What is ARBIL?
Asset and Risk Based INFOSEC lifecycle.
To implement a comprehensive security plan in I.T. and strategies for risk management.
What is CIA?
Confidentiality, Integrity, and Availability
Confidentiality- making sure your data is available to only those allowed.
Integrity- making sure your data has not been altered in any way. Think bank transactions or chemical formulas.
Availability- making sure your data is available. Hackers often use denial of services attacks to bring down your servers or networks by overloading them with packets.
Hackers use attack trees to determine every possible entrance into your networks. This can be through modems connected to your network, routers, switches, and application vulnerabilities, almost anything connected to your internet.
Make it difficult to determine your OS, which hackers use for Banner Grabbing. This is a simple fix that many systems administrators leave.
Change your banner to display a security warning.
Many people have difficulty understanding security processes alone implementing solutions.
What is SMIRA? Simple methodology for INFOSEC based risk assessment.
Risk management is the practice and process of identifying threats and vulnerabilities to assets. This helps making the correct decisions to implement the necessary safeguards to help your organization carry out its mission.
Organizations should look at threats, vulnerabilities, assets and safeguards.
Risk Assessment
The goal is to have a list of your critical assets. Critical in understanding mission, objectives and operations and what if scenarios.
Then to implement safeguards to protect those assets.
Vulnerability Assessment
This is when you look for vulnerabilities in existing applications and determine there severity. The vulnerabilities will be rated. This includes physical security, web application reviews, policy and procedure reviews, host assessments and OS reviews, and vulnerability scans.
Threat Assessment
This is the process, of identifying existing and potential threats to assets and environments. This will also be based on severity.Where can threats come from? Disgruntled employees, script kiddies, hackers, crackers, foreign governments, and your competition. You can look for threat indicators in your server, logs, CCTV, intrusion detection systems like SNORT. http://www.snort.org
What can threats cause?
Loss of business
Death
Financial loss
Corruption of data.
Inability to work, servers down or running slowly.
Confidentiality issues.
What are assets?
User IT Operations
Staff
Connectivity
Documentation
Security Systems
Third parties
Paper
Files
Media, like disk, CD