Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Management
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Security Dashboard

from [Thornton Daniel R CONT NPRI] Network Security [Permanent Link]
Subject: RE: Security Dashboard
Date: Fri, 03 Mar 2006 10:48:21 -0500 
 All
    I think that our response should be procedural
  1.  Do your best to mitigate at the perimeter (firewall, etc)
  2.  Patch the infrastructure to the best of your ability
  3.  Perform forensic scans to determine where the holes are and address them 
as required.

Dan

A dashboard is a metaphor....in your car the speed limit says 55, however it's 
snowing like crazy.  The dashboard reports compliance with the regulation, but 
due to the snow you are at considerable risk

-----Original Message-----
From: Fred Cohen
To: jblackley@sysmatrix.net
Cc: security-management@securityfocus.com
Sent: 3/2/2006 9:33 PM
Subject: Re: Security Dashboard


On Mar 1, 2006, at 2:33 PM, jblackley@sysmatrix.net wrote:


Fred,

at the tail end of your last post on this subject, you closed with,  
"What am I missing."

Can you put your great experience to use and tell us what would be  
useful to measure and what would be helpful in interpreting risk  
data? (As opposed to only pointing out why the suggested items  
would not be helpful.)


I have tried to do this in a number of ways:

A talk on security metrics given at the CSI conference a few months  
ago - a copy of the slides are at all.net under "Recent Talks" ->  
Security Metrics talk at CSI on 2005-11-14

The architecture model (at all.net - "Architecture") which gives the  
top-down starting point for the model I think you should try to  
measure against.

The book "Security Metrics" (asp-press.com) that provides detailed  
metrics (200 pages + of them) and includes baseline values for  
startup, diligence, average, good, best programs in each of the areas.

The risk management issue is of only limited value in measurement of  
a program because program elements are not directed at specific items  
that induce risks but rather reduce risks across the board in  
different ways and places for each risk item. Again, you can read in  
more detail about this approach at all.net under "Protection Posture  
Assessments" and in the "Governance Guidebook" (asp-press).

I hope that these free and for fee resources will provide most of the  
answers you seek, but I would be happy to go into more detail here  
and there on list - at the risk of boring you all to tears.

FC
-- This communication is confidential to the parties it is intended  
to serve --
Security Posture            securityposture.com          tel/fax
University of New Haven               unhca.com        925-454-0171
Fred Cohen & Associates                 all.net      572 Leona Drive
ASP Press                         asp-press.com    Livermore, CA 94550
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Proximity of DR Sites & U.S. City Hazards, Packet Man
Next by Date:  Re: Proximity of DR Sites & U.S. City Hazards, Jonathan . Bloomquist
Previous by Thread:  Re: Security Dashboard, Fred Cohen
Next by Thread:  Re: Security Dashboard, Andrew Steingruebl
Indexes:  [Date] [Thread] [Top] [All Lists]