Countermeasures

Deploy Assets to Address Threat Profile

• Education: written security policy, 'social engineering' defences, documentation, user training
• Engineering: human, network and system configurations to reduce exposure of high value assets -- build security into the design
• Testing: usability testing, penetration test, IV&V
• Maintenance: bugfixes, new releases, new attacks, network upgrades, integrity checks, usability enhancements,evolution of the Internet

Goals and Tools

• Avoidance: concealment, evasion, misdirection
• Detection and Defence: Network monitoring, traffic analysis/control, logging, hardened software, encryption and authentication, human eyeballs,offline communication, backdoors, trapdoors and sandboxes
• Backup: reliable onsite and offsite backup, verification issues, alternate communication channels
• Contingency Planning: Can you restart from scratch ?

So what do you do if tragedy strikes?