What I mean is the inconvenience of increased security work the risk? An extreme example is "computers can get infected via the Internet...let's disconnect from the Internet". The risk of one of 500 systems getting malware from the Internet over any six month span is almost 100%, but the loss of business exceeds the most likely losses from being hit by malware.
If a specific attack happens only once per 100,000,000 businesses in a six month span (I have no clue on MITM, Googling "business exploited by man-in-the-middle" only returns how serious it is but I am unable to find actual examples), is it worth worrying about? It's like hearing Diet Coke "it's so bad for you it can kill you instantly", but not having any actual examples to back it up. I'm not saying I don't want to do this, but if management asks how likely it is to get exploited I'd like to give them *something*. From: [email protected] [mailto:[email protected]] On Behalf Of Ken Schaefer Sent: Wednesday, July 31, 2013 4:06 PM To: [email protected] Subject: RE: [NTSysADM] man-in-the-middle attack > In any event, the odds are irrelevant - the issue is the business risk of > intrusion/loss. How can you say that "odds are irrelevant" if the issue is business risk? Risk is "potential for loss", and potential includes a weighting for likelihood (i.e. "the odds")? Can you clarify what you mean? Cheers Ken From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Micheal Espinola Jr Sent: Thursday, 1 August 2013 1:43 AM To: [email protected]<mailto:[email protected]> Subject: Re: [NTSysADM] man-in-the-middle attack Odds would be very difficult to extrapolate with any legitimate accuracy, as you need to know and control the possible environments and habits of your remote employees. In any event, the odds are irrelevant - the issue is the business risk of intrusion/loss. -- Espi On Wed, Jul 31, 2013 at 8:07 AM, David Lum <[email protected]<mailto:[email protected]>> wrote: I need to present management with the odds of this actually getting exploited, as I'd want to force TLS 1.2 for ADFS but that takes Chrome and more importantly Safari (iOS devices) out of the mix, so I suspect management might say "we want compatibility instead of protection from some obscure attack that is unlikely to happen. In short, what are the odds of a MITM attack actually happening between my remote employee and our ADFS server? David Lum Sr. Systems Engineer // NWEATM Office 503.548.5229<tel:503.548.5229> // Cell (voice/text) 503.267.9764<tel:503.267.9764>
