[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

re: Off Topic: Upper Management decision making

Yes, it is certainly true that you must prove that the cost of recovering a 
compromised network is TREMENDOUS, to your upper management.  The only 
problems that we face
with network security is that there is no sound way to quantify what measures 
to protect a network will succeed.  Be careful when you present to your upper 
management the
suggestion that spending 40k, will save 100k in the future.

Any network security specialist knows that no matter what measures are taken 
to protect their network, they must cover every possible hole/exploit where 
an attacker need
only find one.  With the complexity of computer systems, it is nearly 
impossible to do this, and this should be made well known to management.  You 
must remember that it is
difficult to detect new attacks, since most of these are not incorporated 
into IDS's, Firewalls, etc.  In the end, the potential still exists that you 
may spend xx $$ on
security measures and still have your network compromised by an attacker 
costing an additional sum of money.  The key to point out to management would 
be that the potential
is significantly reduced, but who knows how to quantify this into a tangible 
metric.  Luckily network security has been given much attention (PPD 63, 
Clinton's CIP, DDOS
attacks, etc.).  Thus you have some "scare tactics" to bring to bat when this 
is important.

Not to ramble further, but it is sad to point out that an overwhelming 
majority of attacks are generated on the inside.  It is here that Firewalls, 
Proxies, and general
measures usually fail completely, and these insiders may even have the 
passwords to your security gear.  I would make this known to management too, 
just don't make it look
so hopeless where management would come to the realization that it may cost 
too much, and that the risk may be worthwhile.

Geoff Gates
Network Engineer
Lockheed Martin, NE&SS

-
[To unsubscribe, send mail to majordomo@lists.gnac.net with
"unsubscribe firewalls" in the body of the message.]