<\/em>The only truly secure system is one that the development process is controlled from the beginning, located in at a site with a harden bunker deep underground, with no communications links to the outside and all informed and aware of its existence are terminated to prevent leaks as the site is nuked.<\/p><\/blockquote>\n
![\"\"](\"https:\/\/i0.wp.com\/www.ict-pulse.com\/wp-content\/uploads\/2012\/03\/Computer-Security-by-Victor-Habbick.jpg\" "\\"Computer")
<\/a>The above quote is a paraphrase of our guest expert\u2019s recollection of views expressed in the \u201cOrange Book\u201d \u2013 the US Department of Defense Trusted Computer System Evaluation Criteria \u2013 and is precisely the reason why network security is so critical. Our networks exist in an imperfect world, where we cannot control all the factors the quote suggest are necessary to create a truly secure system.<\/p>\nAM:\u00a0 These are many, so I will just reference a few:<\/p>\n
- \n
- \u201cHaving a Firewall and Antivirus is enough.\u201d\u00a0 Unfortunately, that is the starting point.<\/li>\n
- Management total lack of understanding\/appreciation of the issues at hand.<\/li>\n
![\"\"](\"https:\/\/i0.wp.com\/www.ict-pulse.com\/wp-content\/uploads\/2012\/03\/firewall1.jpg?resize=226%2C76\" "\\"firewall\\"")
<\/a>People\u2019s idea that: \u201cPatching Microsoft Windows will break my app\u201d. Not patching my O\/S and Applications (Microsoft Windows, Linux or whatever you use) is the same as leaving the keys in the door.\u00a0 Someone eventually can or will walk in and make themselves at home and you won\u2019t know until it\u2019s too late.<\/li>\n- Configuration Management: Not having an inventory of your Hardware and Software Resources and establishing Access Controls based on Ownership, Responsibility and Functions; which is like your friend parking the car in your yard, the car he borrowed, the same car that was rented yesterday to his cousin.<\/li>\n
- Depending in vendors and products to keep you safe.\u00a0 Information security is a discipline and a practice based on a constant effort to stay informed and having a process that addresses risks against business needs.\u00a0 This emphasis is lacking even within organizations that should know better.<\/li>\n
- Leaving systems with defaults or obvious settings, controls or passwords on the assumption that we will get to it later.<\/li>\n
- Not evaluating your service providers.<\/li>\n
- Limited employee education regarding policies (if they exist), security compliancy and what to do if they are victims.<\/li>\n<\/ul>\n
ICTP:\u00a0 In your capacity as an Internet Security Strategist, what are three key questions businesses should ask themselves when assessing the secureness of their networks?<\/strong><\/p>\n
AM:\u00a0 1. \u00a0What do I need to protect?<\/p>\n
2.\u00a0 Whom am I protecting it from?<\/p>\n
3.\u00a0 What would be the business impact should there be a breach whether it occurs internally or externally?<\/p>\n
ICTP:\u00a0 Are any trends you have observed, or have been reported, regarding threats\/intrusions in Trinidad and Tobago, or in the region?<\/strong><\/p>\n
![\"\"](\"https:\/\/i0.wp.com\/www.ict-pulse.com\/wp-content\/uploads\/2012\/03\/Port-scanning1.jpg?resize=225%2C62\" "\\"Port")
<\/a>AM:\u00a0 I think the biggest trend we are observing is the presence of Command and Control BOT, Attempted Domain Hijacks and Fake Antivirus.\u00a0 Other than that, constant port scans.\u00a0 The organization with the smallest footprint fares best, but are not immune.<\/p>\n- \n
![\"\"](\"https:\/\/i0.wp.com\/www.ict-pulse.com\/wp-content\/uploads\/2012\/03\/Root-CA.jpg?resize=192%2C63\" "\\"Root")
<\/a>Establish and manage a Root CA for CARICOM.\u00a0 This can be hosted in Jamaica or Barbados as they are better prepared for natural disasters.<\/li>\n- Establish Education and Compliance Guidelines for Cyber Security and monitor it.<\/li>\n
- Establish a committee (I don\u2019t like committees) of business and government stakeholders to share knowledge and strategy.<\/li>\n<\/ul>\n
Do you have any questions for\u00a0<\/em><\/strong>Aaron, or views you would like to share? Please do so in the Comments area below.<\/em><\/strong><\/p>\n
Looking forward to your feedback!<\/em><\/strong><\/p>\n
<\/p>\n
Image: Victor Habbick<\/a> \/ FreeDigitalPhotos.net<\/em><\/p>\n
____________<\/p>\n","protected":false},"excerpt":{"rendered":"
![\"\"](\"https:\/\/i0.wp.com\/www.ict-pulse.com\/wp-content\/uploads\/2012\/03\/firewall1.jpg\" "\\"firewall\\"")
<\/a>People\u2019s idea that: \u201cPatching Microsoft Windows will break my app\u201d. Not patching my O\/S and Applications (Microsoft Windows, Linux or whatever you use) is the same as leaving the keys in the door.\u00a0 Someone eventually can or will walk in and make themselves at home and you won\u2019t know until it\u2019s too late.<\/li>\n![\"\"](\"https:\/\/i0.wp.com\/www.ict-pulse.com\/wp-content\/uploads\/2012\/03\/Port-scanning1.jpg\" "\\"Port")
<\/a>AM:\u00a0 I think the biggest trend we are observing is the presence of Command and Control BOT, Attempted Domain Hijacks and Fake Antivirus.\u00a0 Other than that, constant port scans.\u00a0 The organization with the smallest footprint fares best, but are not immune.<\/p>\n![\"\"](\"https:\/\/i0.wp.com\/www.ict-pulse.com\/wp-content\/uploads\/2012\/03\/CC-BOT.jpg\" "\\"C&C")
<\/a><\/p>\n![\"\"](\"https:\/\/i0.wp.com\/www.ict-pulse.com\/wp-content\/uploads\/2012\/03\/Root-CA.jpg\" "\\"Root")
<\/a>Establish and manage a Root CA for CARICOM.\u00a0 This can be hosted in Jamaica or Barbados as they are better prepared for natural disasters.<\/li>\n