Disclosure of risk is an ethical dilemma

http://news.ft.com/cms/s/48307322-28d9-11da-8a5e-00000e2511c8.html

Disclosure of risk is an ethical dilemma
Published: September 20 2005 16:54 | Last updated: September 20 2005 16:54

When Donald Rumsfeld spoke of “known knowns”, “known unknowns” and “unknown unknowns” the world laughed. But the concepts he outlined are familiar to risk managers.

Computer security knowns and unknowns correspond to risks within systems. A risk exists when a system has a vulnerability and a mechanism exists to exploit it.

Vulnerabilities that can be exploited are quantifiable risks (known knowns), while for those for which there is no exploitation (known unknowns) the impact is unquantifiable.

[..]

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: