Difference between revisions of "Losing your money"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
{{Template:Business Impact}}
+
'''Description:'''
  
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
+
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.
  
==Description==
+
'''Risk Factors:'''
  
Any company as a whole is made up of individuals.  If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.
+
• The financial report is impacted when an application or network service level agreement is not met.  
  
==Risk Factors==
+
• Reduction in benefits for the individual.
  
* The financial report is impacted when an application or network service level agreement is not met.
+
• Reduction in headcount for the company.  
  
* Reduction in benefits for the individual.
+
• A company's expenses will exceed its revenues.  
  
* Reduction in headcount for the company.
+
• Hackers invading a network or application system.  
  
* A company's expenses will exceed its revenues.  
+
• PCI compliancy did not occur and the company is fined.
  
==Examples==
+
'''Example:'''
  
===Short example name===
+
'''A Company's Expenses Exceed Its Revenues'''
  
A company's expenses exceed its revenues.  The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses.
+
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses.  
  
 +
'''Domino Impact'''
  
===Short example name===
+
A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market.  The customer files a lawsuit against the company.  The company files bankruptcy.
: A short example description, small picture, or sample code with [http://www.site.com links]
+
  
  
==Related [[Technical Impacts]]==
+
'''Related Technical Impacts'''
  
* [[Technical Impact 1]]
+
Loss of confidentiality
* [[Technical Impact 2]]
+
  
 +
Loss of integrity
  
==References==
+
Loss of availability
  
* http://www.link1.com
+
Loss of accountability
* [http://www.link2.com Title for the link2]
+
  
[[Category:Financial damage]]
+
'''References'''
  
__NOTOC__
+
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf

Revision as of 13:36, 23 June 2008

Description:

Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.

Risk Factors:

• The financial report is impacted when an application or network service level agreement is not met.

• Reduction in benefits for the individual.

• Reduction in headcount for the company.

• A company's expenses will exceed its revenues.

• Hackers invading a network or application system.

• PCI compliancy did not occur and the company is fined.

Example:

A Company's Expenses Exceed Its Revenues

The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses.

Domino Impact

A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.


Related Technical Impacts

	Loss of confidentiality 
	Loss of integrity 
	Loss of availability 
	Loss of accountability 

References

OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf