The future of computer threat response

Posted on August 23, 2012 by Jim Cheetham

Dan Geer is a voice in the IT Security world that should be listened to, and he has co-authored a short but intense article in the IEEE S&P Cleartext column that addresses the reality of the rapidly-changing threats that we all face.

“Stand Your Ground” has a few key messages, which I’ll try to summarise :-

Minimise the number of targets; stop adding new services without effective defences, remove old services. Use the savings to fund better security for what remains.
Distrust the internal network; distrust any service that is not continually verified. Defend against outbound traffic as well as inbound traffic.
Do not assume perfection is possible; plan for failure modes that reduce services sensibly. Reduce the time-to-repair with automation instead of extending the mean-time-between-failure.

For more reading and a less technical take on these ideas, here’s another article about Dan’s thoughts from Ben Tomhave, a GRC (Governance, Risk & Compliance) consultant.

This entry was posted in Education, Guidelines, Incident Response, Policies/Legal by Jim Cheetham. Bookmark the permalink.

Comments are closed.

Any views or opinion represented in this site belong solely to the authors and do not necessarily represent those of the University of Otago. Any view or opinion represented in the comments are personal and are those of the respective commentator/contributor to this site.

IT Assurance and Cyber Security

Categories

Pages

Meta