Difference between revisions of "Carelessness"

From OWASP
Jump to: navigation, search
 
(6 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 +
<br>
 +
[[Category:OWASP ASDR Project]]
 +
 +
 
== Description ==
 
== Description ==
Carelessness or Negligence is lack of concern about the consequences of an action. The negligence may be a foreseeable action or a unintentionally, but in the both cases a person can be held responsible for any consequences of such negligence. Only humans can be negligence and this can cause damage to an organization's business systems, facilities, or personnel.
+
Carelessness or Negligence is lack of concern about the consequences of an action. The negligence may be foreseeable or a unintentional, but in both cases a person can be held responsible for any consequences of such negligence. Only humans can be negligent and this can cause damage to an organization's business systems, facilities, or personnel.
  
 
== Risk Factors ==
 
== Risk Factors ==
TBD
+
* A dissatisfied employee can stop making updates in a server, leaving it vulnerable to attacks.
  
 
== Examples ==
 
== Examples ==
* Don't apply a patch to a known critical issue.
+
=== Conscious ===
* Send a confidential e-mail to a wrong person.
+
: Don't apply a patch to a known critical issue.
 +
=== Unintentionally ===
 +
: Send a confidential e-mail to a wrong person.
  
 
==Related [[Attacks]]==
 
==Related [[Attacks]]==
Line 17: Line 23:
 
== References ==
 
== References ==
 
* [http://en.wikipedia.org/wiki/Carelessness Wikipedia]
 
* [http://en.wikipedia.org/wiki/Carelessness Wikipedia]
 +
 +
[[Category: Threat Agent]]

Latest revision as of 18:51, 7 April 2009



Contents

Description

Carelessness or Negligence is lack of concern about the consequences of an action. The negligence may be foreseeable or a unintentional, but in both cases a person can be held responsible for any consequences of such negligence. Only humans can be negligent and this can cause damage to an organization's business systems, facilities, or personnel.

Risk Factors

  • A dissatisfied employee can stop making updates in a server, leaving it vulnerable to attacks.

Examples

Conscious

Don't apply a patch to a known critical issue.

Unintentionally

Send a confidential e-mail to a wrong person.

Related Attacks

TBD

Related Vulnerabilities

TBD

References