SCIT Risk Mitigation and Consequence Management

Posted by on in Uncategorized
  • Font size: Larger Smaller
  • Hits: 2991
  • Subscribe to this entry
  • Print

Recent examples emphasize the importance of consequence management and risk mitigation strategy implemented in  SCIT.  I give two examples and then use these to emphasize the value of SCIT:

1.  Target: SCIT would not have prevented the compromise of their server, but would have significantly reduced the number of records lost.  In addition, Reuters recently reported that the presence of malware.binary was noted on Nov 30, alert was generated but no action was taken.  Reuters quotes experts to say that in the kind of systems deployed at Target, hundred(s)  alerts like this are generated every day.  The manpower required to process each alert would be a huge cost.  Thus, SCIT has a significant cost advantage.

2.  Heartbleed: CloudFare posted the issues and exploit strategy and argued that in practice such an exploit would be very hard, probably impossible.  Then they challenged others.  Within hours the site was breached.   If OpenSSL is used, fixing this is very labor intensive and time consuming, probably requiring certificate revocation.  What happens while all this effort is going on?  We suggest that SCIT can provide protection and minimize the data ex-filtration loss.

3.  Can anyone predict the next vulnerability or exploit?  I doubt it.  So what do you do TODAY when the next vulnerability is unknown.  You should consider a risk mitigation strategy.  SCIT helps. At a minimum, SCIT will make the criminals work harder, forcing them to penetrate over and over.  This exposes them more and potentially  leads to repeated alerts. The big point is that new, unexpected things are happening.  It was hard to predict Heartbleed and take protective steps before hand.  SCIT gives you assurance that no matter what happens damage will be minimal.  Compare that to other technologies.