North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Cost of Worm Attack Protection
While I can't give you a fixed cost, I can confidently say that the value or cost/benefit over time resembled a bathtub curve. It starts high, drops sharply close to zero, then climbs slowly over time as the infection rate dissipates while a fixed mitigation strategy is applied, with diminishing results. For blaster/nachi, we are starting to encounter side effects of the filters put in place, which is slowly incurring support costs as exceptions are made. -- Jamie.Reid, CISSP, [email protected] Senior Security Specialist, Information Protection Centre Corporate Security, MBS 416 327 2324 >>> <[email protected]> 11/13/03 09:35am >>> I was hoping to get some estimates from folks on the costs of defending networks from various worm attacks. It is a pretty wide open question, but if anyone has some rough estimates of what it costs per edge, manpower vs. equipment costs, or any combination thereof it would be of great assistance. We are doing some simulations of attack and defense strategies and looking for some good metrics to plug into a cost benefit model. We'd be happy to share the results if anyone is interested as well. Thanks in advance, sean <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=Content-Type content="text/html; charset=windows-1252"> <META content="MSHTML 6.00.2800.1226" name=GENERATOR></HEAD> <BODY style="MARGIN-TOP: 2px; FONT: 8pt Tahoma; MARGIN-LEFT: 2px"> <DIV><FONT size=1></FONT> </DIV> <DIV><FONT size=1>While I can't give you a fixed cost, I can confidently say that the value or cost/benefit over time resembled </FONT></DIV> <DIV><FONT size=1>a bathtub curve. </FONT><FONT size=1>It starts high, drops sharply close to zero, then climbs slowly over time as the infection </FONT></DIV> <DIV><FONT size=1>rate dissipates </FONT><FONT size=1>while a fixed mitigation strategy is applied, with diminishing results. </FONT></DIV> <DIV><FONT size=1></FONT> </DIV> <DIV><FONT size=1>For blaster/nachi, we are starting to encounter side effects of the filters put in place, which is slowly</FONT></DIV> <DIV><FONT size=1>incurring support costs as exceptions are made. </FONT></DIV> <DIV><BR> </DIV> <DIV> </DIV> <DIV>--<BR>Jamie.Reid, CISSP, <A href="mailto:[email protected]">[email protected]</A><BR>Senior Security Specialist, Information Protection Centre <BR>Corporate Security, MBS <BR>416 327 2324 <BR>>>> <[email protected]> 11/13/03 09:35am >>><BR><BR><BR>I was hoping to get some estimates from folks on the costs of defending networks from various worm attacks. It is a pretty wide open question, but if anyone has some rough estimates of what it costs per edge, manpower vs. equipment costs, or any combination thereof it would be of great assistance. We are doing some simulations of attack and defense strategies and looking for some good metrics to plug into a cost benefit model. We'd be happy to share the results if anyone is interested as well.<BR><BR>Thanks in advance,<BR><BR>sean<BR><BR></DIV></BODY></HTML>
|