Cyber Security Audit in Business Environments

Cyber Security Audit in Business Environments

Hajdarevic, Kemal

Everyday reports reveal numerous cyber security incidents, while many more are never uncovered due to the risk of jeopardising the reputation of the attacked systems. One definition of risk of this sort is: “feasible determinable outcome of an activity or action subject to hazards” (Stamatelatos, 2000). A more holistic and comprehensive definition, which is available in the NIST Special Publication 800-30 Revision 1 Guide for Conducting Risk Assessment, defines risk as: „Adverse impact(s) that could occur... to organisational operations (including mission, functions, image, reputation), organisational assets, individuals, other organisations... due to the potential for unauthorized access, use, disclosure, disruption, modification, or destruction of information and/or information systems.“ As such, databases, as the active and passive components of computer networks and the building blocks of computer infrastructures, became a point of focus for every business in the world. Unlike 30 years ago, many households nowadays rely on Internet access and available services to support their everyday life. The Internet and World Wide Web (WWW) resources are accessible through various web browsers.

Book
PeerReviewed

International Burch University

2018

3776