Wednesday, May 25, 2005

A Risk Strategy for Corporate Business Survival - Lesson 4 - Document

“4D”
A Risk Strategy for Corporate Business Survival
Deter. Detect. Defend. Document.

By Peter L. Higgins

Lesson 4 of a 4 Part Series


The Mission
Document the normal so you know when and where there is an unauthorized result. In order for the attacker to obtain their objective, the target must produce this unauthorized result. These might include:

· Increased Access
· Disclosure of Information
· Corruption of Information
· Denial of Service
· Theft of Resources

In order to understand that an attack is actually occurring, normal results have to be documented and a historical trend has to be established. What is normal? How do you know what normal looks and feels like? You document, store, record and analyze what normal is. If you have done this for long enough and across the potential targets the attacker is trying to exploit, then you will know the second an unauthorized result takes place.

The Take Away
Documenting the behavior of people, processes, systems and external events is a vital component of a complete strategy for risk mitigation. Understanding what normal “is”, begins with effective documentation and analysis. Many organizations begin to document long after it is too late or as a result of a significant business disruption. Documentation remains to be a challenge for many, and a task that attackers know is likely to be left undone or behind schedule.

Conclusion
A “4D” Risk Strategy for Business Survival is only effective if it is operating on a continuous basis. You must create the culture and the due diligence to see that it becomes part of the fabric of the organization internally and with outsourced partners or suppliers. Only then will the attacker realize that this combination to deter, detect, defend and document is alive and growing in your enterprise. This is when attackers become discouraged, afraid, uncertain and ultimately ready for a new and less formidable adversary.

Attackers use tools to exploit a vulnerability to create an action on a target that produces an unauthorized result, to obtain their objective. These “4D” lessons should put you on the way to creating a more survivable business.

Peter L. Higgins is the Managing Director of 1SecureAudit, an Operational Risk Management Solutions firm located in McLean, VA. He can be reached at higginsp@1SecureAudit or 703 245 3020.

No comments: