QOTD - InfoSec Threats, Predators, and Fruit Trees

Bill Lamoreaux, a member of the Security Metrics mailing list, wrote the following in reply to a posting about what infosec managers should do in the face of ever changing threat environments:
Infosec managers are more like vegetation on the savanna. If you're a tall tree with juicy fruit, you're going to have different predators (attackers) than if you're grass on ground. You're going to deal with common threats (fire, flood, etc) no matter what type of vegetation you are, but knowing who your primary predator(s) are, will go a long way in assisting with defending yourself against targeted attacks. Using the fruit tree example, having spines on your branches and making sure they're of a minimum length (compliance) to keep most of the giraffe at bay, will assist you in keeping more fruit on the branches and less in the your predator's stomach. If you're not assessing who your primary predators are (along with their skills, motives, objectives, etc) and what you need to defend, you're shooting in the dark and might as well grasp at the straws of compliance until you get some proper defenses up

Logging, measuring and digesting information is vital to the evolution of our security approaches. It's allows us to answer the Ed Koch catchphrase "How'm I doing?". If you don't know how you're getting attacked (and how effective you are against those attacks), you can't change your defense strategy (or worse, your defense philosophy).
[posted with permission of the original author]

No comments: