Firewall Wizards mailing list archives
Intrusion Detection
From: Edward Cracknell <edward () securIT net>
Date: Thu, 18 Dec 1997 00:29:20 GMT
Ok, Outsourcing firewalls and security certainly went on for a while. I don't want to prolong any threads beyond their natural life, nor do I submit issues to provoke an unhealthy level of debate.......(oh, you saw this coming......) however, I'd like to make a statement regarding Intrusion Detection..... Can *we* call the internal monitoring of networks behind a firewall 'Intrusion' Detection when we are looking to identify 'insider' crime. Surely this is not an intrusion if perpetrated by someone who is meant to be there? I'm just concerned that we title this thing incorrectly in the early stages and mislead customers when selling this. I accept that the industry pushes forward with a multi-billion dollar firewall market embrace, when the obvious threat comes from a source which statistics show to be responsible for only 40% of all reported computer crime at best. Many surveys state that insider crime accounts for up to 81% of reported crime, others say 60%. My boss and mentor attributes the change from 81% down to 60% due to an increase in Internet and external network crime. So why do businesses appear to 'accept' insider crime when the type of crime committed by insiders is typically financial, whereas external crime equates more often than not, to nothing more than the drawing of spectacles and a moustache on an expensive painting? ----------------------------------------------------------------- Edward Cracknell - <edward () SecurIT net>
Current thread:
- Intrusion Detection Edward Cracknell (Dec 17)
- Re: Intrusion Detection Bret Watson (Dec 19)
- Re: Intrusion Detection and MUCH more Ziv Dascalu (Dec 19)