|
| Dimensions | Associated activities |
|
| A1: Identification and access management | A1.1: Loss of secret keys |
| A1.2: Cryptanalysis of a ciphered signal |
| A1.3: Secret password divulged to any other user |
| A1.4: Intentional access to network services, for example, proxy servers |
| A1.5: Spoofing: impersonation of a legitimate user |
|
| A2: Device and application registration | A2.1: Facility problems |
| A2.2: Failure of encryption equipment |
| A2.3: Unauthorized use of secure equipment |
| A2.4: Ineffective infrastructure investment |
| A2.5: Failure of application server |
|
| A3: Infrastructure management | A3.1: Cabling problems |
| A3.2: Failure of radio platform transmission |
| A3.3: Failure of cipher audio (telephone) and video |
| A3.4: Failure of sensor networks |
| A3.5: Failure of potential of energy |
| A3.6: Unauthorized readout of data stored on a remote LAN |
|
| A4: Data governance | A4.1: Failure of interpretation and analysis of data |
| A4.2: Failure of audit review of implemented policies and information security |
| A4.3: Failure to maximize new business value |
| A4.4: Failure of real-time demand forecasts |
|
