RE: CRIME Security Justification

From: Kuo, Jimmy (Jimmy_Kuo@private)
Date: Wed Aug 14 2002 - 12:37:36 PDT

Next message: Jordan Gackowski: "CRIME JRE Consulting?"

Previous message: Steve Kirby: "CRIME Reply to Justifications discussion"
Maybe in reply to: Jere Retzer: "CRIME Security Justification"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Those are excellent questions.  But the answer must include, "How much did
it cost 'them'?", who did go down.  For this, you need contacts of others in
your similar situation, such as this group.  And out of however many you
know, how many of those others were affected?  To gauge the probability of
you being hit.
 
Basically, your guesses won't work as justification.  You need hard data.
 
And if you are already running security software, you must be able to
quantify its effect.  This is why we and so many others are spending the
effort to produce all these nice graphs and correlated data, to make it
easier for you to prove to your boss why it was important to have our
software.
 
The thing about the security business is that the best result is when no one
notices anything.  But if no one notices anything, were you actually doing
anything?  When I asked recently about which viruses you caught, I got a
small number of replies.  Perhaps, many of you had that information and
didn't feel comfortable sharing it with me.  That is what I hope.  Because
if you can't produce that information for your boss, you'll soon be out of a
budget.
 
Jimmy

-----Original Message-----
From: Jere Retzer [mailto:retzerj@private]
Sent: Wednesday, August 14, 2002 8:25 AM
To: crime@private
Subject: CRIME Security Justification



Seth made some excellent points in his post. Attacks are more or less random
so I would not count on protection from a low profile. Some questions to ask
yourself:
 
- What would it cost us if our network were down for a day? A week? 
- What would it cost us to lose our Internet access for the same time
frames?
- What would it cost us if we lost our e-mail access for these time frames?
- Do we have any critical information on any of our computers that are
connected to the network that we cannot afford to lose, have exploited or
changed, or publicized?
- What would be the damage to our reputation if our systems were found to be
a breeding ground or launching point for attacks on others?
 
Then tailor your security accordingly
 
I personally believe that even home users who have 'always on' service like
DSL or cable modems should have at least a rudimentary firewall, virus
protection and backup their data off line

Next message: Jordan Gackowski: "CRIME JRE Consulting?"
Previous message: Steve Kirby: "CRIME Reply to Justifications discussion"
Maybe in reply to: Jere Retzer: "CRIME Security Justification"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Aug 14 2002 - 13:20:33 PDT