This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Losing your money"
| (11 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
| − | + | {{Template:Business Impact}} | |
| + | Last revision (MM/DD/YY): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}''' | ||
| + | |||
| + | ==Description== | ||
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees. | Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees. | ||
| − | == | + | ==Risk Factors== |
| − | + | * The financial report is impacted when an application or network service level agreement is not met | |
| − | |||
| − | + | * Reduction in benefits for the individual | |
| − | + | * Reduction in headcount for the company | |
| − | + | * A company's expenses will exceed its revenues | |
| − | + | * Hackers invading a network or application system | |
| − | + | * PCI compliancy did not occur and the company is fined | |
| − | == | + | ==Examples== |
| − | + | ===A Company's Expenses Exceed Its Revenues=== | |
| − | |||
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. | The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses. | ||
| − | + | ===Domino Impact=== | |
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy. | A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy. | ||
| + | ==Related Technical Impacts== | ||
| + | |||
| + | * Loss of confidentiality | ||
| − | + | * Loss of integrity | |
| − | |||
| − | |||
| − | + | * Loss of availability | |
| − | + | * Loss of accountability | |
| − | |||
| + | ==References== | ||
| + | * [http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf OWASP Top 10 - Ruby on Rails version] | ||
| − | + | [[Category:Financial damage]] | |
| − | |||
| − | |||
Latest revision as of 18:44, 24 June 2008
This is a Business Impact. To view all business impact, please see the Business Impact page.
Last revision (MM/DD/YY): 06/24/2008
Description
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.
Risk Factors
- The financial report is impacted when an application or network service level agreement is not met
- Reduction in benefits for the individual
- Reduction in headcount for the company
- A company's expenses will exceed its revenues
- Hackers invading a network or application system
- PCI compliancy did not occur and the company is fined
Examples
A Company's Expenses Exceed Its Revenues
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses.
Domino Impact
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.
Related Technical Impacts
- Loss of confidentiality
- Loss of integrity
- Loss of availability
- Loss of accountability
