Rakesh Kalidindi
Network Security
MISM 670
Periodical Review
How Secure Is Your Network? New Program Points out Vulnerabilities, Calculates Risk of Attack
This article is about calculating risk to secure the computer networks. National Institute of Standards and Technology (NIST) are applying security metrics to network pathways to calculate the probable risk of attack to guide IT managers in securing their networks.
IT managers are not only responsible for securing their confidential data but also their client’s data like Social Security Numbers or health records.
The Computer networks components vary from individual computers, to servers, hubs, switches and routers. Anoop Singhal says that" We analyze all of the paths that system attackers could penetrate through a network, and assign a risk to each component of the system. Decision makers can use our assigned probabilities to make wise decisions and investments to safeguard their network." (National Institute of Standards and Technology, 2008, July 29)
Once breached into a network firewall, a hacker may travel through the network through a variety of routes to hack the valuable data. In addition to hardware, the hacker can break in through software on the computers, especially through file-sharing applications.
NIST researchers evaluate each route and assign a risk using a technique called attack graphs. NIST's National Vulnerability Database is a repository that includes a collection of security-related software weaknesses that hackers can exploit. For each path in the graph, the NIST researchers assign an attack probability based on the score in the NVD database.
My opinion on this article is positive as it clearly explains how the risk is evaluated calculated using the sources like attack graphs and National Vulnerability Database.
Source Citation:
National Institute of Standards and Technology (2008, July 29). How Secure Is Your Network? New Program Points Out Vulnerabilities, Calculates Risk Of Attack. ScienceDaily. Retrieved October 7, 2008, from http://www.sciencedaily.com /releases/2008/07/080723144710.htm
