A Risk Strategy for Corporate Business Survival
Deter. Detect. Defend. Document.
By Peter L. Higgins
Lesson 3 of a 4 Part Series
Defend the target from any actions by the attackers tools. Targets may include a person, facility, account, process, data, component, computer, Intranet network or Internet. Actions against the target are intended to produce the unauthorized result. Some action categories are labeled:
The Take Away
In order to understand how to defend your corporate assets, you have to attack them yourself using a continuous combination of tools and tests. Only then will you find out where your single point of failure lies and where the attacker is going to successfully exploit a vulnerability you didn’t know exists.