Catastrophic Risk Index
Internet Security Systems (ISS) has released its Catastrophic Risk Index (CRI), which the companies says is "a list of the most serious, high-risk vulnerabilities and attacks currently affecting computer networks."
July 1, 2003
Internet Security Systems (ISS) has released its Catastrophic Risk Index (CRI), which the companies says is "a list of the most serious, high-risk vulnerabilities and attacks currently affecting computer networks." ISS said for a vulnerability to be considered for inclusion in the CRI, it must meet several criteria: It must be pervasive to almost all organizations, across all industries; it must be a serious threat to confidentiality, integrity, and availability of crucial data; it must have the potential to cause catastrophic business system failure; and it must be highly susceptible to virus and worm creation.
The CRI is available online in PDF format at ISS' Web site and includes the risk name, a brief description, and the Common Vulnerability and Exposure (CVE) reference number. ISS hopes the CRI will help companies address the most serious risks on their networks first, before moving on to address less serious problems.
About the Author
You May Also Like