Classification of Threat Model in the Information for Security Risk Assessment

Information is an important asset a business has always been in all organizations and institutions. Therefore, it must be protected against attacks. One of the objectives is to protect the security of information. One of the best ways to deal with security threats in the corporate world, using the company's security problems through a risk-based approach is achieved. We believe that the classification and assessment of new threats to enterprises will help to give an accurate assessment and true risks with respect to the new concepts of the reputation And to learn appropriate ways to deal with a variety of attacks and threats have the ability to recognize and deal with As well as our new classified assessment that helps organizations not only be able to understand better the risk assessment with regard to the comparison of new concepts and select the appropriate tasks but the way to do a risk assessment to be done correctly. In addition, this classification will help to better ways for future research in the growing field of security risks assessment done.

信息始终是所有组织与机构所拥有的核心资产。因此，必须对其实施防护，抵御各类攻击行为。保障信息安全是核心目标之一。在企业场景中应对安全威胁的最优路径之一，是通过基于风险的方法处理企业自身的安全问题。我们认为，对企业面临的新型威胁开展分类与评估，能够针对声誉相关的新兴概念实现精准的风险评估与研判，并掌握应对各类攻击与威胁的适宜方案，具备识别并处置此类风险的能力。此外，我们提出的新型分类评估方法，不仅可帮助机构更清晰地理解基于新兴概念对比的风险评估流程，进而选择适配的任务，还能指导正确开展风险评估工作。同时，该分类体系还可为安全风险评估这一不断发展的领域的后续研究提供更具价值的研究方向。