Thursday, June 30, 2005

Securing the CIRT: Walk the talk


NETWORK WORLD NEWSLETTER: M. E. KABAY ON SECURITY
06/30/05
Today's focus: Securing the CIRT: Walk the talk

Dear security.world@gmail.com,

In this issue:

* Practice the security you preach
* Links related to Security
* Featured reader resource
_______________________________________________________________
This newsletter is sponsored by VeriSign
VeriSign Releases Security Briefing

The latest VeriSign Internet Security Intelligence Briefing
reports on the latest trends in network attacks, online fraud,
and general Internet usage, analyzing data gathered from January
to April 2005. The briefing covers the latest intelligence on
phishing and pharming attacks, identity theft, and the growth of
bot networks.
http://www.fattail.com/redir/redirect.asp?CID=106235
_______________________________________________________________
FREE NETWORK WORLD PRINT SUBSCRIPTIONS FOR NEWSLETTER
SUBSCRIBERS

Security is one of the most pressing issues in all of IT, and
you need to stay on top of it. Network World delivers the
hottest security news. Network IT Executives depend upon Network
World for the information they need to keep their networks
secure! Subscribe today at
http://www.fattail.com/redir/redirect.asp?CID=107304
_______________________________________________________________

Today's focus: Securing the CIRT: Walk the talk

By M. E. Kabay

For many months, I have been dipping into the Department of
Defense CD-ROM called "Introduction to Computer Incident
Response Team (CIRT) Management" in my series on CIRTs. This
week I want to expand on a theme presented late in that course:
the importance of securing the CIRT and more broadly, of using
our own advice.

The course narrator very properly notes:

"Once the CIRT becomes known, it will be an attractive target
for intruder attacks. A security breach at your CIRT site can be
devastating to your reputation and have repercussions for the
commands you support; in terms of security procedures, practice
what you preach. You will need to provide solid physical, host,
and network security in addition to appropriate staff training."

He continues:

"A compromise of any data related to incidents can have legal
repercussions as well as financial and credibility consequences.
What types of data need to be secured? Incident reports,
electronic mail, vulnerability reports, and even briefing notes
and slides."

More generally, all security personnel should be scrupulous in
respecting security regulations and best practices.

I was just chatting before I wrote this piece with some security
officers at a large corporation who were doing a due-diligence
interview with me before approving enrollment for one of their
employees in our graduate program. The questions centered around
the confidentiality of company-specific information in the case
study reports that the student would submit for grading during
the 18-month program.

I explained that no student is expected to reveal his or her
employer's name or even location; that students use an internal
e-mail address defined by our teaching platform and used on our
access-controlled extranet; and finally that all of our
instructors are themselves security professionals. I said that
it is a matter of course for security professionals to be under
nondisclosure whether a contract is signed or not - at least, to
maintain a professional reputation. We all agreed that working
in security eventually affects our behavior in a reflex way; we
laughed that it's almost impossible not to look away when
someone enters a password on a keyboard.

Another example of practicing what we preach is backups. For a
security professional to lose data because of a lack of backups
would be intensely embarrassing.

I constantly urge my students to do backups of their schoolwork
so that they never have to repeat what they have already done in
case of a disk failure or a human error. Personally, I can
demonstrate that I do a differential backup every day, clone my
main computer's disk to my laptop at least once a week (actually
daily when I'm teaching undergraduate courses) and create a full
backup to DVDs once a month. I've only had a few occasions over
these last decades when I needed those backups, but the minor
effort involved was more than repaid by the ease of recovery and
by the ability to look someone straight in the eye when telling
them how to protect their data.

We have to walk what we talk.

RELATED EDITORIAL LINKS

For a PDF flier with descriptions of free DoD IA training products
http://iase.disa.mil/eta/ProductDes.pdf

To order free DoD IA training products
http://tinyurl.com/dknn

Start-up debuts with an all-in-one security platform
Network World, 06/27/05
http://www.networkworld.com/news/2005/062705-netd.html?rl

Test: Keeping your endpoints in line
Network World, 06/27/05
http://www.networkworld.com/nlsec2944
_______________________________________________________________
To contact: M. E. Kabay

M. E. Kabay, Ph.D., CISSP, is Associate Professor in the
Division of Business and Management at Norwich University in
Northfield, Vt. Mich can be reached by e-mail
<mailto:mkabay@norwich.edu> and his Web site
<http://www2.norwich.edu/mkabay/index.htm>.

A Master's degree in the management of information assurance in
18 months of study online from a real university - see
<http://www.msia.norwich.edu/>
_______________________________________________________________
This newsletter is sponsored by VeriSign
VeriSign Releases Security Briefing

The latest VeriSign Internet Security Intelligence Briefing
reports on the latest trends in network attacks, online fraud,
and general Internet usage, analyzing data gathered from January
to April 2005. The briefing covers the latest intelligence on
phishing and pharming attacks, identity theft, and the growth of
bot networks.
http://www.fattail.com/redir/redirect.asp?CID=106234
_______________________________________________________________
ARCHIVE LINKS

Archive of the Security newsletter:
http://www.networkworld.com/newsletters/sec/index.html

Security Research Center:
http://www.networkworld.com/topics/security.html

Instant sign-up for Security News Alert:
http://www.networkworld.com/isusecna

Instant sign-up for Virus & Bug Patch Alert:
http://www.networkworld.com/isubug
_______________________________________________________________
FEATURED READER RESOURCE
FOCUS ON RECOVERY

IT professionals are changing the way they back up and recover
data, experts say, with new emphasis on the speedier fetching of
data made possible by advancing technologies. At a recent
storage conference in Orlando, disk-based backup solutions were
touted - find out if attendees agreed and if faster storage
solutions will soon be available. Click here:
<http://www.networkworld.com/news/2005/062005-data-recovery.html>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2

International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>

To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>

Subscription questions? Contact Customer Service by replying to
this message.

This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>

Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772

For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>

Copyright Network World, Inc., 2005

No comments:

Post a Comment