|
Dimensions | Associated activities |
|
A1: Identification and access management | A1.1: Loss of secret keys |
A1.2: Cryptanalysis of a ciphered signal |
A1.3: Secret password divulged to any other user |
A1.4: Intentional access to network services, for example, proxy servers |
A1.5: Spoofing: impersonation of a legitimate user |
|
A2: Device and application registration | A2.1: Facility problems |
A2.2: Failure of encryption equipment |
A2.3: Unauthorized use of secure equipment |
A2.4: Ineffective infrastructure investment |
A2.5: Failure of application server |
|
A3: Infrastructure management | A3.1: Cabling problems |
A3.2: Failure of radio platform transmission |
A3.3: Failure of cipher audio (telephone) and video |
A3.4: Failure of sensor networks |
A3.5: Failure of potential of energy |
A3.6: Unauthorized readout of data stored on a remote LAN |
|
A4: Data governance | A4.1: Failure of interpretation and analysis of data |
A4.2: Failure of audit review of implemented policies and information security |
A4.3: Failure to maximize new business value |
A4.4: Failure of real-time demand forecasts |
|