06.30.11
Invasions Are Inevitable
[Cartoon]
Is there an impenetrable wall? Is there a safe that can’t be broken into? Are there security systems that can protect your information assets? No! There are no impenetrable walls, safes that can’t be broken into, or security systems that can’t be breached. Invasions are inevitable.
This means that every security plan should include the predetermined actions to take when the inevitable invasion occurs. Predetermined actions are to minimize the impact of the invasion while at the same time the invader must be confronted head-on. This type of action might be to abandon the invaded area and retreat to a more secured area. Then, use all resources to clean the invaded area.
An example of this type of action can be taken by having multiple servers performing the same function. When one server is invaded, then that server is removed from operation and the server is cleaned. This type of action can be very effective in a virtual server environment. To accomplish this, the actions must be initiated by sensing that an invasion has occurred so the appropriate resources can be focused on the invasion.
In the animal world where the animals live together in social groups to protect themselves, predetermined actions are in place. The apes place sentries around their living area. The sentries are strong, but they are not the biggest of the apes. When a sentry is either attacked or becomes aware of an attack, a signal is given. When the signal goes out, the largest of the apes move to the invading location and meet the perpetrator with maximum force. The apes recognize that invasions will occur and they can’t provide an impenetrable security system. What they can do is focus their resource when an invasion occurs.
This does not mean that there shouldn’t be a significant effort to provide a security boundary to protect information resources. Certainly, the stronger the outer layer, the fewer number of invasions will occur. There should even be multiple layers surrounding each of the key resources with a plan to support abandoning areas under siege.
What is important is to recognize that invasions will occur and the actions to deal with the invasion must be predetermined. The apes do not have a meeting to review the facts before moving their best fighters to the security breach. They take immediate action and minimize their losses.
This is a time when the organization’s Enterprise Architecture can deliver great value. Included in the architecture are risks of losing business processes. These risks include cyber attacks along with others such as flood, fire, wind, and sabotage. Although the risks may be the same, the architecture must include the actions to be taken to minimize the impact of the risk occurring.
Organizations today that operate with a strong security barrier, but do not have a defined Enterprise Architecture, are at risk. Without an understanding of an organization’s dependency upon its internal processes, penetrating cyber attack invasions can result in significant loss. An organization may lose the ability to service its customers or lose its customers whose private information may have been compromised.
Invasions are inevitable. Organizations should prepare by defining the actions needed to respond to an invasion. Even the apes have a plan. The best organizational plan is having an Enterprise Architecture.
The Enterprise Architects can see what is coming and are already preparing. They know that this will be their time. Corporations will be able to completely focus on their business, and automation will be viewed as an agile enabler. Automation will finally become the self-service contributor that the Corporate Office has always wanted it to be. –Enterprise Architects Masters of the Unseen City
Closing the Business / IT gap.
