Security Eval Process

The basis for my thoughts about information security lies in a 5-step process I learned years ago:

  1. Identification of Threat
  2. Identification of Vulnerabilities
  3. Counter-measure development
  4. Counter-measure implementation
  5. Assessment of counter-measure’s effectiveness.

When you get to step 5, you loop and do it again, always staying on alert.

1.  Identification of Threat:  This is where you ask what is out there.  You want to know what the bad guys are trying to do.   For example, it is a commonly held principle that certain operating systems are more targeted than others.  In this area, you are not concerned with “oh I use this system, so I’m ok?”  Here, you are asking simply, what are they (the bad guys) doing?

2.  Identification of Vulnerabilities:  All systems are vulnerable.  Here, security holes are matched up with threats.  If there is a match, then a counter-measure needs to be developed.  No match, no problem.

3.  Development of counter-measures:  CM development can be the most challenging stage for some people.  A realistic and implementable plan needs to be developed that addresses the identified threat/vulnerability combination.

4.  Implementation of counter-measures.  Once the CMs are mapped out, put them in place.

5.  Assessment of CM effectiveness.  Did the actions do what they were intended to do?

Then the process is started again.

 

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

Ultima II: Exodus — Getting back in to my groove.

After a considerable respite, I feel the possibility of “Jazzy J” coming back from the dead and walking among the living is possible. I’m quite active in the retro community, [...]

More Info

Getting back to Retro

Over the last few years coinciding with the election of 45, I stopped writing articles about old computers and began complaining, At some time I realized I was complaining to […]

More Info

A Deplorable Debate: A Sign of the Death of Democracy?

Bipartisan condemnation rang out around the world at the behavior of the incumbent and the presidential candidate. Who won is uncertain. Who lost, is certain. Those loving democracy and the […]

More Info

Gosh Darn Independent (GDI – La, US)

I will be happy with bipartisanship reappears. This country is by the people, for the people. At least the last couple of administrations have been targeting one group.   We […]

More Info
  • A Veterans Request
  • About
  • Blog
  • Contact
  • Notable Posts
  • Security Eval Process
  • The Abort! Protocol
  • Walk Jay’s Journey
  • Webinars
  • Why This Page? Who is Jazzy_J
Powered by WordPress | theme Layout Builder