COUNTERMEASURES
last updated 2006 June 07
 
. This page used in the following courses taught by Prof. Richardson
.
BIT 801
.
 
Secrets & Lies: Digital Security in a Networked  World
Schneier talking about the "relationship between prevention, detection and reaction.

"Good security encompasses all three"

  • prevention - facilities and systems to prevent people getting in and taking information
  • detection - to find out if anybody has gotten in, and compromised important information or processes
  • reaction - to allow the "bad guys" to be identified and their activity stopped.
.
Schneier points out widely that "digital security tends to reply wholly on prevention: cryptography, firewalls and so forth. There's generally no detection, and there's almost never any response or auditing"
 
KEY
POINTS
Schneier's statement about the relationship between prevention, detection and reaction is very important. The reason it is important is that most companies are focusing on e-commerce security by spending money to develop firewalls, filtering etc. - but if someone is successful in getting past that - very few organizations will know about it.

This is like putting steel bars on your patio sliding doors hoping your house will not be broken into - but not knowing whether or not someone has snuck in through a basement window.

Security doesn't work - if you cannot determine if it is working !!!

Countermeasure are what you do, once you discover precisely how you have been negatively effected by a threat.

.

.
witiger.com
  CONTACT I MAIN PAGE I NEWS GALLERY I E-BIZ SHORTCUTS I INT'L BIZ SHORTCUTS I MKTG&BUSINESS SHORTCUTS I TEACHING SCHEDULE
.
  MISTAKES ITEXTS USED I IMAGES I RANK IDISCLAIMER I STUDENT CONTRIBUTORS I FORMER STUDENTS I
.
.