Direct, Personnel
2 4 6 8 10 12 14 16 18 20
Dollars
Figure 16.1 Blackmail - SLE's
Budget Loss - AFE: 0.50
The various incident classes associated with this threat are shown in the following table:
-
Incident Class
SLE
ALE
% of total ALE
Disclosure, Databases
Figure 13.2
$25,000.
$12,500.
100.0%
Disclosure,
Databases
1 2 3 4 5 6 7 8 9 10 11 12 (x 1,000)
Dollars
Figure 14.2 Budget Loss - ALE's
Disclosure,
Databases
25 50 75 100 125 150 175 200 225 250 (x 100)
Dollars
Figure 16.2 Budget Loss - SLE's
Cold/Frost/Snow - AFE: 5.00
The various incident classes associated with this threat are shown in the following table:
-
Incident Class
SLE
ALE
% of total ALE
Disclosure, Databases
Figure 13.3
$12,500.
$62,500.
100.0%
Disclosure,
Databases
5 10 15 20 25 30 35 40 45 50 55 60 (x 1,000)
Dollars
Figure 14.3 Cold/Frost/Snow - ALE's
Disclosure,
Databases
1 2 3 4 5 6 7 8 9 10 11 12 (x 1,000)
Dollars
Figure 16.3 Cold/Frost/Snow - SLE's
Data Destruction - AFE: 20.00
The various incident classes associated with this threat are shown in the following table:
-
Incident Class
SLE
ALE
% of total ALE
Disclosure, Databases
$250,000.
$5,000,000.
98.9%
Direct Loss, Databases
Figure 13.4
$2,751.
$55,027.
1.1%
Disclosure,
Databases
5 10 15 20 25 30 35 40 45 50 (x 100,000)
Dollars
Direct,
Dat
abases
5 10 15 20 25 30 35 40 45 50 55 (x1 ,000)
Dollars
Figure 14.4 Data Destruction - ALE's
Direct,
Dat
abases
(1.1%)
Disclosure, Databases (98.9%)
Figure 15.4 Data Destruction - ALE's
Disclosure,
Databases
25 50 75 100 125 150 175 200 225 250 (x 1,000)
Dollars
Direct,
Dat
abases
25 50 75 100 125 150 175 200 225 250 275 (x 10 )
Dollars
Figure 16.4 Data Destruction - SLE's
Data Disclosure - AFE: 3.00
The various incident classes associated with this threat are shown in the following table:
-
Incident Class
SLE
ALE
% of total ALE
Disclosure, Databases
Figure 13.5
$1,938.
$5,813.
100.0%
Disclosure,
Databases
5 10 15 20 25 30 35 40 45 50 55 (x 100 )
Dollars
Figure 14.5 Data Disclosure - ALE's
Disclosure,
Databases
25 50 75 100 125 150 175 (x 10 )
Dollars
Figure 16.5 Data Disclosure - SLE's
Data Integrity Loss - AFE: 3.00
The various incident classes associated with this threat are shown in the following table:
-
Incident Class
SLE
ALE
% of total ALE
Direct Loss, Accounts Receivable
$5,526.
$16,576.
27.8%
Direct Loss, Applications
$5,507.
$16,523.
27.7%
Disclosure, Personnel
$4,500.
$13,500.
22.7%
Direct Loss, Communications Software
$2,723.
$8,171.
13.7%
Direct Loss, System Software
$817.
$2,451.
4.1%
Direct Loss, Databases
$640.
$1,921.
3.2%
Direct Loss, Accounts Payable
$147.
$443.
0.7%
Disclosure, Databases
Figure 13.6
$0.
$0.
0.0%
Direct,
Accts Rec
Direct, Applicatns
Disclosure,
Personnel
Direct,
Comms S/W
Direct, System S/W
Direct, Dat
abases
25 50 75 100 125 150 (x 100)
Dollars
Direct,
Accts
Pay
5 10 15 20 25 30 35 40 (x10)
Dollars
Figure 14.6 Data Integrity Loss - ALE's
4
Ot
hers
(8.1%)
Direct, Accts Rec (27.8%) Direct, Comms S/W (13.7%)
Disclosure, Personnel (22.7%)
Direct, Applicatns (27.7%)
Figure 15.6 Data Integrity Loss - ALE's
Direct,
Accts Rec
Direct, Applicatns
Disclosure,
Personnel
Direct,
Comms S/W
Direct, System S/W
Direct, Dat abases
Direct, Accts
Pay
5 10 15 20 25 30 35 40 45 50 55 (x 100)
Dollars
Figure 16.6 Data Integrity Loss - SLE's
Flooding/Water Damage - AFE: 0.01
The various incident classes associated with this threat are shown in the following table: Incident Class SLE ALE % of total ALE
Direct Loss, Communications Hardware $10,001. $100. 93.5%
-
Direct Loss, Office Equipment
$625.
$6.
5.8%
Disclosure, Databases
Figure 13.7
$250.
$3.
2.3%
Direct,
Comms H/W
1 2 3 4 5 6 7 8 9 10 (x10)
Dollars
Direct,
Off Equip
Disclosure,
Databases
1 2 3 4 5 6
Dollars
Figure 14.7 Flooding/Water Damage - ALE's
Disclosure,
Databases
(2.8%)
Direct,
Off
Equip
(5.5%)
Direct, Comms H/W (91.7%)
Figure 15.7 Flooding/Water Damage - ALE's
Direct,
Comms
H/W
1 2 3 4 5 6 7 8 9 10 (x1 ,000)
Dollars
Direct,
Off Equip
Disclosure,
Databases
5 10 15 20 25 30 35 40 45 50 55 60 (x 10)
Dollars
Figure 16.7 Flooding/Water Damage - SLE's
Hardware Failure - AFE: 70.00
The various incident classes associated with this threat are shown in the following table: Incident Class SLE ALE % of total ALE
Direct Loss, Hardware $375,000. $26,250,000. 100.0% Disclosure, Databases $0. $0. 0.0%
Figure 13.8
Direct,
Hardware
25 50 75 100 125 150 175 200 225 250 (x 100,000)
Dollars
Figure 14.8 Hardware Failure - ALE's
Direct,
Hardware
5 10 15 20 25 30 35 (x10,000)
Dollars
Figure 16.8 Hardware Failure - SLE's
Pirating Key Personnel - AFE: 1.00
The various incident classes associated with this threat are shown in the following table: There are no incidents associated with this threat.
The section below looks at each safeguard and indicates, for each threat, the ALE before and after the safeguard is implemented. The overall ALE for a threat is the sum of the ALEs for each of the associated incidents. The percentage by which the ALE is reduced by the safeguard is also indicated.
The next section contains a table indicating, for each safeguard, the ALE before (Original ALE) and after the safeguard is implemented.