Jay C. "Jazzy J" Theriot
  • Home
  • Weather Obsession
  • Soldier On

Jay's Cafe' Community

RSS Weather.JayCTheriot.Com

  • Aug. 12, 2022 – Coastal Weather Action August 12, 2022
  • Atlantic Threats – Aug. 11, 2022 August 11, 2022
  • August 9, 2022 August 9, 2022

RSS Retro Computing

  • Ultima II: Exodus — Getting back in to my groove. May 26, 2022
  • Getting back to Retro April 18, 2021
  • A Deplorable Debate: A Sign of the Death of Democracy? October 1, 2020
Join me on the social media below or find me as Jazzy_J on IRC host libera.chat

Security Eval Process

The basis for my thoughts about information security lies in a 5-step process I learned years ago:

  1. Identification of Threat
  2. Identification of Vulnerabilities
  3. Counter-measure development
  4. Counter-measure implementation
  5. Assessment of counter-measure’s effectiveness.

When you get to step 5, you loop and do it again, always staying on alert.

1.  Identification of Threat:  This is where you ask what is out there.  You want to know what the bad guys are trying to do.   For example, it is a commonly held principle that certain operating systems are more targeted than others.  In this area, you are not concerned with “oh I use this system, so I’m ok?”  Here, you are asking simply, what are they (the bad guys) doing?

2.  Identification of Vulnerabilities:  All systems are vulnerable.  Here, security holes are matched up with threats.  If there is a match, then a counter-measure needs to be developed.  No match, no problem.

3.  Development of counter-measures:  CM development can be the most challenging stage for some people.  A realistic and implementable plan needs to be developed that addresses the identified threat/vulnerability combination.

4.  Implementation of counter-measures.  Once the CMs are mapped out, put them in place.

5.  Assessment of CM effectiveness.  Did the actions do what they were intended to do?

Then the process is started again.

 

 

RSS Tropical Weather Outlooks

  • NHC Eastern North Pacific Outlook August 15, 2022
  • CPHC Central North Pacific Outlook August 15, 2022
  • NHC Atlantic Outlook August 14, 2022

RSS Krebs on Security

  • Sounding the Alarm on Emergency Alert System Flaws August 12, 2022
  • It Might Be Our Data, But It’s Not Our Breach August 11, 2022
  • The Security Pros and Cons of Using Email Aliases August 10, 2022
  • Microsoft Patch Tuesday, August 2022 Edition August 9, 2022
  • Class Action Targets Experian Over Account Security August 6, 2022

RSS Antionline Forums – Maximum Security for a Connected World – Security News

  • An error has occurred, which probably means the feed is down. Try again later.

RSS Dark Reading

  • Patch Madness: Vendor Bug Advisories Are Broken, So Broken August 12, 2022
  • Software Supply Chain Chalks Up a Security Win With New Crypto Effort August 12, 2022
  • Novel Ransomware Comes to the Sophisticated SOVA Android Banking Trojan August 12, 2022

Archives

Categories

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org
Powered by WordPress | theme Layout Builder