Do Firewalls and IDS Create a False Sense of Internal Security?

In an effort to boost sales and generate revenue, one U.S. multinational energy company recently embraced the Internet to bolster external communication and internal collaboration. In addition to creating a corporate web site, the firm deployed hundreds of intranet applications for procurement, expense reporting and other processes. Numerous departments and branch offices worldwide also set up specialized web sites for partners, customers and even project management.

Though the company has achieved its strategic goals for the web, by leveraging valuable communication and management tools that lower costs and streamline processes, it has, unwittingly, set itself up for malicious intrusion. The decentralized and ad hoc intranet application deployment has created a fragmented, multi-platform mosaic that raises important security questions (see boxout below).

Clearly for internal or external web applications, security is the biggest concern today. The dramatic number of attacks is expected by CERT to double again this year to almost 100,000. It is estimated by Gartner Group that as many as 70 to 80 percent of these attacks are coming in through ports 80 and 443, commonly used by web applications. Such attacks can be costly and detrimental to corporate credibility. Privileged customer, financial and operational information or valuable intellectual property can be damaged or stolen during the average hacker intrusion of 15 minutes or less. The average loss is more than $2 million among those willing to quantify losses, according to an FBI/CSI survey. Downtime alone can potentially cost tens of thousands of dollars per minute. "There is much more illegal and unauthorized activity going on in cyberspace than corporations admit to their clients, stockholders and business partners or report to law enforcement. Incidents are widespread, costly and commonplace," the survey concluded.

The link for this article located at SCMagazine is no longer available.