information risk assessment

when you start talking ‘information security’ with people, most of the time they think the conversation is about malware and computer viruses. to some extent it is: information is definitely at risk of being intercepted or stolen via malware, and malware accounts for the majority of web-based information thefts these days. but ‘information’ isn’t limited to the internet or computer files: its value lies in the knowledge of people, the vaults of archives, and the often  forgotten conduits of hardware, files and architecture. with the snowden case taking centre stage, i thought it was the perfect time to introduce a basic risk analysis diagram created for government agencies, based on the most obvious and common methods of storing or sharing information. the assessment has been mapped according to the info security principles of ‘confidentiality’, ‘integrity’ and ‘availability’. a subsequent report on the best methods for stealing information from competitors was also developed; i think i’ll keep that one under wraps for ethical reasons, just in case! 😉

Information Risk Assessment: State Government agency.Katie Haden.2012

Please note: I love sharing my ideas and knowledge with people, but I would appreciate acknowledgement if they are used or shared beyond this blog. These are original works that fall under plagiarism standards and creative commons licences.