- Nokia's new N97 vs. the iPhone
- 10 Microsoft research projects
- Hard to get justice in MySpace case
- Smartphone smackdown: Storm vs. iPhone
- Apple removes antivirus support page
The first step in protecting your enterprise is figuring out how to destroy it.
That’s the approach to security taken by Jonathan Clemens, manager of enterprise security oversight at Intel. He recommends that companies conduct wargames to find their biggest weaknesses.
“By a wargame, I mean a tabletop exercise,” Clemens said at IDG’s LinuxWorld OpenSolutions Summit in New York City this week. “Sit down and be your biggest competitor, be an attacker, put yourself in the criminal mindset. … Until you know how you could destroy your company you can’t understand how you can prevent someone else from doing that.”
Although identifying vulnerabilities to attacks may seem like an obvious step, when Clemens asked the audience whether they knew how to destroy their companies, just a few people out of several dozen raised their hands.
Clemens was wary of revealing specifics about wargames conducted at Intel. But he noted that Intel makes chips, and it would be damaging if the company made chips that could not perform mathematical calculations properly.
“What would happen if I was a competitor of Intel and I wanted to discredit them? Would that be a way to do it?” Clemens asked. “So you look at your core product (and) you look at who would want you to fail in that area. … You go through these mental exercises and say ‘what’s the worst case scenario?’”
The worst-case scenario could involve the threat of physical harm, he told the audience, making note of a bank robbery in England last year that involved the family of a bank manager being taken hostage.
In a follow-up exchange with Network World, Clemens noted that IT managers handle data, rather than cash, but that attacks involving hostages are not unthinkable in the IT industry.
“If the financial industry, which has had centuries of armed robberies to deal with, can't defend against such an attack, how can the IT industry, where system administrators are in positions of similar responsibility, but over data rather than cash?” he questioned.
In his talk at the LinuxWorld event, Clemens also discussed emerging threats such as viruses aimed at mobile devices and custom attacks aimed at specific corporations.
“Being on the Internet is like sharing your toothbrush with 1 billion of your closest neighbors,” he said. “There are people on the Internet who are smarter than you. …. There are people who are less ethical than us.”
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment