Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log
Image courtesy of 401(K) 2012 @ flickr.com

Image courtesy of 401(K) 2012 @ flickr.com

Rules of Irari →

May 19, 2015 by Marc Handelman in All is Information, Information Security

Ira Winkler and Araceli Treu Gomes rebuttal of critics of the Irari Rules. Today's Must Read.

The Eight Irari Rules:

The malware used should have been detected.

The attack exploited vulnerabilities where a patch was available.

Multifactor authentication was not in use on critical servers.

Static passwords were used in attacks on critical servers.

If phishing was involved, there was no awareness program in place that went beyond phishing simulations and computer-based training.

Detection mechanisms that could have stopped the attack in progress were not in place or were ignored.

There was poor network segmentation that allowed the attackers to jump from low-value networks to critical systems.

User accounts that were compromised had excessive privileges.

via Ira Winkler and Araceli Treu Gomes - 'The Irari Rules for Declaring a Cyberattack ‘Sophisticated’ - Computerworld Apr 22, 2015 8:10 AM PT

May 19, 2015 /Marc Handelman
All is Information, Information Security
  • Newer
  • Older