The team at SecurityFocus has written a comprehensive piece on Proactively Managing Security Risk. They lay out the framework for a new approach to enterprise security at all levels:

‘The current approach to security is based on perimeter defense and relies on firewalls, intrusion detection systems, and intrusion prevention systems. These approaches depend on a priori information. However, the increasing speed at which new exploits and attacks are being devised mandates a new layer of security defense for enterprise IT infrastructures — a layer that provides consistent protection rather than perpetually lagging behind the morphing tricks of hackers. We propose such a new defense layer and a model that proactively manages server security risks and that co-exists with and complements the traditional security solutions.”

A proactive system would analyze corporate resources and do a risk assessment. Then, it would develop plans to protect those assets. The approach does not count on foreknowledge of attacks.

Highlights from the paper:

  • Add a proactive security layer to the existing layered approach (”defense-in-depth” approach)
  • Accept that not all risk can be eliminated ; rather, focus on minimizing the damage that can be done when security is breached
  • Operating costs can be reduced through planning
  • The proactive model (the “intrusion tolerance model”) provides risk assessment tools to every level of the security architecture
  • The proactive model does not replace the reactive one – they must co-exist

This is a very data-heavy paper, but it is quite interesting. Looking at the various graphs and tables, it is clear that this could lead to a more efficient and secure approach to security management. You can read the entire paper here.

Tags: , , ,

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • Digg
  • StumbleUpon
  • Technorati