Ira Winkler

You CAN Stop Stupid


Скачать книгу

budgets to address such attacks. However, the patch was widely known and had already been around for two years. Their budgets should have already accounted for patching, but they apparently had not previously invested sufficient funds to provide for a basic countermeasure.

      When you understand your organization's vulnerabilities/countermeasures balance and its risk-optimization point, you develop greater insight into how you might better mitigate UIL.

      When you consider how UIL impacts risk, you realize that organizations generally do not fund UIL mitigation efforts well in many industries. Generally, it is a combination of failing to appreciate the holistic nature of countering the problem, a resignation to the fact that users can never be perfect, and not allocating the proper resources. The failure to allocate resources includes funding, staff, and expertise.

      In other fields such as cybersecurity, there is rarely effective tracking of losses and a holistic approach in applying countermeasures to them. While the problems are bemoaned, there is not a clear understanding of the value lost due to UIL.

      To address UIL, you must be able to demonstrate in clear financial terms the value at risk. Chapter 10 covers metrics, which should help you make the argument about the value that users put at risk. However, that will still not do any significant good, if you do not look beyond the awareness as the primary countermeasure to the problem. Chapter 5 will look at the limitations of awareness, and going forward, the book will examine the more holistic approach to all aspects of addressing UIL.

      NOTE Risk management, as a whole, is complicated and rarely performed effectively. While we hope that we provide a working knowledge to apply the concepts in the book, risk management is a core component of all loss mitigation efforts. We recommend you also look to other resources, such as The Failure of Risk Management: Why It's Broken and How to Fix It (Wiley, 2009), for further information.

      Конец ознакомительного фрагмента.

      Текст предоставлен ООО «ЛитРес».

      Прочитайте эту книгу целиком, купив полную легальную версию на ЛитРес.

      Безопасно оплатить книгу можно банковской картой Visa, MasterCard, Maestro, со счета мобильного телефона, с платежного терминала, в салоне МТС или Связной, через PayPal, WebMoney, Яндекс.Деньги, QIWI Кошелек, бонусными картами или другим удобным Вам способом.

/9j/4AAQSkZJRgABAQEBLAEsAAD/2wBDAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEB AQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQH/2wBDAQEBAQEBAQEBAQEBAQEBAQEBAQEB AQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQH/wAARCAOEAtEDAREA AhEBAxEB/8QAHwAAAQIHAQEAAAAAAAAAAAAAAwIEAAEGBwkKCwgF/8QAfBAAAQMCAgUFBw0ICwoJ BwURAQIDBAURBiEABwgSMRMUIkFRCRUyM2FxgQoWIyQlJjR0kaGxssEXNTZCc3XR8BhDRFJicnaz wuHxJzdFVGNkd4KSohk4OUZTZYS2tyhVVmZ4tLVHV2eDhoeTlqOmGimFl6dIaJTSWKTy/8QAHgEA AgICAwEBAAAAAAAAAAAAAAECAwcIBQYJCgT/xAB2EQABAgQDAwYJBQgJEgMDAhcBAhEAAwQhBTFB BlFhBxJxgZGxCBMiMjNyocHwFEJ00eEJFSNSc4Ky8RYkJTQ2Q2KzwhcmNTc4REVTVGR1doSSorS1 02N3thhVgycoVpOUlaOkpcMZOUZm0kdl4ilnhpZXhab/2gAMAwEAAhEDEQA/AMWncEu4GbOndY9m XXlrv1x649dmrjEGq3XS3q0pFJ1ZK1eCj1CkrwDhnFip9RGMMM1qaajz2uPxhzWXHjCK0zux1vcs 4CCM649RcbC5kNs/sp9rWy6Xz++/qNuF7t9y/rEtuXvfK4Ge8QCdHZnc5sbdF/aLb9YIQx6i72