- Evolution of technology focused on ease of use
- Increasing complexity of computer infrastructure administration and management
- Decreasing skill level needed for exploits
- Direct impact of security breach on corporate asset base and goodwill
- Increased networked environment and network based applications
Today organizations are increasingly getting networked, as information is exchanged at the speed of thought. Routine tasks rely on the use of computers for accessing, providing or just storing information. However, as information assets differentiate the competitive organization from others of its kind, so do they register an increase in their contribution to the corporate capital? There is a sense of urgency on behalf of the organization to secure these assets from likely threats and vulnerabilities.
The subject of addressing information security is vast and it is the endeavor of this course to give the student a comprehensive body of knowledge required to secure the information assets under his consideration.
This course assumes that there exist organizational policies that are endorsed from the top -level management and that business objective and goals related to security have been incorporated as part of the corporate strategy. A security policy is the specification of how objects in a security domain are allowed to interact.
As a prelude to the course we shall briefly highlight the need to address the security concerns in the contemporary scenario.
The importance of security in the contemporary information and telecommunications scenario cannot be overemphasized. There are myriad reasons for securing ICT infrastructure. For our discussion here, we shall take a macro-level view as detailing each and every aspect can be another course in itself.
The evolution of computers have transcended from the annals of universities to laptops and PDAs. Initially computers were designed to facilitate research and this did not place much emphasis on security as such resources being scarce, were meant for sharing. The permeation of computers into the routine workspace and daily life see more of control being transferred to computers and a higher dependency on them for facilitating important routine tasks. Any disruption meant loss of time, money and sometimes even loss of life.
Technology is evolving at an unprecedented rate and as a result, the products that reach the market are engineered more for ease of use than for secure computing. Technology originally developed for 'honest' research work and campu s related work has not evolved entirely at the pace with which the user profile and span has. However, increasing built -in default security mechanisms meant users had to be more competent. Moreover, vulnerabilities were often overlooked by system designers and would remain unnoticed through the intended deployment of the system.
As computers gain greater control over routine activities, it is becoming increasingly difficult for system administrators and other system professionals to allocate resources exclusively for securing systems. This includes time needed to check log files, detect vulnerabilities and sometimes even to apply security update patches.
The time available with system administrators are consumed by routine activities with less time available towards vigilant administration. There is too little time at hand to deploy measure and secure computing resources on a regular and innovative basis. This has increased the demand for dedicated security professionals who will constantly monitor and defend the ICT resources.
Originally, to 'hack' meant to possess extraordinary computer skills used to extend the limits of computer systems. It required great proficiency on part of the individual. However, today there are automated tools and codes available on the Internet that makes it possible for anyone with a will and desire to hack, to succeed in their effort.
Here, success need not denote the accomplishment of the objective. Mere compromise of the security of a system can denote success in this context. There are websites that insist on 'taking back the net' as well as those that believe that they are doing all a favor by hosting exploit details. These can act in a detrimental manner as well, bringing down the skill level required.
The ease with which system vulnerabilities can be exploited has increased while the knowledge curve required to perform such exploits is shortening. The concept of elite / super hacker is as abstract as before. However, the fast evolving genre of 'script kiddies' are largely comprised of lesser skilled individuals acquiring second hand knowledge and use them to perform exploits.
One of the main impediments to the growth of security infrastructure lies in the unwillingness of exploited or compromised victims to report the incident for fear of losing the goodwill and faith of their employees, customers, partners and market stand. The trend of market valuation being influenced by information assets have seen more enterprises think twice before reporting to law enforcement for fear of bad press and negative publicity.
The increased networked environment with organizations often having their website as a single point of contact across geographical boundaries makes it critical to take countermeasures to ward off any exploits that can result in loss. This is all the more reason why corporate should invest in security measures and protect their information assets.
The figure below illustrates the evolution in attacks and the relative skill profile of the attackers over the years.
Breach of security reflects not only on the information assets compromised, but also on the image of the corporation, which can have an adverse effect on partnerships and also customer base. The 2002 CSI/FBI computer crime and security survey noted that 90% of the respondents had detected security breaches and while only 44% were able to quantify the losses occurred; this alone amounted to a staggering $455,848,000.
This is a sharp increase from previous year's figures of $170,827,000 (theft of proprietary information) and $115,753,000 (financial fraud). It is evident therefore, that the current e-business scenario warrants extreme caution while administering security con figurations to the computing infrastructure.
While the above-mentioned aspects are not exhaustive, they can be cited as the predominant reasons why organizations and system administrators have to equip themselves with tools and methods to circumvent vulnerable scenarios towards achieving organizational objectives.
The primary objective of this course is to equip system administrators, network professionals and security professionals with the competency to defend their system. It must be noted that there are several tools available to provide counter measures and it is not within the scope of this course to detail each and every tool. However, the course will discuss the different genre of tools and examine popular, rich featured tools to give the students an in-depth understanding into the working of the tools belonging to that particular genre.
Another significant difference in approach is the holistic view being adopted throughout this course. We do not restrict our focus to the penetration, but try to explore the activity of the perpetrator in a phased manner. It is therefore assumed that the readers are familiar with technical domains. At the end of this course, students are trained to view adopting defensive tactics as a part of everyday work.
COMMENTS