Documente Academic
Documente Profesional
Documente Cultură
Concepts
Module-4
Prof. Harsha B. K.
Ref: Thomas J. Mowbray, “Cyber Security – Managing Systems, Conducting Testing, and
Investigating Intrusions”, Wiley.
Contents
• Antipattern problem
• Refactored solution
• Cybersecurity antipattern catalog
Why start with Antipatterns
• The first step is to admit we have a problem
• Solving cybersecurity issues requires
• radical new ways of thinking,
• paradoxically, a return to first principles
• common sense
• “Technology is not the problem…people are the problem”
Security Architecture
• The cybersecurity crisis is a fundamental failure of
architecture
• Majority of deployed software create significant
opportunities for malicious exploitation
• Properly engineered infrastructure and software
technologies withstand known and manage unknown risks
Antipattern:
Document-Driven Certification
and Accreditation
• Assessment and Authorization (A&A) Certification and
Accreditation (C&A)
• A&A is the process of assuring the information security of
systems before they are deployed
• Certification is an assessment and testing phase
• Accreditation is an executive approval process
Antipattern:
• This paradox was addressed by the Center for Strategic and International
Studies (CSIS), which released a Presidential Commission report
Refactored Solution:
Related Solutions
• Data center provisioning environments to assure patch
management and policy configurations
• Locked-down standard system images, data centers are
able to deploy virtual servers which conform to security
baselines, and perform mass updates
Never Read the Logs
• Antipattern Name: Never Read the Logs
• Also Known As: Guys Watching Big Network Displays Miss
Everything, Insider Threat, Advanced Persistent Threat (APT),
Network Operations Center (NOC)
• Refactored Solution Names: Advanced Log Analysis
• Unbalanced Primal Forces: Management of confidentiality
• Anecdotal Evidence: Nick Leeson at Barings Bank, Wikileaks,
Aurora Cyber Intrusions
Never Read the Logs