Ashley J. Oliver
Oliver COM Solutions
Senior Network Security Engineer
2018 CISSP Candidate
Topic: Security Vulnerabilities, Threats,
and Countermeasures
What is a house with a shaky foundation?
Is it safe? Is it secure? This question may not be a common one, but is
imperative in the practice of cybersecurity. Higher-level protective controls
that are built on a questionable system may not be as effective as those built
on a solid, secure, foundation. Think for example, of the most minuscule
security flaw that may leave your organization open to exploitations. If
malicious entities can effortlessly circumvent your firewall completely, how
are you really protecting your data? What if your organization encompasses PII
and PHI? Are you prepared for a potential exploit of this data based on a loosely
assembled foundation?
Think about the decision to be vigilant
about your system design the same as you would any decision that should be
based on a solid foundation. For example, you wouldn’t decide where to go to
college without researching the programs, campus culture(s), would you? Often
overlooked, many protected systems can encompass extremely secure firewall
configurations. However, if a vital security flaw exists on the computer that runs on said systems, you
will be back at square one in no time. One should never underestimate malicious
entities and their abilities to completely bypass the safeguards that you have
put in place to secure your system, such as a Firewall for example.
There is no such thing as a completely secure
security architecture. Weaknesses and vulnerabilities can and will exist in
every computer system. This is why security models such as Biba, Bell LaPadula,
and Take Grant (just to name a few) exist, as well as security architectures.
The primary objective of these models and architectures is to concentrate on
well-known vulnerabilities.
Lastly, if you aren’t convinced that you need to take Security Models and Architecture seriously for the protection of your system, think about existing vulnerabilities from real life use case scenarios. Such as, risk of theft, sensitive data existing on desktops, lack of security understanding, client compromises which could lead to network compromises, and user-installed software presenting a greater malware risk, just to name a few.
No comments:
Post a Comment