Guide to Network Defense and Countermeasures
Download
Report
Transcript Guide to Network Defense and Countermeasures
Guide to Network Defense and
Countermeasures
Second Edition
Chapter 2
Security Policy Design: Risk Analysis
Objectives
•
•
•
•
Explain the fundamental concepts of risk analysis
Describe different approaches to risk analysis
Explain the process of risk analysis
Describe techniques to minimize risk
Guide to Network Defense and Countermeasures, Second Edition
2
Fundamental Concepts of Risk
Analysis
• There is no situation in which security is perfect
• Risk analysis
– Determines the threats that face the organization
• Security policy
– Statement that spells out
• What defenses should be configured
• How the organization will respond to attacks
• How employees should safely handle the organization’s
resources
Guide to Network Defense and Countermeasures, Second Edition
3
Guide to Network Defense and Countermeasures, Second Edition
4
Risk Analysis Factors
• Risk is defined as the possibility of damage or loss
• Risk analysis
– Study of the likelihood of damage or loss
– Should encompass hardware, software, and data
warehouses
• Assets
–
–
–
–
Physical assets
Data assets
Application software assets
Personnel assets
Guide to Network Defense and Countermeasures, Second Edition
5
Risk Analysis Factors (continued)
• Threats
–
–
–
–
Events that have not occurred but might occur
Threats increase risks
Can be universal or specific to your systems
Circumstance-specific threat examples
•
•
•
•
Power supply
Crime rate
Facility-related
Industry
– The seriousness of a threat depends on the
probability that it will occur
Guide to Network Defense and Countermeasures, Second Edition
6
Risk Analysis Factors (continued)
• Probabilities
– Factors that affect the probability that a threat will
actually occur
• Geographic
• Physical location
• Habitual
– Exposure
• Increases if you have factors that increase threat
probabilities
– Make a list and rank your threats probabilities
Guide to Network Defense and Countermeasures, Second Edition
7
Guide to Network Defense and Countermeasures, Second Edition
8
Risk Analysis Factors (continued)
• Vulnerabilities
– Situations or conditions that increase a threat
probability
• Which in turn increases risk
– Examples
•
•
•
•
•
OS flaws
Application software flaws
Poorly configured firewalls or packet filters
Unprotected passwords and log files
Wireless networks
Guide to Network Defense and Countermeasures, Second Edition
9
Risk Analysis Factors (continued)
• Consequences
– Significance of an attack impact
– Some consequences can be estimated
– Some consequences are difficult to anticipate
• Return on investment (ROI)
– Helps you calculate your losses after an attack
– You can compare your losses with the cost of your
security measures
• Security measures costs should always be less than
your losses
Guide to Network Defense and Countermeasures, Second Edition
10
Guide to Network Defense and Countermeasures, Second Edition
11
Guide to Network Defense and Countermeasures, Second Edition
12
Risk Analysis Factors (continued)
• Safeguards
– Measures you can take to reduce threats
– Examples include
• Firewalls and IDSs
• Locking doors
• Using passwords and encryption
– Residual risk
• What is left over after countermeasures and defenses
are implemented
Guide to Network Defense and Countermeasures, Second Edition
13
Guide to Network Defense and Countermeasures, Second Edition
14
Approaches to Risk Analysis
• Survivable Network Analysis (SNA)
• Threat and Risk Assessment (TRA)
Guide to Network Defense and Countermeasures, Second Edition
15
Survivable Network Analysis
• Security process developed by the CERT
Coordination Center group
• Assumes that a system will be attacked
– Leads you through a four-step process designed to
ensure the survivability of a network
• Network key properties
–
–
–
–
Resistance
Recognition
Recovery
Adaptation and evolution
Guide to Network Defense and Countermeasures, Second Edition
16
Survivable Network Analysis
(continued)
• Fault tolerance
– Capability of an object to continue operations
despite a failure
• SNA steps
–
–
–
–
System definition
Essential capability definition
Compromisable capability definition
Survivability analysis
Guide to Network Defense and Countermeasures, Second Edition
17
Threat and Risk Assessment
• TRA approaches risk analysis from the standpoint of
threats and risks to an organization’s assets
• TRA steps
–
–
–
–
Asset definition
Threat assessment
Risk assessment
Recommendations
• TRA is carried out in different ways by security
agencies all over the world
Guide to Network Defense and Countermeasures, Second Edition
18
Guide to Network Defense and Countermeasures, Second Edition
19
Guide to Network Defense and Countermeasures, Second Edition
20
Risk Analysis: An Ongoing Process
• Risk analysis is not a one-time activity
– Evolves to take into account an organization’s changing
size and activities
• Initial risk analysis
– Used to formulate a security policy
• New threats and intrusions
– Create the need for a reassessment of the risk
Guide to Network Defense and Countermeasures, Second Edition
21
Risk Analysis: General Activities to
Follow
• Risk analysis
– Group of related activities that follow a sequence
• Sequence of activities
–
–
–
–
Holding initial team sessions
Conduction assets valuation
Evaluating vulnerability
Calculating risk
Guide to Network Defense and Countermeasures, Second Edition
22
Analyzing Economic Impacts
• Estimating financial impact or losses
• You can use different statistics models
– Or a software program such as
• Project Risk Analysis by Katmar Software
• Basic information to estimate
– Likely cost
– Low cost
– High cost
• Monte Carlo simulation
– Analytical method that simulates real-life system by
randomly generating values for variables
Guide to Network Defense and Countermeasures, Second Edition
23
Guide to Network Defense and Countermeasures, Second Edition
24
Guide to Network Defense and Countermeasures, Second Edition
25
Guide to Network Defense and Countermeasures, Second Edition
26
Deciding How to Minimize Risk
• Risk management
– Process of identifying, choosing, and setting up
countermeasures justified by the risk you identify
– Countermeasures go into your security policy
Guide to Network Defense and Countermeasures, Second Edition
27
Securing Hardware
• Think about obvious kinds of physical protection
– Such as environmental conditions
• Lock up your hardware
– Decide which devices you want to be locked
• Pay special attention to laptops
– Laptops can be lost or stolen easily
• Install startup passwords and screen saver
passwords
– Experienced thieves can circumvent them though
• Encrypt files with programs such as PGP
Guide to Network Defense and Countermeasures, Second Edition
28
Securing Hardware (continued)
• Conduction a Hardware inventory
– Make a list of servers, routers, cables, computers,
printers, and other hardware
– Be sure to include your company’s network assets
– Make a topology map of your network
Guide to Network Defense and Countermeasures, Second Edition
29
Guide to Network Defense and Countermeasures, Second Edition
30
Ranking Resources To Be Protected
• Rank resources in order of importance
– Values can be arbitrary numbers
• Focus your security efforts on most critical
resources first
• Work in cooperation with your team and higher
management
Guide to Network Defense and Countermeasures, Second Edition
31
Securing Information
• Electronic assets
– Word processing, spreadsheet, Web page, and other
documents
• Logical assets
– E-mail messages, any records of instant messaging
conversations, and log files
• Data assets
– Personnel, customer, and financial information
Guide to Network Defense and Countermeasures, Second Edition
32
Securing Information (continued)
• Maintaining customer and employee privacy
– Isolate critical information from the Internet
• Move information from the original directory to a
computer that is not connected to the Internet
• Configure backup software to save critical files
– Other measures
•
•
•
•
•
Encryption
Message filtering
Data encapsulation
Redundancy
Backups
Guide to Network Defense and Countermeasures, Second Edition
33
Securing Information (continued)
• Protecting Corporate Information
– Measures include
• Never leave company-owned laptops unattended
• Always password-protect information on corporate
devices
• Encrypt and financial information
• Password-protect all job records and customer
information
• Restrict personnel information to human resources
staff and/or upper management
Guide to Network Defense and Countermeasures, Second Edition
34
Conducting Routine Analysis
• Risk analysis is an ongoing process
– Company’s situation changes constantly
– Risk analysis should be done routinely to include
these changes
• Consider the following questions
– How often will a risk analysis be performed?
– Who will conduct the risk analysis?
– Do all hardware and software resources need to be
reviewed every time?
• Human emotions can influence risk evaluations
– Some companies do not allow these calculations to
be done manually
Guide to Network Defense and Countermeasures, Second Edition
35
Handling Security Incidents
• Security policy should state how you will respond to
break-ins
– Fill out a form to record what happened
• Incident-handling procedures
– Describe who will respond to security incidents
– Describe the kinds of incidents to be addressed
•
•
•
•
•
Alarms sent by intrusion detection systems
Repeated unsuccessful logon attempts
Unexplained changes to data or deletion of records
System crashes
Poor system performance
Guide to Network Defense and Countermeasures, Second Edition
36
Guide to Network Defense and Countermeasures, Second Edition
37
Handling Security Incidents
(continued)
• Assembling a response team
– Security policy should state which security staff need
to be notified in case of an incident
– Security incident response team (SIRT)
• Staff people designated to take countermeasures
when an incident is reported
– SIRT contains
•
•
•
•
•
IT operations and technical support staff
IT application staff
Chief security officer
Information security specialists
Others
Guide to Network Defense and Countermeasures, Second Edition
38
Handling Security Incidents
(continued)
• Escalation procedure
– Set of roles, responsibilities, and measures taken in
response to a security incident
Guide to Network Defense and Countermeasures, Second Edition
39
Handling Security Incidents
(continued)
• Including worst-case scenarios
– Worst-case scenarios
• Descriptions of the worst consequences to an
organization if a threat happens
• Might be unlikely
• Can help you determine the value of a resource at risk
Guide to Network Defense and Countermeasures, Second Edition
40
Summary
• Risk Analysis plays a central role in defining a
security policy
• Risk analysis covers company’s computer hardware,
software, and informational assets
• Your first task is to assess the level of risk to your
network and its users
• Determine countermeasures for minimizing risk
• Assess threats to your network and the probability
that they might happen
– Determine safeguards and countermeasures
Guide to Network Defense and Countermeasures, Second Edition
41