nanog mailing list archives
Re: Fwd: cnn.com - Homeland Security seeks cyber counterattack system(Einstein 3.0)
From: Sean Donelan <sean () donelan com>
Date: Thu, 9 Oct 2008 12:13:29 -0400 (EDT)
On Tue, 7 Oct 2008, Valdis.Kletnieks () vt edu wrote:
You don't want "the securest implementation". You want one that's "secure enough" while still allowing the job to get done. You also don't want to be *paying* for more security than you actually need. Note that the higher price paid to the vendor isn't the only added cost of too much security.
The most recent (September 15 2008) US Government DNI directive about IT systems security includes the concept of appropriate risk management.
http://www.dni.gov/electronic_reading_room/ICD_503.pdf D. POLICY 1. Risk Management a. The principal goal of an IC element's information technology risk management process shall be to protect the element's ability to perform its mission, not just its information assets. [...] b. [...] For example, a very high level of security may reduce risk to a very low level, but can be extremely expensive, and may unacceptably impede essential operations.In practice, it often turns out a "secure" system that is unusable for its mission is both insecure and unused because people start using other ways that bypass the "secure" system just to get the job done.
So back to my original questions, what advice would you give to the US Government about protecting and defending its networks to maintain
its capability to perform. And how can it be sure its getting what it paid for.
Current thread:
- Re: Fwd: cnn.com - Homeland Security seeks cyber counterattack system(Einstein 3.0), (continued)
- Re: Fwd: cnn.com - Homeland Security seeks cyber counterattack system(Einstein 3.0) Valdis . Kletnieks (Oct 07)
- Re: Fwd: cnn.com - Homeland Security seeks cyber counterattack system(Einstein 3.0) Sean Donelan (Oct 07)
- Re: Fwd: cnn.com - Homeland Security seeks cyber counterattack system(Einstein 3.0) Steven M. Bellovin (Oct 07)
- Re: Fwd: cnn.com - Homeland Security seeks cyber counterattack system(Einstein 3.0) Valdis . Kletnieks (Oct 07)
- Re: Fwd: cnn.com - Homeland Security seeks cyber counterattack system(Einstein 3.0) Paul Ferguson (Oct 07)
- Re: cnn.com - Homeland Security seeks cyber counterattack system(Einstein 3.0) Marshall Eubanks (Oct 07)
- Re: cnn.com - Homeland Security seeks cyber counterattack system(Einstein 3.0) Paul Ferguson (Oct 07)
- Re: Fwd: cnn.com - Homeland Security seeks cyber counterattack system(Einstein 3.0) Gadi Evron (Oct 07)
- Re: Fwd: cnn.com - Homeland Security seeks cyber counterattack system(Einstein 3.0) J. Oquendo (Oct 07)
- Re: Fwd: cnn.com - Homeland Security seeks cyber counterattack system(Einstein 3.0) Valdis . Kletnieks (Oct 07)
- Re: Fwd: cnn.com - Homeland Security seeks cyber counterattack system(Einstein 3.0) Sean Donelan (Oct 09)
- Re: Fwd: cnn.com - Homeland Security seeks cyber counterattack system(Einstein 3.0) Jean-François Mezei (Oct 07)
- RE: Fwd: cnn.com - Homeland Security seeks cyber counterattacksystem(Einstein 3.0) Tomas L. Byrnes (Oct 07)
- RE: Fwd: cnn.com - Homeland Security seeks cyber counterattacksystem(Einstein 3.0) Howard C. Berkowitz (Oct 07)
- Re: Fwd: cnn.com - Homeland Security seeks cyber counterattack system(Einstein 3.0) Patrick Darden (Oct 07)
- Re: cnn.com - Homeland Security seeks cyber counterattack system (Einstein 3.0) Steve Church (Oct 06)
- RE: cnn.com - Homeland Security seeks cyber counterattack system(Einstein 3.0) Howard C. Berkowitz (Oct 06)
- Re: cnn.com - Homeland Security seeks cyber counterattack system (Einstein 3.0) Paul Ferguson (Oct 06)
- Re: cnn.com - Homeland Security seeks cyber counterattack system (Einstein 3.0) Jean-François Mezei (Oct 06)
- RE: cnn.com - Homeland Security seeks cyber counterattack system(Einstein 3.0) Matlock, Kenneth L (Oct 06)