Assessing and Managing Risks to Information Assurance: A Methodological Approach

摘要

Recent events such as the Yahoo. denial-of-service attack and the I Love you virus have sparked a dramatic interest in information assurance (IA) and the future security of information infrastructures. Information systems are facing an increase in interconnectedness, interdependency and complexity. Information assurance attempts to answer critical questions of trust and credibility associated with our digital environment and it represents a myriad of considerations and decisions that transcend technological advancement, legal, political, economic, social, cultural, institutional, organizational, and educational dimensions. Despite spending millions of dollars on firewalls, encryption technologies, and intrusion detection software, information infrastructure vulnerabilities and incidents continue to happen. These trends have a significant impact on military operations in the next decades.