign), Jim Hietala (VP Security and Healthcare, The Open Group)
Published 21 May 2014
Duration 1 hour 4 minutes
Type Webinars
Subject Security
Reviews