https://wiki.owasp.org/api.php?action=feedcontributions&feedformat=atom&user=Dcabra01OWASP - User contributions [en]2026-04-18T09:57:25ZUser contributionsMediaWiki 1.27.2https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32327Losing your money2008-06-24T18:44:33Z<p>Dcabra01: </p>
<hr />
<div>{{Template:Business Impact}}<br />
Last revision (MM/DD/YY): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''<br />
<br />
==Description==<br />
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.<br />
<br />
==Risk Factors==<br />
* The financial report is impacted when an application or network service level agreement is not met <br />
<br />
* Reduction in benefits for the individual <br />
<br />
* Reduction in headcount for the company <br />
<br />
* A company's expenses will exceed its revenues <br />
<br />
* Hackers invading a network or application system <br />
<br />
* PCI compliancy did not occur and the company is fined<br />
<br />
<br />
==Examples==<br />
===A Company's Expenses Exceed Its Revenues===<br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
===Domino Impact===<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
==Related Technical Impacts==<br />
<br />
* Loss of confidentiality<br />
<br />
* Loss of integrity<br />
<br />
* Loss of availability<br />
<br />
* Loss of accountability<br />
<br />
<br />
==References==<br />
* [http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf OWASP Top 10 - Ruby on Rails version]<br />
<br />
[[Category:Financial damage]]</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_sellable_products&diff=32326Losing sellable products2008-06-24T18:40:34Z<p>Dcabra01: </p>
<hr />
<div>{{Template:Business Impact}}<br />
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''<br />
<br />
==Description==<br />
The business is not set up to effectively distribute, sell or maintain products for existing or new customers. Businesses basically fall into two categories: product providers and service providers. Product providers sell the products to the customers. Service providers maintain customer’s throughout the life-cycle. This means that special needs have to be made to take care of the customer so that they will continue to use your services. <br />
<br />
<br />
<br />
==Risk Factors==<br />
* Irate customers <br />
<br />
* Sellable equipment, services and/or features missing from applications <br />
<br />
* Network and application failures frustrates both users and customers <br />
<br />
* Profits decrease for the company <br />
<br />
* Legal action occurs<br />
<br />
* Fraudulent users unlawfully use customer data to send devices to an authorized location<br />
<br />
<br />
<br />
==Examples==<br />
<br />
===Decrease in Revenue===<br />
<br />
A sales tool application is down for two hours which impacts users to sell products to customers. The Service Level Agreement (SLA) of the application is not met. Potential loss of revenue for those two hours is estimated at $200K. (Note: each application has its own SLA agreement pre-determined and an Application Business Impact Analysis (ABIA) survey determines the financial loss).<br />
<br />
===Profits Sailing Down===<br />
<br />
Saleable equipment is missing from an application. A customer wants to purchase one of the missing items and is not able to proceed with their order. The customer gets frustrated and the sale is lost.<br />
<br />
<br />
==Related Technical Impacts==<br />
<br />
* Loss of integrity<br />
<br />
* Loss of availability<br />
<br />
* Loss of accountability<br />
<br />
<br />
==References==<br />
<br />
*OWASP Top 10 - Ruby on Rails version [http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf]<br />
<br />
[[Category:Financial damage]]</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_opportunity_to_make_money&diff=32325Losing opportunity to make money2008-06-24T18:36:23Z<p>Dcabra01: </p>
<hr />
<div>{{Template:Business Impact}}<br />
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''<br />
<br />
==Description==<br />
We currently live in a society where a customer expects instant gratification. A system or network issue will impact the opportunity for the user to bring in money for the company therefore losing the opportunity to make money. A customer expects the company not to violate their personal information.<br />
<br />
<br />
==Risk Factors==<br />
<br />
* Reduction in customer satisfaction <br />
<br />
* Potential loss of new customers <br />
<br />
* Alienation of existing customers <br />
<br />
* Company’s reputation is violated<br />
<br />
* Attackers violating applications<br />
<br />
* Fraudulent actions by users<br />
<br />
* Legal action against the company<br />
<br />
<br />
==Examples==<br />
<br />
===Frustrated Customer===<br />
<br />
A potential customer is shopping for a new wireless device and plan. If a system is experiencing issues, the customer becomes weary of the company and decides to hold off purchasing. This will result in losing the opportunity for the company to make money. <br />
<br />
===Fraudulent Acts===<br />
<br />
A user violates the company’s ethical stature and customer’s personal identification by using the customer’s personal information to purchase products and/or services. The customer realizes unauthorized purchases were made to their credit card. Legal action is taken against the company.<br />
<br />
<br />
==Related Technical Impacts==<br />
*Loss of confidentiality<br />
<br />
* Loss of integrity<br />
<br />
* Loss of availability<br />
<br />
* Loss of accountability<br />
<br />
<br />
==References==<br />
*OWASP Top 10 - Ruby on Rails version, [http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf]<br />
<br />
[[Category:Financial damage]]</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_customer%E2%80%99s_money&diff=32324Losing customer’s money2008-06-24T18:33:07Z<p>Dcabra01: </p>
<hr />
<div>{{Template:Business Impact}}<br />
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''<br />
<br />
==Description==<br />
Losing a customer’s money can occur by an attacker, to the network going down, to a customer incurring costs for a product or service which was never used or received.<br />
<br />
<br />
==Risk Factors==<br />
* Unhappy customer <br />
<br />
* Disgruntle customers will leave <br />
<br />
* New and existing customers talk badly about their experiences to friends. <br />
<br />
* Company’s reputation is smudged <br />
<br />
* Legal action occurs <br />
<br />
* Threat to the network or an application<br />
<br />
* Invasion of customer’s privacy<br />
<br />
<br />
==Example==<br />
===Missing Equipment===<br />
<br />
The application doesn’t reflect the correct status of the inventory and a customer purchases a device which is backordered. The customer becomes frustrated with the company when the item is not received. This customer talks to their colleagues about their experiences with your company. The company's reputation is smudged in the community. <br />
<br />
===Hackers===<br />
<br />
A hacker invades a network and finds its way through an application wall. Customer’s unencrypted credit card data was located within an application database. The data was opened and the credit card info was retrieved. The customer is now experiencing identity fraud. The customer now feels violated and doesn’t know how or why this occurred.<br />
<br />
<br />
<br />
==Related Technical Impacts==<br />
* Loss of confidentiality<br />
<br />
* Loss of accountability<br />
<br />
<br />
==References==<br />
*OWASP Top 10 - Ruby on Rails version [http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf]<br />
<br />
*OWASP CLASP v1.2 [http://www.lulu.com/items/volume_62/1401000/1401307/3/print/OWASP_CLASP_v1.2_for_print_LULU.pdf]<br />
<br />
[[Category:Financial damage]]</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_customer%E2%80%99s_money&diff=32323Losing customer’s money2008-06-24T18:32:31Z<p>Dcabra01: </p>
<hr />
<div>{{Template:Business Impact}}<br />
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''<br />
<br />
==Description==<br />
Losing a customer’s money can occur by an attacker, to the network going down, to a customer incurring costs for a product or service which was never used or received.<br />
<br />
<br />
'''Risk Factors==<br />
* Unhappy customer <br />
<br />
* Disgruntle customers will leave <br />
<br />
* New and existing customers talk badly about their experiences to friends. <br />
<br />
* Company’s reputation is smudged <br />
<br />
* Legal action occurs <br />
<br />
* Threat to the network or an application<br />
<br />
* Invasion of customer’s privacy<br />
<br />
<br />
==Example==<br />
===Missing Equipment===<br />
<br />
The application doesn’t reflect the correct status of the inventory and a customer purchases a device which is backordered. The customer becomes frustrated with the company when the item is not received. This customer talks to their colleagues about their experiences with your company. The company's reputation is smudged in the community. <br />
<br />
===Hackers===<br />
<br />
A hacker invades a network and finds its way through an application wall. Customer’s unencrypted credit card data was located within an application database. The data was opened and the credit card info was retrieved. The customer is now experiencing identity fraud. The customer now feels violated and doesn’t know how or why this occurred.<br />
<br />
<br />
<br />
==Related Technical Impacts==<br />
* Loss of confidentiality<br />
<br />
* Loss of accountability<br />
<br />
<br />
==References==<br />
*OWASP Top 10 - Ruby on Rails version [http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf]<br />
<br />
*OWASP CLASP v1.2 [http://www.lulu.com/items/volume_62/1401000/1401307/3/print/OWASP_CLASP_v1.2_for_print_LULU.pdf]<br />
<br />
[[Category:Financial damage]]</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32297Losing your money2008-06-24T16:24:42Z<p>Dcabra01: </p>
<hr />
<div>{{Template:Business Impact}}<br />
Last revision (06/24/08): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}<br />
<br />
==Description==<br />
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.<br />
<br />
==Risk Factors==<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
* Reduction in benefits for the individual. <br />
<br />
* Reduction in headcount for the company. <br />
<br />
* A company's expenses will exceed its revenues. <br />
<br />
* Hackers invading a network or application system. <br />
<br />
* PCI compliancy did not occur and the company is fined.<br />
<br />
<br />
==Examples==<br />
===A Company's Expenses Exceed Its Revenues===<br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
===Domino Impact===<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
==Related Technical Impacts==<br />
<br />
* Loss of confidentiality<br />
<br />
* Loss of integrity<br />
<br />
* Loss of availability<br />
<br />
* Loss of accountability<br />
<br />
<br />
==References==<br />
* OWASP Top 10 - Ruby on Rails version [http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf]<br />
<br />
[[Category:Financial damage]]</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32291Losing your money2008-06-24T15:30:26Z<p>Dcabra01: </p>
<hr />
<div>{{Template:Business Impact}}<br />
Last revision (06/24/08): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}<br />
<br />
==Description==<br />
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.<br />
<br />
==Risk Factors==<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
* Reduction in benefits for the individual. <br />
<br />
* Reduction in headcount for the company. <br />
<br />
* A company's expenses will exceed its revenues. <br />
<br />
* Hackers invading a network or application system. <br />
<br />
* PCI compliancy did not occur and the company is fined.<br />
<br />
<br />
==Examples==<br />
===A Company's Expenses Exceed Its Revenues===<br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
===Domino Impact===<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
==Related Technical Impacts==<br />
<br />
* Loss of confidentiality<br />
<br />
* Loss of integrity<br />
<br />
* Loss of availability<br />
<br />
* Loss of accountability<br />
<br />
<br />
==References==<br />
* OWASP Top 10 - Ruby on Rails version [http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf]</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32290Losing your money2008-06-24T15:29:18Z<p>Dcabra01: </p>
<hr />
<div>{{Template:Business Impact}}<br />
Last revision (06/24/08): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}<br />
<br />
== '''Description''' ==<br />
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.<br />
<br />
== '''Risk Factors''' ==<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
* Reduction in benefits for the individual. <br />
<br />
* Reduction in headcount for the company. <br />
<br />
* A company's expenses will exceed its revenues. <br />
<br />
* Hackers invading a network or application system. <br />
<br />
* PCI compliancy did not occur and the company is fined.<br />
<br />
<br />
==Examples==<br />
===A Company's Expenses Exceed Its Revenues===<br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
===Domino Impact===<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
==Related Technical Impacts==<br />
<br />
* Loss of confidentiality<br />
<br />
* Loss of integrity<br />
<br />
* Loss of availability<br />
<br />
* Loss of accountability<br />
<br />
<br />
==References==<br />
* OWASP Top 10 - Ruby on Rails version [http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf]</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32289Losing your money2008-06-24T15:28:36Z<p>Dcabra01: </p>
<hr />
<div>{{Template:Business Impact}}<br />
Last revision (06/24/08): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}<br />
<br />
== '''Description''' ==<br />
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.<br />
<br />
== '''Risk Factors''' ==<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
* Reduction in benefits for the individual. <br />
<br />
* Reduction in headcount for the company. <br />
<br />
* A company's expenses will exceed its revenues. <br />
<br />
* Hackers invading a network or application system. <br />
<br />
* PCI compliancy did not occur and the company is fined.<br />
<br />
<br />
==Examples==<br />
===A Company's Expenses Exceed Its Revenues===<br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
===Domino Impact===<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
==Related Technical Impacts==<br />
<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
<br />
==References==<br />
* OWASP Top 10 - Ruby on Rails version [http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf]</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32288Losing your money2008-06-24T15:27:45Z<p>Dcabra01: </p>
<hr />
<div>{{Template:Business Impact}}<br />
Last revision (06/24/08): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}<br />
<br />
== '''Description''' ==<br />
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.<br />
<br />
== '''Risk Factors''' ==<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
* Reduction in benefits for the individual. <br />
<br />
* Reduction in headcount for the company. <br />
<br />
* A company's expenses will exceed its revenues. <br />
<br />
* Hackers invading a network or application system. <br />
<br />
* PCI compliancy did not occur and the company is fined.<br />
<br />
<br />
==Examples==<br />
'''A Company's Expenses Exceed Its Revenues''' <br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
===Domino Impact===<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
==Related Technical Impacts==<br />
<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
<br />
==References==<br />
* OWASP Top 10 - Ruby on Rails version [http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf]</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32286Losing your money2008-06-24T15:27:11Z<p>Dcabra01: </p>
<hr />
<div>{{Template:Business Impact}}<br />
Last revision (06/24/08): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}<br />
<br />
== '''Description''' ==<br />
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.<br />
<br />
== '''Risk Factors''' ==<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
* Reduction in benefits for the individual. <br />
<br />
* Reduction in headcount for the company. <br />
<br />
* A company's expenses will exceed its revenues. <br />
<br />
* Hackers invading a network or application system. <br />
<br />
* PCI compliancy did not occur and the company is fined.<br />
<br />
<br />
==Examples==<br />
'''A Company's Expenses Exceed Its Revenues''' <br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
===Domino Impact===<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
==Related Technical Impacts==<br />
<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
<br />
==References==<br />
* OWASP Top 10 - Ruby on Rails version, [http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf]</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32285Losing your money2008-06-24T15:25:28Z<p>Dcabra01: </p>
<hr />
<div>{{Template:Business Impact}}<br />
Last revision (06/24/08): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}== '''Description''' ==<br />
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.<br />
<br />
== '''Risk Factors''' ==<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
* Reduction in benefits for the individual. <br />
<br />
* Reduction in headcount for the company. <br />
<br />
* A company's expenses will exceed its revenues. <br />
<br />
* Hackers invading a network or application system. <br />
<br />
* PCI compliancy did not occur and the company is fined.<br />
<br />
<br />
==Examples==<br />
'''A Company's Expenses Exceed Its Revenues''' <br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
===Domino Impact===<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
==Related Technical Impacts==<br />
<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
<br />
==References==<br />
* OWASP Top 10 - Ruby on Rails version, [http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf]</div>Dcabra01https://wiki.owasp.org/index.php?title=Category:Financial_damage&diff=32283Category:Financial damage2008-06-24T15:05:41Z<p>Dcabra01: </p>
<hr />
<div>{{Template:Business Impact}}<br />
Last revision (06/24/08): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}<br />
Financial damage is when profitable companies have a cash flow problem which impacts the business to generate profits to cover the company’s debt. A company’s financial damage has a domino impact to its industry. The reputation of the company reflects badly, the industry takes a hit, competitors gain your customers, and in some cases legal action is brought against the company.<br />
<br />
[[Category:Financial damage]]</div>Dcabra01https://wiki.owasp.org/index.php?title=Category:Financial_damage&diff=32282Category:Financial damage2008-06-24T15:04:29Z<p>Dcabra01: </p>
<hr />
<div>{{Template:Business Impact}}<br />
'''{{06}}/{{24}}/{{08}}"<br />
Financial damage is when profitable companies have a cash flow problem which impacts the business to generate profits to cover the company’s debt. A company’s financial damage has a domino impact to its industry. The reputation of the company reflects badly, the industry takes a hit, competitors gain your customers, and in some cases legal action is brought against the company.<br />
<br />
[[Category:Financial damage]]</div>Dcabra01https://wiki.owasp.org/index.php?title=Category:Financial_damage&diff=32281Category:Financial damage2008-06-24T15:03:43Z<p>Dcabra01: </p>
<hr />
<div>{{Template:Business Impact}}<br />
'''{{06}}/{{24}}/{{08}}<br />
Financial damage is when profitable companies have a cash flow problem which impacts the business to generate profits to cover the company’s debt. A company’s financial damage has a domino impact to its industry. The reputation of the company reflects badly, the industry takes a hit, competitors gain your customers, and in some cases legal action is brought against the company.<br />
<br />
[[Category:Financial damage]]</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_sellable_products&diff=32279Losing sellable products2008-06-24T14:09:38Z<p>Dcabra01: </p>
<hr />
<div><br />
== '''Description''' ==<br />
The business is not set up to effectively distribute, sell or maintain products for existing or new customers. Businesses basically fall into two categories: product providers and service providers. Product providers sell the products to the customers. Service providers maintain customer’s throughout the life-cycle. This means that special needs have to be made to take care of the customer so that they will continue to use your services. <br />
<br />
<br />
<br />
== '''Risk Factors''' ==<br />
• Irate customers. <br />
<br />
• Sellable equipment, services and/or features missing from applications .<br />
<br />
• Network and application failures frustrates both users and customers. <br />
<br />
• Profits decrease for the company. <br />
<br />
• Legal action occurs.<br />
<br />
• Fraudulent users unlawfully use customer data to send devices to an authorized location.<br />
<br />
<br />
<br />
== '''Examples''' ==<br />
<br />
'''Decrease in Revenue'''<br />
<br />
A sales tool application is down for two hours which impacts users to sell products to customers. The Service Level Agreement (SLA) of the application is not met. Potential loss of revenue for those two hours is estimated at $200K. (Note: each application has its own SLA agreement pre-determined and an Application Business Impact Analysis (ABIA) survey determines the financial loss).<br />
<br />
'''Profits Sailing Down'''<br />
<br />
Saleable equipment is missing from an application. A customer wants to purchase one of the missing items and is not able to proceed with their order. The customer gets frustrated and the sale is lost.<br />
<br />
<br />
== '''Related Technical Impacts''' ==<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
<br />
== '''References''' ==<br />
<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_opportunity_to_make_money&diff=32278Losing opportunity to make money2008-06-24T14:07:52Z<p>Dcabra01: </p>
<hr />
<div>== '''Description''' ==<br />
We currently live in a society where a customer expects instant gratification. A system or network issue will impact the opportunity for the user to bring in money for the company therefore losing the opportunity to make money. A customer expects the company not to violate their personal information.<br />
<br />
<br />
== '''Risk Factors''' ==<br />
<br />
<br />
• Reduction in customer satisfaction <br />
<br />
• Potential loss of new customers <br />
<br />
• Alienation of existing customers <br />
<br />
• Company’s reputation is violated<br />
<br />
• Attackers violating applications<br />
<br />
• Fraudulent actions by users<br />
<br />
• Legal action against the company<br />
<br />
<br />
== '''Examples''' ==<br />
<br />
'''Frustrated Customer'''<br />
<br />
A potential customer is shopping for a new wireless device and plan. If a system is experiencing issues, the customer becomes weary of the company and decides to hold off purchasing. This will result in losing the opportunity for the company to make money. <br />
<br />
'''Fraudulent Acts'''<br />
<br />
A user violates the company’s ethical stature and customer’s personal identification by using the customer’s personal information to purchase products and/or services. The customer realizes unauthorized purchases were made to their credit card. Legal action is taken against the company.<br />
<br />
<br />
== '''Related Technical Impacts''' ==<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
<br />
== '''References''' ==<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_opportunity_to_make_money&diff=32277Losing opportunity to make money2008-06-24T14:07:30Z<p>Dcabra01: </p>
<hr />
<div>== '''Description:''' ==<br />
We currently live in a society where a customer expects instant gratification. A system or network issue will impact the opportunity for the user to bring in money for the company therefore losing the opportunity to make money. A customer expects the company not to violate their personal information.<br />
<br />
<br />
== '''Risk Factors''' ==<br />
<br />
<br />
• Reduction in customer satisfaction <br />
<br />
• Potential loss of new customers <br />
<br />
• Alienation of existing customers <br />
<br />
• Company’s reputation is violated<br />
<br />
• Attackers violating applications<br />
<br />
• Fraudulent actions by users<br />
<br />
• Legal action against the company<br />
<br />
<br />
== '''Examples''' ==<br />
<br />
'''Frustrated Customer'''<br />
<br />
A potential customer is shopping for a new wireless device and plan. If a system is experiencing issues, the customer becomes weary of the company and decides to hold off purchasing. This will result in losing the opportunity for the company to make money. <br />
<br />
'''Fraudulent Acts'''<br />
<br />
A user violates the company’s ethical stature and customer’s personal identification by using the customer’s personal information to purchase products and/or services. The customer realizes unauthorized purchases were made to their credit card. Legal action is taken against the company.<br />
<br />
<br />
== '''Related Technical Impacts''' ==<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
<br />
== '''References''' ==<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_opportunity_to_make_money&diff=32276Losing opportunity to make money2008-06-24T14:07:00Z<p>Dcabra01: </p>
<hr />
<div>== '''Description:''' ==<br />
We currently live in a society where a customer expects instant gratification. A system or network issue will impact the opportunity for the user to bring in money for the company therefore losing the opportunity to make money. A customer expects the company not to violate their personal information.<br />
<br />
<br />
== '''Risk Factors''' ==<br />
<br />
<br />
• Reduction in customer satisfaction <br />
• Potential loss of new customers <br />
• Alienation of existing customers <br />
• Company’s reputation is violated<br />
• Attackers violating applications<br />
• Fraudulent actions by users<br />
• Legal action against the company<br />
<br />
<br />
== '''Examples''' ==<br />
<br />
'''Frustrated Customer'''<br />
<br />
A potential customer is shopping for a new wireless device and plan. If a system is experiencing issues, the customer becomes weary of the company and decides to hold off purchasing. This will result in losing the opportunity for the company to make money. <br />
<br />
'''Fraudulent Acts'''<br />
<br />
A user violates the company’s ethical stature and customer’s personal identification by using the customer’s personal information to purchase products and/or services. The customer realizes unauthorized purchases were made to their credit card. Legal action is taken against the company.<br />
<br />
<br />
== '''Related Technical Impacts''' ==<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
<br />
== '''References''' ==<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_opportunity_to_make_money&diff=32275Losing opportunity to make money2008-06-24T14:05:41Z<p>Dcabra01: </p>
<hr />
<div><br />
== '''Description:''' ==<br />
We currently live in a society where a customer expects instant gratification. A system or network issue will impact the opportunity for the user to bring in money for the company therefore losing the opportunity to make money. A customer expects the company not to violate their personal information.<br />
<br />
== '''Risk Factors''' ==<br />
• Reduction in customer satisfaction <br />
• Potential loss of new customers <br />
• Alienation of existing customers <br />
• Company’s reputation is violated<br />
• Attackers violating applications<br />
• Fraudulent actions by users<br />
• Legal action against the company<br />
<br />
<br />
== '''Examples''' ==<br />
<br />
'''Frustrated Customer'''<br />
<br />
A potential customer is shopping for a new wireless device and plan. If a system is experiencing issues, the customer becomes weary of the company and decides to hold off purchasing. This will result in losing the opportunity for the company to make money. <br />
<br />
'''Fraudulent Acts'''<br />
<br />
A user violates the company’s ethical stature and customer’s personal identification by using the customer’s personal information to purchase products and/or services. The customer realizes unauthorized purchases were made to their credit card. Legal action is taken against the company.<br />
<br />
<br />
== '''Related Technical Impacts''' ==<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
<br />
== '''References''' ==<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_customer%E2%80%99s_money&diff=32274Losing customer’s money2008-06-24T14:03:55Z<p>Dcabra01: </p>
<hr />
<div>== '''Description''' ==<br />
Losing a customer’s money can occur by an attacker, to the network going down, to a customer incurring costs for a product or service which was never used or received.<br />
<br />
<br />
== '''Risk Factors''' ==<br />
• Unhappy customer <br />
<br />
• Disgruntle customers will leave <br />
• New and existing customers talk badly about their experiences to friends. <br />
<br />
• Company’s reputation is smudged <br />
<br />
• Legal action occurs <br />
<br />
• Threat to the network or an application<br />
<br />
• Invasion of customer’s privacy<br />
<br />
<br />
== '''Example''' ==<br />
'''Missing Equipment'''<br />
<br />
The application doesn’t reflect the correct status of the inventory and a customer purchases a device which is backordered. The customer becomes frustrated with the company when the item is not received. This customer talks to their colleagues about their experiences with your company. The company's reputation is smudged in the community. <br />
<br />
'''Hackers'''<br />
<br />
A hacker invades a network and finds its way through an application wall. Customer’s unencrypted credit card data was located within an application database. The data was opened and the credit card info was retrieved. The customer is now experiencing identity fraud. The customer now feels violated and doesn’t know how or why this occurred.<br />
<br />
<br />
<br />
== '''Related Technical Impacts''' ==<br />
- Loss of confidentiality<br />
<br />
- Loss of accountability<br />
<br />
<br />
== '''References''' ==<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf<br />
<br />
OWASP CLASP v1.2, http://www.lulu.com/items/volume_62/1401000/1401307/3/print/OWASP_CLASP_v1.2_for_print_LULU.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_customer%E2%80%99s_money&diff=32273Losing customer’s money2008-06-24T14:02:50Z<p>Dcabra01: </p>
<hr />
<div><br />
== '''Description''' ==<br />
Losing a customer’s money can occur by an attacker, to the network going down, to a customer incurring costs for a product or service which was never used or received.<br />
<br />
<br />
== '''Risk Factors:''' ==<br />
• Unhappy customer <br />
<br />
• Disgruntle customers will leave <br />
• New and existing customers talk badly about their experiences to friends. <br />
<br />
• Company’s reputation is smudged <br />
<br />
• Legal action occurs <br />
<br />
• Threat to the network or an application<br />
<br />
• Invasion of customer’s privacy<br />
<br />
<br />
== '''Example''' ==<br />
'''Missing Equipment'''<br />
<br />
The application doesn’t reflect the correct status of the inventory and a customer purchases a device which is backordered. The customer becomes frustrated with the company when the item is not received. This customer talks to their colleagues about their experiences with your company. The company's reputation is smudged in the community. <br />
<br />
'''Hackers'''<br />
<br />
A hacker invades a network and finds its way through an application wall. Customer’s unencrypted credit card data was located within an application database. The data was opened and the credit card info was retrieved. The customer is now experiencing identity fraud. The customer now feels violated and doesn’t know how or why this occurred.<br />
<br />
<br />
<br />
== '''Related Technical Impacts''' ==<br />
- Loss of confidentiality<br />
<br />
- Loss of accountability<br />
<br />
<br />
== '''References''' ==<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf<br />
<br />
OWASP CLASP v1.2, http://www.lulu.com/items/volume_62/1401000/1401307/3/print/OWASP_CLASP_v1.2_for_print_LULU.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32272Losing your money2008-06-24T14:00:57Z<p>Dcabra01: </p>
<hr />
<div>== '''Description''' ==<br />
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.<br />
<br />
== '''Risk Factors''' ==<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
• Reduction in benefits for the individual. <br />
<br />
• Reduction in headcount for the company. <br />
<br />
• A company's expenses will exceed its revenues. <br />
<br />
• Hackers invading a network or application system. <br />
<br />
• PCI compliancy did not occur and the company is fined.<br />
<br />
<br />
== '''Examples''' ==<br />
'''A Company's Expenses Exceed Its Revenues''' <br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
'''Domino Impact'''<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
== '''Related Technical Impacts''' ==<br />
<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
<br />
== '''References''' ==<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32271Losing your money2008-06-24T13:59:17Z<p>Dcabra01: </p>
<hr />
<div>== '''Description:''' ==<br />
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.<br />
<br />
== '''Risk Factors:''' ==<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
• Reduction in benefits for the individual. <br />
<br />
• Reduction in headcount for the company. <br />
<br />
• A company's expenses will exceed its revenues. <br />
<br />
• Hackers invading a network or application system. <br />
<br />
• PCI compliancy did not occur and the company is fined.<br />
<br />
<br />
== '''Examples:''' ==<br />
'''A Company's Expenses Exceed Its Revenues''' <br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
'''Domino Impact'''<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
== '''Related Technical Impacts''' ==<br />
<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
<br />
== '''References''' ==<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32270Losing your money2008-06-24T13:58:31Z<p>Dcabra01: </p>
<hr />
<div>== '''Description:''' ==<br />
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.<br />
<br />
== '''Risk Factors:''' ==<br />
----<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
• Reduction in benefits for the individual. <br />
<br />
• Reduction in headcount for the company. <br />
<br />
• A company's expenses will exceed its revenues. <br />
<br />
• Hackers invading a network or application system. <br />
<br />
• PCI compliancy did not occur and the company is fined.<br />
<br />
<br />
== '''Examples:''' ==<br />
----<br />
'''A Company's Expenses Exceed Its Revenues''' <br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
'''Domino Impact'''<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
<br />
== '''Related Technical Impacts''' ==<br />
----<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
<br />
== '''References''' ==<br />
----<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32269Losing your money2008-06-24T13:58:01Z<p>Dcabra01: /* '''Description:''' */</p>
<hr />
<div>== '''Description:''' ==<br />
__________________________________________________________________________________________Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.<br />
<br />
== '''Risk Factors:''' ==<br />
----<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
• Reduction in benefits for the individual. <br />
<br />
• Reduction in headcount for the company. <br />
<br />
• A company's expenses will exceed its revenues. <br />
<br />
• Hackers invading a network or application system. <br />
<br />
• PCI compliancy did not occur and the company is fined.<br />
<br />
<br />
== '''Examples:''' ==<br />
----<br />
'''A Company's Expenses Exceed Its Revenues''' <br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
'''Domino Impact'''<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
<br />
== '''Related Technical Impacts''' ==<br />
----<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
<br />
== '''References''' ==<br />
----<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32268Losing your money2008-06-24T13:56:01Z<p>Dcabra01: /* '''Description:''' */</p>
<hr />
<div>== '''Description:''' ==<br />
----Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.<br />
<br />
== '''Risk Factors:''' ==<br />
----<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
• Reduction in benefits for the individual. <br />
<br />
• Reduction in headcount for the company. <br />
<br />
• A company's expenses will exceed its revenues. <br />
<br />
• Hackers invading a network or application system. <br />
<br />
• PCI compliancy did not occur and the company is fined.<br />
<br />
<br />
== '''Examples:''' ==<br />
----<br />
'''A Company's Expenses Exceed Its Revenues''' <br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
'''Domino Impact'''<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
<br />
== '''Related Technical Impacts''' ==<br />
----<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
<br />
== '''References''' ==<br />
----<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32267Losing your money2008-06-24T13:55:19Z<p>Dcabra01: </p>
<hr />
<div>== '''Description:''' ==<br />
----<br />
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees. <br />
<br />
<br />
== '''Risk Factors:''' ==<br />
----<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
• Reduction in benefits for the individual. <br />
<br />
• Reduction in headcount for the company. <br />
<br />
• A company's expenses will exceed its revenues. <br />
<br />
• Hackers invading a network or application system. <br />
<br />
• PCI compliancy did not occur and the company is fined.<br />
<br />
<br />
== '''Examples:''' ==<br />
----<br />
'''A Company's Expenses Exceed Its Revenues''' <br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
'''Domino Impact'''<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
<br />
== '''Related Technical Impacts''' ==<br />
----<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
<br />
== '''References''' ==<br />
----<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32266Losing your money2008-06-24T13:54:20Z<p>Dcabra01: </p>
<hr />
<div>== '''Description:''' ==<br />
----Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees. <br />
<br />
<br />
== '''Risk Factors:''' ==<br />
----<br />
<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
• Reduction in benefits for the individual. <br />
<br />
• Reduction in headcount for the company. <br />
<br />
• A company's expenses will exceed its revenues. <br />
<br />
• Hackers invading a network or application system. <br />
<br />
• PCI compliancy did not occur and the company is fined.<br />
<br />
<br />
== '''Examples:''' ==<br />
<br />
----<br />
<br />
'''A Company's Expenses Exceed Its Revenues''' <br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
'''Domino Impact'''<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
<br />
== '''Related Technical Impacts''' ==<br />
----<br />
<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
<br />
== '''References''' ==<br />
<br />
----<br />
<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32265Losing your money2008-06-24T13:53:56Z<p>Dcabra01: </p>
<hr />
<div>== '''Description:''' ==----<br />
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees. <br />
<br />
<br />
== '''Risk Factors:''' ==<br />
----<br />
<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
• Reduction in benefits for the individual. <br />
<br />
• Reduction in headcount for the company. <br />
<br />
• A company's expenses will exceed its revenues. <br />
<br />
• Hackers invading a network or application system. <br />
<br />
• PCI compliancy did not occur and the company is fined.<br />
<br />
<br />
== '''Examples:''' ==<br />
<br />
----<br />
<br />
'''A Company's Expenses Exceed Its Revenues''' <br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
'''Domino Impact'''<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
<br />
== '''Related Technical Impacts''' ==<br />
----<br />
<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
<br />
== '''References''' ==<br />
<br />
----<br />
<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32264Losing your money2008-06-24T13:53:14Z<p>Dcabra01: </p>
<hr />
<div>== '''Description:''' ==<br />
----<br />
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees. <br />
<br />
<br />
== '''Risk Factors:''' ==<br />
----<br />
<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
• Reduction in benefits for the individual. <br />
<br />
• Reduction in headcount for the company. <br />
<br />
• A company's expenses will exceed its revenues. <br />
<br />
• Hackers invading a network or application system. <br />
<br />
• PCI compliancy did not occur and the company is fined.<br />
<br />
<br />
== '''Examples:''' ==<br />
<br />
----<br />
<br />
'''A Company's Expenses Exceed Its Revenues''' <br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
'''Domino Impact'''<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
<br />
== '''Related Technical Impacts''' ==<br />
----<br />
<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
<br />
== '''References''' ==<br />
<br />
----<br />
<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32263Losing your money2008-06-24T13:51:18Z<p>Dcabra01: /* '''Description:''' */</p>
<hr />
<div>== '''Description:''' ==<br />
<br />
----<br />
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees. <br />
<br />
'''Risk Factors:''' <br />
<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
• Reduction in benefits for the individual. <br />
<br />
• Reduction in headcount for the company. <br />
<br />
• A company's expenses will exceed its revenues. <br />
<br />
• Hackers invading a network or application system. <br />
<br />
• PCI compliancy did not occur and the company is fined.<br />
<br />
'''Example:''' <br />
<br />
'''A Company's Expenses Exceed Its Revenues''' <br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
'''Domino Impact'''<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
'''Related Technical Impacts'''<br />
<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
'''References'''<br />
<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32262Losing your money2008-06-24T13:50:40Z<p>Dcabra01: </p>
<hr />
<div><br />
<br />
== '''Description:''' ==<br />
<br />
----<br />
<br />
<br />
<br />
<br />
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees. <br />
<br />
'''Risk Factors:''' <br />
<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
• Reduction in benefits for the individual. <br />
<br />
• Reduction in headcount for the company. <br />
<br />
• A company's expenses will exceed its revenues. <br />
<br />
• Hackers invading a network or application system. <br />
<br />
• PCI compliancy did not occur and the company is fined.<br />
<br />
'''Example:''' <br />
<br />
'''A Company's Expenses Exceed Its Revenues''' <br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
'''Domino Impact'''<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
'''Related Technical Impacts'''<br />
<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
'''References'''<br />
<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_sellable_products&diff=32211Losing sellable products2008-06-23T18:52:27Z<p>Dcabra01: </p>
<hr />
<div>'''Description:''' <br />
<br />
The business is not set up to effectively distribute, sell or maintain products for existing or new customers. Businesses basically fall into two categories: product providers and service providers. Product providers sell the products to the customers. Service providers maintain customer’s throughout the life-cycle. This means that special needs have to be made to take care of the customer so that they will continue to use your services. <br />
<br />
<br />
'''Risk Factors:''' <br />
<br />
• Irate customers. <br />
<br />
• Sellable equipment, services and/or features missing from applications .<br />
<br />
• Network and application failures frustrates both users and customers. <br />
<br />
• Profits decrease for the company. <br />
<br />
• Legal action occurs.<br />
<br />
• Fraudulent users unlawfully use customer data to send devices to an authorized location.<br />
<br />
<br />
'''Example:''' <br />
<br />
'''Decrease in Revenue'''<br />
<br />
A sales tool application is down for two hours which impacts users to sell products to customers. The Service Level Agreement (SLA) of the application is not met. Potential loss of revenue for those two hours is estimated at $200K. (Note: each application has its own SLA agreement pre-determined and an Application Business Impact Analysis (ABIA) survey determines the financial loss).<br />
<br />
'''Profits Sailing Down'''<br />
<br />
Saleable equipment is missing from an application. A customer wants to purchase one of the missing items and is not able to proceed with their order. The customer gets frustrated and the sale is lost.<br />
<br />
'''Related Technical Impacts'''<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
'''References'''<br />
<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_sellable_products&diff=32210Losing sellable products2008-06-23T18:51:49Z<p>Dcabra01: </p>
<hr />
<div>'''Description:''' <br />
<br />
The business is not set up to effectively distribute, sell or maintain products for existing or new customers. Businesses basically fall into two categories: product providers and service providers. Product providers sell the products to the customers. Service providers maintain customer’s throughout the life-cycle. This means that special needs have to be made to take care of the customer so that they will continue to use your services. <br />
<br />
'''<br />
Risk Factors:''' <br />
<br />
• Irate customers. <br />
<br />
• Sellable equipment, services and/or features missing from applications .<br />
<br />
• Network and application failures frustrates both users and customers. <br />
<br />
• Profits decrease for the company. <br />
<br />
• Legal action occurs.<br />
<br />
• Fraudulent users unlawfully use customer data to send devices to an authorized location.<br />
<br />
<br />
'''Example:''' <br />
<br />
'''<br />
Decrease in Revenue'''<br />
<br />
A sales tool application is down for two hours which impacts users to sell products to customers. The Service Level Agreement (SLA) of the application is not met. Potential loss of revenue for those two hours is estimated at $200K. (Note: each application has its own SLA agreement pre-determined and an Application Business Impact Analysis (ABIA) survey determines the financial loss).<br />
<br />
'''Profits Sailing Down'''<br />
<br />
Saleable equipment is missing from an application. A customer wants to purchase one of the missing items and is not able to proceed with their order. The customer gets frustrated and the sale is lost.<br />
<br />
'''Related Technical Impacts'''<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
'''References'''<br />
<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_sellable_products&diff=32209Losing sellable products2008-06-23T18:51:24Z<p>Dcabra01: </p>
<hr />
<div>'''Description:''' <br />
<br />
The business is not set up to effectively distribute, sell or maintain products for existing or new customers. Businesses basically fall into two categories: product providers and service providers. Product providers sell the products to the customers. Service providers maintain customer’s throughout the life-cycle. This means that special needs have to be made to take care of the customer so that they will continue to use your services. <br />
'''<br />
Risk Factors:''' <br />
<br />
• Irate customers. <br />
<br />
• Sellable equipment, services and/or features missing from applications .<br />
<br />
• Network and application failures frustrates both users and customers. <br />
<br />
• Profits decrease for the company. <br />
<br />
• Legal action occurs.<br />
<br />
• Fraudulent users unlawfully use customer data to send devices to an authorized location.<br />
<br />
<br />
'''Example:''' <br />
<br />
'''<br />
Decrease in Revenue'''<br />
<br />
A sales tool application is down for two hours which impacts users to sell products to customers. The Service Level Agreement (SLA) of the application is not met. Potential loss of revenue for those two hours is estimated at $200K. (Note: each application has its own SLA agreement pre-determined and an Application Business Impact Analysis (ABIA) survey determines the financial loss).<br />
<br />
'''Profits Sailing Down'''<br />
<br />
Saleable equipment is missing from an application. A customer wants to purchase one of the missing items and is not able to proceed with their order. The customer gets frustrated and the sale is lost.<br />
<br />
'''Related Technical Impacts'''<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
'''References'''<br />
<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_opportunity_to_make_money&diff=32208Losing opportunity to make money2008-06-23T18:47:28Z<p>Dcabra01: </p>
<hr />
<div>'''Description:''' <br />
<br />
We currently live in a society where a customer expects instant gratification. A system or network issue will impact the opportunity for the user to bring in money for the company therefore losing the opportunity to make money. A customer expects the company not to violate their personal information.<br />
<br />
'''Risk Factors:''' <br />
• Reduction in customer satisfaction <br />
• Potential loss of new customers <br />
• Alienation of existing customers <br />
• Company’s reputation is violated<br />
• Attackers violating applications<br />
• Fraudulent actions by users<br />
• Legal action against the company<br />
<br />
'''Example:''' <br />
<br />
'''Frustrated Customer'''<br />
<br />
A potential customer is shopping for a new wireless device and plan. If a system is experiencing issues, the customer becomes weary of the company and decides to hold off purchasing. This will result in losing the opportunity for the company to make money. <br />
<br />
'''Fraudulent Acts'''<br />
<br />
A user violates the company’s ethical stature and customer’s personal identification by using the customer’s personal information to purchase products and/or services. The customer realizes unauthorized purchases were made to their credit card. Legal action is taken against the company.<br />
<br />
'''Related Technical Impacts'''<br />
<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
'''References'''<br />
<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32207Losing your money2008-06-23T18:43:29Z<p>Dcabra01: </p>
<hr />
<div>'''Description:''' <br />
<br />
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees. <br />
<br />
'''Risk Factors:''' <br />
<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
• Reduction in benefits for the individual. <br />
<br />
• Reduction in headcount for the company. <br />
<br />
• A company's expenses will exceed its revenues. <br />
<br />
• Hackers invading a network or application system. <br />
<br />
• PCI compliancy did not occur and the company is fined.<br />
<br />
'''Example:''' <br />
<br />
'''A Company's Expenses Exceed Its Revenues''' <br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
'''Domino Impact'''<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
'''Related Technical Impacts'''<br />
<br />
- Loss of confidentiality<br />
<br />
- Loss of integrity<br />
<br />
- Loss of availability<br />
<br />
- Loss of accountability<br />
<br />
'''References'''<br />
<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_customer%E2%80%99s_money&diff=32206Losing customer’s money2008-06-23T18:42:00Z<p>Dcabra01: </p>
<hr />
<div>'''Description:'''<br />
<br />
Losing a customer’s money can occur by an attacker, to the network going down, to a customer incurring costs for a product or service which was never used or received.<br />
<br />
'''Risk Factors:''' <br />
<br />
• Unhappy customer <br />
<br />
• Disgruntle customers will leave <br />
• New and existing customers talk badly about their experiences to friends. <br />
<br />
• Company’s reputation is smudged <br />
<br />
• Legal action occurs <br />
<br />
• Threat to the network or an application<br />
<br />
• Invasion of customer’s privacy<br />
<br />
'''Example:''' <br />
<br />
'''Missing Equipment'''<br />
<br />
The application doesn’t reflect the correct status of the inventory and a customer purchases a device which is backordered. The customer becomes frustrated with the company when the item is not received. This customer talks to their colleagues about their experiences with your company. The company's reputation is smudged in the community. <br />
<br />
'''Hackers'''<br />
<br />
A hacker invades a network and finds its way through an application wall. Customer’s unencrypted credit card data was located within an application database. The data was opened and the credit card info was retrieved. The customer is now experiencing identity fraud. The customer now feels violated and doesn’t know how or why this occurred.<br />
<br />
<br />
'''Related Technical Impacts'''<br />
<br />
- Loss of confidentiality<br />
<br />
- Loss of accountability<br />
<br />
'''References'''<br />
<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf<br />
<br />
OWASP CLASP v1.2, http://www.lulu.com/items/volume_62/1401000/1401307/3/print/OWASP_CLASP_v1.2_for_print_LULU.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_customer%E2%80%99s_money&diff=32205Losing customer’s money2008-06-23T18:41:36Z<p>Dcabra01: </p>
<hr />
<div>'''Description:'''<br />
<br />
Losing a customer’s money can occur by an attacker, to the network going down, to a customer incurring costs for a product or service which was never used or received.<br />
<br />
'''Risk Factors:''' <br />
<br />
• Unhappy customer <br />
<br />
• Disgruntle customers will leave <br />
• New and existing customers talk badly about their experiences to friends. <br />
<br />
• Company’s reputation is smudged <br />
<br />
• Legal action occurs <br />
<br />
• Threat to the network or an application<br />
<br />
• Invasion of customer’s privacy<br />
<br />
'''Example:''' <br />
<br />
'''Missing Equipment'''<br />
<br />
The application doesn’t reflect the correct status of the inventory and a customer purchases a device which is backordered. The customer becomes frustrated with the company when the item is not received. This customer talks to their colleagues about their experiences with your company. The company's reputation is smudged in the community. <br />
<br />
'''Hackers'''<br />
<br />
A hacker invades a network and finds its way through an application wall. Customer’s unencrypted credit card data was located within an application database. The data was opened and the credit card info was retrieved. The customer is now experiencing identity fraud. The customer now feels violated and doesn’t know how or why this occurred.<br />
<br />
<br />
'''Related Technical Impacts'''<br />
<br />
- Loss of confidentiality<br />
- Loss of accountability<br />
<br />
'''References'''<br />
<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf<br />
<br />
OWASP CLASP v1.2, http://www.lulu.com/items/volume_62/1401000/1401307/3/print/OWASP_CLASP_v1.2_for_print_LULU.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_customer%E2%80%99s_money&diff=32204Losing customer’s money2008-06-23T18:40:31Z<p>Dcabra01: </p>
<hr />
<div>'''Description:'''<br />
<br />
Losing a customer’s money can occur by an attacker, to the network going down, to a customer incurring costs for a product or service which was never used or received.<br />
<br />
'''Risk Factors:''' <br />
<br />
• Unhappy customer <br />
<br />
• Disgruntle customers will leave <br />
• New and existing customers talk badly about their experiences to friends. <br />
<br />
• Company’s reputation is smudged <br />
<br />
• Legal action occurs <br />
<br />
• Threat to the network or an application<br />
<br />
• Invasion of customer’s privacy<br />
<br />
'''Example:''' <br />
<br />
'''Missing Equipment'''<br />
<br />
The application doesn’t reflect the correct status of the inventory and a customer purchases a device which is backordered. The customer becomes frustrated with the company when the item is not received. This customer talks to their colleagues about their experiences with your company. The company's reputation is smudged in the community. <br />
<br />
'''Hackers'''<br />
<br />
A hacker invades a network and finds its way through an application wall. Customer’s unencrypted credit card data was located within an application database. The data was opened and the credit card info was retrieved. The customer is now experiencing identity fraud. The customer now feels violated and doesn’t know how or why this occurred.<br />
<br />
<br />
'''Related Technical Impacts'''<br />
<br />
Loss of confidentiality <br />
Loss of accountability <br />
<br />
<br />
'''References'''<br />
<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf<br />
<br />
OWASP CLASP v1.2, http://www.lulu.com/items/volume_62/1401000/1401307/3/print/OWASP_CLASP_v1.2_for_print_LULU.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32203Losing your money2008-06-23T18:36:57Z<p>Dcabra01: </p>
<hr />
<div>'''Description:''' <br />
<br />
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees. <br />
<br />
'''Risk Factors:''' <br />
<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
• Reduction in benefits for the individual. <br />
<br />
• Reduction in headcount for the company. <br />
<br />
• A company's expenses will exceed its revenues. <br />
<br />
• Hackers invading a network or application system. <br />
<br />
• PCI compliancy did not occur and the company is fined.<br />
<br />
'''Example:''' <br />
<br />
'''A Company's Expenses Exceed Its Revenues''' <br />
<br />
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. <br />
<br />
'''Domino Impact'''<br />
<br />
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.<br />
<br />
<br />
'''Related Technical Impacts'''<br />
<br />
Loss of confidentiality <br />
<br />
Loss of integrity <br />
<br />
Loss of availability <br />
<br />
Loss of accountability <br />
<br />
'''References'''<br />
<br />
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_sellable_products&diff=32092Losing sellable products2008-06-20T16:18:51Z<p>Dcabra01: New page: '''Description:''' The business is not set up to effectively distribute, sell or maintain products for existing or new customers. Businesses basically fall into two categories: product p...</p>
<hr />
<div>'''Description:'''<br />
<br />
The business is not set up to effectively distribute, sell or maintain products for existing or new customers. Businesses basically fall into two categories: product providers and service providers. Product providers sell the products to the customers. Service providers maintain customer’s throughout the life-cycle. This means that special needs have to be made to take care of the customer so that they will continue to use your services.<br />
<br />
<br />
'''Risk Factors:'''<br />
<br />
• Irate customers<br />
<br />
• Equipment, services and/or features missing from applications frustrates users<br />
<br />
• Network and application failures upsets both users and customers<br />
<br />
• Profits decrease for the company.<br />
<br />
<br />
<br />
'''Example:''' <br />
A sales tool application is down for two hours which impacts users to sell products to customers. The Service Level Agreement (SLA) of the application is not met. Potential loss of revenue for those two hours is estimated at $200K. (Note: each application has its own SLA agreement pre-determined and an Application Business Impact Analysis (ABIA) survey determines the financial loss).</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_opportunity_to_make_money&diff=32091Losing opportunity to make money2008-06-20T16:12:36Z<p>Dcabra01: </p>
<hr />
<div>'''Description:''' We currently live in a society where a customer expects instant gratification. A system or network issue will impact the opportunity for the user to bring in money for the company therefore losing the opportunity to make money. <br />
<br />
Risk Factors:<br />
<br />
• Reduction in customer satisfaction<br />
<br />
• Potential loss of new customers<br />
<br />
• Alienation of existing customers<br />
<br />
Example:<br />
<br />
A potential customer is shopping for a new wireless device and plan. If a system is experiencing issues, the customer becomes weary of the company and decides to hold off purchasing. This will result in losing the opportunity for the company to make money.</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_opportunity_to_make_money&diff=32090Losing opportunity to make money2008-06-20T16:11:49Z<p>Dcabra01: New page: '''Description:''' We currently live in a society where a customer expects instant gratification. A system or network issues impact the opportunity for the user to bring in money for the...</p>
<hr />
<div>'''Description:''' We currently live in a society where a customer expects instant gratification. A system or network issues impact the opportunity for the user to bring in money for the company therefore losing the opportunity to make money. <br />
<br />
Risk Factors:<br />
<br />
• Reduction in customer satisfaction<br />
<br />
• Potential loss of new customers<br />
<br />
• Alienation of existing customers<br />
<br />
Example:<br />
<br />
A potential customer is shopping for a new wireless device and plan. If a system is experiencing issues, the customer becomes weary of the company and decides to hold off purchasing. This will result in losing the opportunity for the company to make money.</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_your_money&diff=32089Losing your money2008-06-20T15:52:57Z<p>Dcabra01: </p>
<hr />
<div>'''Description:'''<br />
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.<br />
<br />
<br />
'''Risk Factors:'''<br />
<br />
• The financial report is impacted when an application or network service level agreement is not met. <br />
<br />
• Reduction in benefits for the individual.<br />
<br />
• Reduction in headcount for the company.<br />
<br />
• A company's expenses will exceed its revenues. <br />
<br />
<br />
'''Example:''' <br />
A company's expenses exceed its revenues. The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses.</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_customer%E2%80%99s_money&diff=32087Losing customer’s money2008-06-20T15:47:04Z<p>Dcabra01: </p>
<hr />
<div>'''Description:'''<br />
A customer’s money loss would incur when a customer paid for a product or service which was never used or received. <br />
<br />
'''Risk Factors:'''<br />
<br />
• Unhappy customer<br />
<br />
• Disgruntle customers will leave<br />
<br />
• New and existing customers talk badly about their experiences to friends.<br />
<br />
• Company’s reputation is smudged<br />
<br />
• Legal action occurs<br />
<br />
<br />
'''Example:''' <br />
<br />
The application doesn’t reflect the correct status of the inventory and a customer purchases a device which is backordered. The customer becomes frustrated with the company when the item is not received. This customer talks to their colleagues about their experiences with your company. The company's reputation is smudged in the community.</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_customer%E2%80%99s_money&diff=32086Losing customer’s money2008-06-20T15:45:18Z<p>Dcabra01: </p>
<hr />
<div>'''Description:'''<br />
A customer’s money loss would incur when a customer paid for a product or service which was never used or received. <br />
<br />
'''Risk Factors:'''<br />
<br />
• Unhappy customer<br />
<br />
• Disgruntle customers will leave<br />
<br />
• New and existing customers talk badly about their experiences to friends.<br />
<br />
• Company’s reputation is smudged<br />
<br />
• Legal action occurs<br />
<br />
<br />
'''Example:''' <br />
<br />
The application doesn’t reflect the correct status of the inventory and a customer purchases a device which is backordered. The customer becomes frustrated with the company when the item is not received. This customer talks to their colleagues about their experiences with your company. The company’s financial profits are decreased.</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_customer%E2%80%99s_money&diff=32085Losing customer’s money2008-06-20T15:44:48Z<p>Dcabra01: </p>
<hr />
<div>'''Description:'''<br />
A customer’s money loss would incur when a customer paid for a product or service which was never used or received. <br />
<br />
'''Risk Factors:'''<br />
• Unhappy customer<br />
<br />
• Disgruntle customers will leave<br />
• New and existing customers talk badly about their experiences to friends.<br />
• Company’s reputation is smudged<br />
• Legal action occurs<br />
<br />
<br />
'''Example:''' <br />
<br />
The application doesn’t reflect the correct status of the inventory and a customer purchases a device which is backordered. The customer becomes frustrated with the company when the item is not received. This customer talks to their colleagues about their experiences with your company. The company’s financial profits are decreased.</div>Dcabra01https://wiki.owasp.org/index.php?title=Losing_customer%E2%80%99s_money&diff=32084Losing customer’s money2008-06-20T15:44:08Z<p>Dcabra01: New page: '''Description:''' A customer’s money loss would incur when a customer paid for a product or service which was never used or received. '''Risk Factors:''' • Unhappy customer • Disg...</p>
<hr />
<div>'''Description:'''<br />
A customer’s money loss would incur when a customer paid for a product or service which was never used or received. <br />
<br />
'''Risk Factors:'''<br />
• Unhappy customer<br />
• Disgruntle customers will leave<br />
• New and existing customers talk badly about their experiences to friends.<br />
• Company’s reputation is smudged<br />
• Legal action occurs<br />
<br />
<br />
'''Example:''' <br />
<br />
The application doesn’t reflect the correct status of the inventory and a customer purchases a device which is backordered. The customer becomes frustrated with the company when the item is not received. This customer talks to their colleagues about their experiences with your company. The company’s financial profits are decreased.</div>Dcabra01