This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Losing your money"
(→'''Description:''') |
|||
| Line 1: | Line 1: | ||
== '''Description:''' == | == '''Description:''' == | ||
| − | |||
---- | ---- | ||
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees. | Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees. | ||
| − | '''Risk Factors:''' | + | |
| + | == '''Risk Factors:''' == | ||
| + | ---- | ||
• The financial report is impacted when an application or network service level agreement is not met. | • The financial report is impacted when an application or network service level agreement is not met. | ||
| Line 18: | Line 19: | ||
• PCI compliancy did not occur and the company is fined. | • PCI compliancy did not occur and the company is fined. | ||
| − | ''' | + | |
| + | == '''Examples:''' == | ||
| + | |||
| + | ---- | ||
'''A Company's Expenses Exceed Its Revenues''' | '''A Company's Expenses Exceed Its Revenues''' | ||
| Line 29: | Line 33: | ||
| − | '''Related Technical Impacts''' | + | |
| + | == '''Related Technical Impacts''' == | ||
| + | ---- | ||
- Loss of confidentiality | - Loss of confidentiality | ||
| Line 39: | Line 45: | ||
- Loss of accountability | - Loss of accountability | ||
| − | '''References''' | + | |
| + | == '''References''' == | ||
| + | |||
| + | ---- | ||
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf | OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf | ||
Revision as of 13:53, 24 June 2008
Description:
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.
Risk Factors:
• The financial report is impacted when an application or network service level agreement is not met.
• Reduction in benefits for the individual.
• Reduction in headcount for the company.
• A company's expenses will exceed its revenues.
• Hackers invading a network or application system.
• PCI compliancy did not occur and the company is fined.
Examples:
A Company's Expenses Exceed Its Revenues
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses.
Domino Impact
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.
Related Technical Impacts
- Loss of confidentiality
- Loss of integrity
- Loss of availability
- Loss of accountability
References
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf
