Linux Security Fundamentals: Estimating the Cost of a Cyber Attack

458

Start exploring Linux Security Fundamentals by downloading the free sample chapter today. DOWNLOAD NOW

Last week, we learned to begin a risk assessment by first evaluating the feasibility of a potential attack and the value of the assets you’re protecting. These are important steps to determining what and how much security will be required for your system.

You must also then weigh these considerations against the potential business impacts of a security compromise with the costs of protecting them.

Costs – How Much?

It is hard to calculate the Return on Investment that managers need in order to make decisions about how to mitigate a risk. How much value does a reputation have?

Estimating the cost of a cyber attack can be difficult, if not impossible. There is little data on how often various industries suffer from different types of intrusions. Until recent laws were passed, companies would often conceal attacks even from law enforcement.

These factors cause difficulties in making rational decisions about how to address the different risks. Security measures may result in the loss of usability, performance, and even functionality. Often, if usability concerns are not addressed in the design of a secure system, users respond by circumventing security mechanisms.

Still, you can get a good idea of the costs associated with a potential loss of business assets, as well as the costs involved in protecting them, to make an informed decision.

Business Impact

The following questions should be evaluated on a regular basis in order to ensure that the security position is optimal for the environment:

• What is the cost of system repair/replacement?

• Will there be lost business due to disruption?

• How much lost productivity will there be for employees?

• Will there be a loss of current customers?

• Will this cause a loss of future customers?

• Are business partners impacted?

• What is your legal liability?

Security Costs

There are many aspects to the costs associated with securing an IT environment. You should consider all of them carefully:

• Software

• Staff

• Training

• Time for implementation

• Impact to customers, users, workers

• Network, Compute, and Storage resources

• Support

• Insurance.

So far in this series, we’ve covered the types of hackers who might try to compromise your Linux system, where attacks might originate, the kinds of attacks to expect, and some of the business tradeoffs to consider around security. The final two parts of this series will cover how to install and use common security tools: tcpdump, wireshark, and nmap.

Stay one step ahead of malicious hackers with The Linux Foundation’s Linux Security Fundamentals course. Download a sample chapter today!

Read the other articles in the series:

Linux Security Threats: The 7 Classes of Attackers

Linux Security Threats: Attack Sources and Types of Attacks

Linux Security Fundamentals Part 3: Risk Assessment / Trade-offs and Business Considerations

Linux Security Fundamentals Part 5: Introduction to tcpdump and wireshark

Linux Security Fundamentals Part 6: Introduction to nmap