This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Losing your money

From OWASP
Revision as of 13:56, 24 June 2008 by Dcabra01 (talk | contribs) ('''Description:''')

Jump to: navigation, search

Description:


Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.

Risk Factors:


• The financial report is impacted when an application or network service level agreement is not met.

• Reduction in benefits for the individual.

• Reduction in headcount for the company.

• A company's expenses will exceed its revenues.

• Hackers invading a network or application system.

• PCI compliancy did not occur and the company is fined.


Examples:


A Company's Expenses Exceed Its Revenues

The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses.

Domino Impact

A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.


Related Technical Impacts


- Loss of confidentiality

- Loss of integrity

- Loss of availability

- Loss of accountability


References


OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf