Get a MacBook Air with Online Courses - OFFER EXPIRES DEC. 3!

Intrusion Detection FAQ: Why is intrusion detection required in today’s computing environment?

Intrusion detection is needed in today’s computing environment because it is impossible to keep pace with the current and potential threats and vulnerabilities in our computing systems. The environment is constantly evolving and changing fueled by new technology and the Internet. To make matters worse, threats and vulnerabilities in this environment are also constantly evolving. Intrusion detection products are tools to assist in managing threats and vulnerabilities in this changing environment.

Threats are people or groups who have the potential to compromise your computer system. These may be a curious teenager, a disgruntled employee, or espionage from a rival company or a foreign government. The hacker has become a nemesis to many companies.

Vulnerabilities are weaknesses in the systems. Vulnerabilities can be exploited and used to compromise your system. New vulnerabilities are discovered all of the time. Every new technology, product, or system brings with it a new generation of bugs and unintended conflicts or flaws. Also the possible impacts from exploiting these vulnerabilities is constantly evolving. In a worst-case scenario, an intrusion may cause production downtime, sabotage of critical information, theft of confidential information, cash, or other assets, or even negative public relations that may affect a company’s stock price.

Intrusion detection products are tools that can assist in protecting a company from intrusion by expanding the options available to manage the risk from threats and vulnerabilities. Intrusion detection capabilities can help a company secure its information. The tool could be used to detect an intruder, identify and stop the intruder, support investigations to find out how the intruder got in, and stop the exploit from use by future intruders. The correction should be applied across the enterprise to all similar platforms. Intrusion detection products can become a very powerful tool in the information security practitioner’s tool kit.

Phil Bandy, Michael Money & Karen Worstell
SRI Consulting