IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection of Generic Components
_________________________________________________________________________________________
2.5 Supplementary Security Analysis
As explained in Section 2.2 "Assessment of Protection
Requirements", the standard security measures aimed at
securing baseline protection will normally provide a
reasonable and sufficient level of protection. However, if in
the course of assessing protection requirements it has
transpired that an IT application together with its data has a
high or very high protection requirement, it may be
appropriate to check whether the standard security safeguards
need to be supplemented or replaced by more stringent IT
security safeguards, which will generally also be more expensive. The additional measures which are
appropriate can be determined after the basic IT baseline protection security check has been performed
using a supplementary security analysis.
To limit the amount of effort devoted to a supplementary security analysis to what is strictly
necessary, it may be appropriate to concentrate on the sensitive areas rather than analysing all the IT
assets. For this purpose the areas which possess a high or very high protection requirements or are
classified as sensitive should be extracted from the results of the protection requirements assessment.
These might be as follows:
- IT systems which have a high protection requirement,
- communications links to the outside world,
- communications links over which highly sensitive data is passed,
- communications links which should not be used to transport particular data,
- IT rooms which have a high protection requirement.
A supplementary security analysis is then performed on this subset of the IT assets, comprising only
the sensitive items. Various methods can be used here. These include
- risk analysis,
- penetration testing and
- differential security analysis.
It should be mentioned in advance that the success of the supplementary security analysis depends
critically on the expertise of the project team. It is essential that the team members have in-depth
specialist knowledge in the areas of information technology and IT security, ideally supplemented by
broad background experience. Otherwise there is a danger that significant weaknesses or safeguards
could be overlooked and that the results could convey an unwarranted impression of security. It may
therefore be appropriate to have the supplementary security analysis performed by specialist external
consultants.
Risk analysis
In a risk analysis, an attempt is made to identify the threats to which an IT system is exposed due to
existing security weaknesses. The probability of each of these threats occurring is then estimated and
combined with the protection requirements to rate the existing risks. For any risks which are
unacceptable a set of IT security measures is then selected so as to reduce the probability of
occurrence and/or the extent of the potential damage.
Estimation of probabilities is particularly difficult and prone to error. Usually no statistical information
is available. It is especially difficult to make these estimates for threats which entail wilful action by
_________________________________________________________________________________________
IT-Baseline Protection Manual: Otober 2000
Security analysis IT baseline
protection
IT security concept