One Article Review
| Source |  taosecurity |
|---|---|
| Identifiant | 876246 |
| Date de publication | 2018-11-02 09:20:23 (vue: 2018-11-02 15:00:39) |
| Titre | Cybersecurity and Class M Planets |
| Texte |  I was considering another debate about appropriate cybersecurity measures and I had the following thought: not all networks are the same. Profound, right? This is so obvious, yet so obviously forgotten.Too often when confronting a proposed defensive measure, an audience approaches the concept from their own preconceived notion of what assets need to be protected.Some think about an information technology enterprise organization with endpoints, servers, and infrastructure. Others think about an industrial organization with manufacturing equipment. Others imagine an environment with no network at all, where constituents access cloud-hosted resources. Still others think in terms of being that cloud hosting environment itself.Beyond those elements, we need to consider the number of assets, their geographic diversity, their relative value, and many other aspects that you can no doubt imagine.This made me wonder if we need some sort of easy reference term to capture the essential nature of these sorts of diverse environments. I thought immediately of the term "class M planet," from Star Trek. From the Wikipedia entry:[An] Earth-like planet, the Class M designation is similar to the real-world astronomical theory of life-supporting planets within the habitable zone... Class M planets are said to possess an atmosphere composed of nitrogen and oxygen as well as an abundance of liquid water necessary for carbon-based life to exist. Extensive plant and animal life often flourishes; often, a sentient race is also present. In contrast, consider a class Y planet:Class Y planets are referred to as "demon" worlds, where surface conditions do not fall into any other recognized category. Such worlds are usually hostile and lethal to humanoid life. If life forms develop on these worlds they usually take on many bizarre forms, like living crystal or rock, liquid or gaseous physical states, or incorporeal, dimensional, or energy-based states. Given their work providing names for various offensive security activities in ATT&CK, I wonder if MITRE might consider creating a naming scheme to capture this idea? For example, a "class M" network might be an enterprise organization with endpoints, servers, and infrastructure, of a certain size. Or perhaps M1 might be "small," M2 "medium," and M3 "large," where each is associated with a user count.Perhaps an environment with no network at all, where constituents access cloud-hosted resources, would be a class C network. (I'm not sure "network" is even the right term, if there is no "network" for which the organization is responsible.)With such a scheme in place, we could begin a cybersecurity discussion by asking, "given a class M network, what defensive processes, people, or technology are appropriate," versus "given a class C network, what defensive processes, people, or technology are appropriate."This is only an idea, and I'd be happy if something was already created to address this problem. Comments below are welcome (pending moderation to repel trolls and spammers.) Alternatively, reply to my announcement of this post via @taosecurity on Twitter.Copyright 2003-2018 Richard Bejtlich and TaoSecurity (taosecuri |
| Envoyé | Oui |
| Condensat | given in 2003 2018 @taosecurity about abundance access activities address all already also alternatively animal announcement another any approaches appropriate are asking aspects assets associated astronomical atmosphere att&ck audience based begin being bejtlich below beyond bizarre blogspot can capture carbon category certain class cloud com comments composed concept conditions confronting consider considering constituents contrast copyright could count created creating crystal cybersecurity debate defensive demon designation develop dimensional discussion diverse diversity doubt each earth easy elements endpoints energy enterprise entry: environment environments equipment essential even example exist extensive fall flourishes; following forgotten forms from gaseous geographic given habitable had happy hosted hostile hosting humanoid idea imagine immediately incorporeal industrial information infrastructure itself large lethal life like liquid living made manufacturing many measure measures medium might mitre moderation names naming nature necessary need network networks nitrogen not notion number obvious obviously offensive often only organization other others own oxygen pending people perhaps perhaps an physical place planet planet:class planets plant possess post preconceived present problem processes profound proposed protected providing race real recognized reference referred relative repel reply resources responsible richard right rock said same scheme security sentient servers similar size small some something sort sorts spammers star states such supporting sure surface take taosecurity technology term terms theory these think those thought thought: too trek trolls twitter user usually value various versus water welcome well what when where which wikipedia within wonder work world worlds would www yet zone |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.