I love talking about mistakes :-) In fact, I wrote a few fun papers summarizing common mistakes in
intrusion detection,
incident response and
log analysis. But
Richard Bejtlich did a one up, summarizing "
Common Security Mistakes."
Those are (quoted from
his blog post):
- "Failure to maintain a complete physical asset inventory
- Failure to maintain a complete logical connectivity and data flow diagram
- Failure to maintain a complete digital asset/intellectual property inventory
- Failure to maintain digital situational awareness
- Failure to prepare for incidents"
What I like about them is that most revolve around not knowing what you got ... Indeed, before you mire yourself in prevention-detection-response, you need to think for a few seconds :-) about what are you trying to protect....
No comments:
Post a Comment