RE: Worms, Air Gaps and Responsibility

["Paul D. Robertson" <paul () compuwar net>]

On Wed, 5 May 2004, Carson Gaspar wrote:

> I agree. My response was to you're "what excuse do they have" question. In
> my specific industry, they have a bunch. Most other industries don't make
> every single dollar based on timely, accurate, electronic information. When
> your entire business is manipulating flows of information, based on other
> flows of information, limiting who can see what is a very tough job. Not
> impossible, but extremely difficult, and very expensive.

But by the same token, that makes a massive network/node failure all that
more expensive- at some stage, we have to start taking infrastructure
seriously, and I'd argue that it's businesses that rely on infrastructure
so heavily that need to be in front of it.

I understand where you're coming from, I'd just like to see us all make
more coordinated and extensive efforts to revisit the "connectivity trumps
all" mantra.

Maybe I'm too optimistic, but I always used incidents like this last worm
to get policy changes, validate the usefulness of controls when we didn't
get hit, and generally give the senior execs ammo to crow about how well
done their practical support of security programs was.

Their peers getting hit when we weren't probably made almost as much
difference for policy changes as getting hit (which really frees up
capital, but doesn't gain them bragging rights.)

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
paul () compuwar net       which may have no basis whatsoever in fact."
probertson () trusecure com Director of Risk Assessment TruSecure Corporation
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards