Home » Cisco, Security, Technology

Five Keys to Security Fundamentals

Author: Guest Authors 27 May 2010 1,623 views No Comments

(Excerpted & condensed from the Cisco Press book Network Security Auditing, written by Chris Jackson available June 4, 2010)

To understand security, it is critical that you realize that security is a process, not a product. Security is a broad topic, and one of the few in information technology that literally touches all aspects of a business. To focus security efforts and to make them manageable, it helps to break down the various aspects of security into the five pillars of security.

1. Assessment: Assessments document and identify potential threats, key assets, policies and procedure, and management’s tolerance for risk. Assessments are not something that are done once and then forgotten. As the business needs change and new services and technologies are introduced, regularly scheduled reassessments should be conducted. Doing this gives you an opportunity to test policies and procedures to ensure that they are still relevant and appropriate.

2. Prevention: Prevention is not just accomplished through technology, but also policy, procedure, and awareness. Expect individual security controls to fail, but plan for the event by using multiple levels of prevention.

3. Detection: Detection is how you identify whether or not you have a security breach or intrusion. If you can’t detect a compromise, then you run the risk of having a false sense of trust in your prevention techniques.

4. Reaction: Reaction is the aspect of security that is most concerned with time. The goal is to minimize the time from detection to response so that exposure to the incident is minimized. Fast reaction depends on prevention and detection to provide the data and context needed to recognize a security breach.

5. Recovery: Recovery is where you play detective to determine what went wrong so that you can get the systems back on line without opening up the same vulnerability or condition that caused the problem in the first place. There is also the post-mortem aspect that determines what changes need to be made to processes, procedures, and technologies to reduce the likelihood of this type of vulnerability in the future.

Via Cisco’s Technical Services Newsletter – read the entire excerpt online

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

Leave your response!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.