meditationatae

Just another WordPress.com site

news on cyber-security

So, I am subscribed to many security-bulletin vulnerability disclosure mailing lists.  I couldn’t even list them all.  The general assessment that cyber-threats (from any organization or disorganization, honest) are getting more and more sophisticated seems true to me.  I’ve already mentioned elsewhere the “malady” of releasing software products in time for Christmas, an Expo or whatever.  Given well-publicized attacks such as on Sony/Playstation (whatever), Stuxnet, DDoS attacks and other personal data compromise, plus armies of bots (zombie computers) rentable for attacks, the problems with outsider threats and insider threats continue to be very important.  At the perimeter of an organization, it’s always an excellent idea to deploy a DMZ with sophisticated firewall rules.  The principles are covered in Steve Bellovin’s celebrated book on Firewalls “… the Wiley Hacker”, now in 2nd edition (or higher) with co-author added.  Do firewalls protect against insider threats? That’s not so obvious.  Today at http://www.govexec.com/ , there was a brief article: “Five Strategies for Countering Cyber Threats” here

:http://www.govexec.com/reports/five-strategies-countering-cyber-threats/58981/

That is underwritten by DLT Solutions and Quest Software. Quest Software is now a part of Dell.  Quest has a two-factor “solution” based on  ChangeAuditor and InTrust.  I read a technical brief on the architecture.  I mentioned perimeter security with firewalls as covered in Bellovin’s book because securing the perimeter matters. The ChangeAuditor and InTrust solution seems targeted at making sense of audit reports and event reports in a heterogeneous environment with Windows, Unix, Linux applications and multiple users.  Their architectural diagram makes sense.  So here’s the web address:

http://www.quest.com/documents/the-power-of-two-changeauditor-and-intrust-technicalbrief-18881.pdf

I don’t know how secure the security system is.  But I think one has to consider flexibility (many possible solutions) because greater security comes generally at the expense of less user-friendliness; greater security can entail barring members from bringing their own personal compute devices to the organization to do “work” or work. This barring is the hardline stance.  Today, maybe in Network World or somewhere, they had an article on 10 New Facts about the IT Department that are the “New Reality”.   One was to co=copearte, guide (like a sherpa? Maybe not) towards using their own compute devices at work, and also making or renting their own “cloud storage” solutions …  Ok, I’ll just say that it depends on the co-workers, their technical sophistication and the rest. Would I recommend that for a Law Firm?  I’m not sure, but there I think the IT security should be more sherpa-minded (Follow me, less you fall down some crevice) than being a “facilitator”-type …

Now I’ll talk a bit about Common Criteria and Sofware Assurance.  Over at NSA in Mayland, they don’t all do surveillance and stuff … They’ve tried to liaise with organizations and security researchers, including the “hats”: white, black, blue, red, whatever … I think the reception has been rather cool.  They have an interesting video which I’ll link to below:

They call their division or program: “Information Assurance”.

   http://www.nsa.gov/ia/media_center/video/orlando2010/flash.shtml

It’s very interesting.  I think the principles are excellent.  The real question appears to me about establishing a trusting relationship with the vendor or vendors (including General Dynamics, mentioned in the video). But the underlying security principles appear to me to very well though-out …

Next time, I might talk about the Huawei “controversy”.

 

 

 

 

 

 

 

Advertisements

Written by meditationatae

December 5, 2012 at 5:21 am

Posted in History

One Response

Subscribe to comments with RSS.

  1. See additional info, link in next post …

    meditationatae

    December 5, 2012 at 6:03 am


Comments are closed.

%d bloggers like this: