Return-Path: <sentto-279987-3876-1005796075-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Wed, 14 Nov 2001 19:52:07 -0800 (PST) Received: (qmail 5593 invoked by uid 510); 15 Nov 2001 03:49:06 -0000 Received: from n23.groups.yahoo.com (216.115.96.73) by all.net with SMTP; 15 Nov 2001 03:49:06 -0000 X-eGroups-Return: sentto-279987-3876-1005796075-fc=all.net@returns.groups.yahoo.com Received: from [10.1.4.53] by n23.groups.yahoo.com with NNFMP; 15 Nov 2001 03:47:55 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_0_1); 15 Nov 2001 03:47:54 -0000 Received: (qmail 88457 invoked from network); 15 Nov 2001 03:47:54 -0000 Received: from unknown (216.115.97.167) by m9.grp.snv.yahoo.com with QMQP; 15 Nov 2001 03:47:54 -0000 Received: from unknown (HELO red.all.net) (65.0.156.78) by mta1.grp.snv.yahoo.com with SMTP; 15 Nov 2001 03:47:54 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id fAF3mcH23731 for iwar@onelist.com; Wed, 14 Nov 2001 19:48:38 -0800 Message-Id: <200111150348.fAF3mcH23731@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Wed, 14 Nov 2001 19:48:38 -0800 (PST) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:America.under.cyber.attack:.Post.Sept..11,.companies.must.focus.on.'survivability'] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit America under cyber attack: Post Sept. 11, companies must focus on 'survivability' Becca Mader, Business Journal, 11/14/2001 <a href="http://milwaukee.bcentral.com/milwaukee/stories/2001/11/12/focus2.html">http://milwaukee.bcentral.com/milwaukee/stories/2001/11/12/focus2.html> As the World Wide Web continues to develop as a business tool, so does the vulnerability of companies to cyber attacks, as evidenced by a new survey showing that since last year the number of Web attacks has nearly doubled. Nearly 90 percent of organizations have been hit by viruses, worms and other infections, according to a survey conducted by Information Security magazine. "The only secure system is one where the power's off," said David Woodall, chief information officer of CXO Media, Framingham, Mass., which publishes CIO Magazine. Executives also need to think beyond security and focus on survivability, especially in light of Sept. 11, said Larry Rogers, senior member of the technical staff at the CERT Coordination Center, a part of the Software Engineering Institute at Carnegie Mellon University in Pittsburgh that provides Internet security research and information. The primary challenge for chief information officers and information services managers is "having an understanding of what risks they are actually facing," said Andy Reeder, senior manager with the information security practice at the Chicago office of Deloitte & Touche. Understanding such risks can help companies develop an effective survival plan, which involves both business continuity and disaster recovery, said Clint Laskowski, manager of information security and a lead consultant for Divine Inc., a Chicago-based computer consulting firm that has an office in Milwaukee. Business continuity deals with the immediate response of locating employees and determining the necessary steps to start up their computer systems and networks again. Disaster recovery deals with the actual information technology side of storage, backup and network solutions. The new challenge in creating such plans is addressing recent developments such as terrorism on American soil, Laskowski said. "In the past, most business continuity plans didn't even address things such as war or terrorist attacks," he said. "Now almost every magazine devoted to that topic is talking about civil unrest and terrorist activities." RECOGNIZING RISKS It's integral to continuity plans to recognize risks and how they will affect the company. The next step is to identify what kind of information security solutions can be implemented, such as back-up or storage systems, and how companies will respond. Laskowski said many companies do not have updated plans. While information security and continuity plans have always been a priority, most companies don't update them as often as they should, he said. "With business changing as rapidly as it does, you've got to believe these things are fluid," said Mark Miller, managing director at national insurance brokerage Marsh USA Inc.'s Milwaukee office. "Business continuity planning isn't something you put on the shelf and review four years later." Companies such as Divine and PCC's Computer Services Group in Germantown help shore up plans and increase a company's survivability. PCC provides systems integration, storage systems and security hardware and software. But "since Sept. 11, there has been more interest in the big picture," such as developing recovery plans, said Pete Francois, senior systems engineer at PCC. PCC uses a six-step process to develop a continuity plan. Consultants visit the company and examine the business operations and support services to determine the scope of the plan. They then conduct a business impact assessment to determine the company's time-critical business processes. They also help with the development of a recovery plan, the implementation and testing of the plan, and the maintenance and quality control of the procedures. Marsh USA encourages companies to have risk management or continuity plans in place should physical or cyber attacks occur. On Sept. 11, Marsh executives fully understood the importance of having their own plan. Marsh's technology department, which serves as a national resource for Marsh's different offices, was located in the north tower of the World Trade Center. After it was hit, all e-mail and technological capabilities were lost. "Fortunately for us, we listened to what we preached and we were up in 48 hours," said Miller. BACKUP SERVER System information was stored and a backup server was in place at an off-site location. Miller said a business continuance plan is ready for Marsh's Milwaukee operations as well. Associated Banc-Corp in Green Bay has a business continuity plan that allows its computer systems and networks to be in working order anywhere from 24 hours to 10 days, depending on the department, said Don Peters, director of systems and operations. Associated also has random security audits and tests of its systems to make sure they are up to speed. Since the terrorist attacks and since the NIMDA worm affected Web servers by spreading infected e-mail messages in early September, there has been a heightened awareness for recovery plans, and "people are brushing off the dust and making sure they are revising their plans," said Mark Maurer, director of infrastructure planning and operations for Divine Inc. Forming a cross-functional committee to implement a continuity plan is important because additional perspectives help in the development process, said Michael Sarner, e-business practice leader for Marsh in Milwaukee. But some companies might also want to hire an outside firm to make an assessment of procedures because often the "perspective can be skewed because they are too close to the situation," Sarner said. Finding the money for increased security and back-up systems may prove to be challenging because of the economy, but the loss of productivity and nuisance involved -- and the influence of Sept. 11 -- have been enough to give companies "more willingness to spend time and money on security and disaster recovery efforts," Woodall said. To be sure, companies need to continue their vigilance toward possible threats to their networks, both inside and outside their walls, experts agree. Firewalls, intrusion detection networks, anti-virus software and password security systems are being employed to lessen the likelihood that they will suffer from internal attacks, external hackers or malicious codes such as the Melissa virus or the NIMDA worm. "If companies just hope to limp along and do not take care or provide regular maintenance on infrastructure and servers, they will run into problems," said Kevin Kleinmann, practice manager for Internet services at Interactive Business Systems, a Brookfield computer consulting firm. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Universal Inkjet Refill Kit $29.95 Refill any ink cartridge for less! Includes black and color ink. http://us.click.yahoo.com/bAmslD/MkNDAA/ySSFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:59 PST