A Methodology for the Assessment of the Capability of Threat Agents in an Information Environment
ABSTRACT
The proliferation in the use of information and communications technologies over the last three decades has resulted in significant changes in the level and type of threat that is posed to the information environment that we have come to rely on. The way in which the threat that is posed to an information environment is assessed has not advanced at the same rate as the technology. As a result, there is, at the present time, no way in which the threats that are posed to information systems can be either modeled or quantified in any meaningful or repeatable manner. This paper will investigate a number of methodologies in order to attempt to identify one that will provide an accurate representation of the threat to information systems in a range of scenarios.
AUTHORS
BT Security Research Centre, United Kingdom, Adjunct Professor, Edith Cowan University
Australia
Dr. Andrew Jones. During a full military career Andy directed both Intelligence and Security operations and briefed the results at the highest level, and was awarded the MBE for his service in Northern Ireland. After 25 years service with the British Army's Intelligence Corps he became a business manager and a researcher and analyst in the area of Information Warfare and computer crime at a defence research establishment. In September 2002, on completion of a paper on a method for the metrication of the threats to information systems, he left the defence environment to take up a post as a principal lecturer at the University of Glamorgan in the subjects of Network Security and Computer Crime and as a researcher on the Threats to Information Systems and Computer Forensics.
At the University he developed and managed a well equipped Computer Forensics Laboratory and took the lead on a large number of computer investigations and data recovery tasks. In January 2005, he joined the Security Research Centre at British Telecommunications where he is currently the head of information security research. He is the author of five books on the topics of Information warfare, information security and digital forensics, and holds a Ph.D. in the area of threats to information systems. Andy is Adjunct Professor in the School of Computer and Information Science at Edith Cowan University and part of the SECAU Security Research Centre.
Published In
Keywords
Journal of Information Warfare
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.
Quick Links
Archive