ISS introduces security index

Internet Security Systems (ISS) is planning to help users identify the most prevalent and damaging threats to the their systems by detailing them in its X-Force Catastrophic Risk Index (CRI).

  • E-Mail
By  Zoe Moleshead Published  July 2, 2003

Internet Security Systems (ISS) is planning to help users identify the most prevalent and damaging threats to the their systems by introducing its X-Force Catastrophic Risk Index (CRI). The index will list the most serious, high risk vulnerabilities and attacks currently targeting networks.

The CRI, which will be available at ISS’ web site, will be continually updated and is designed to provide enterprises with a best practises strategy for dealing with security threats. Furthermore, the index will enable users to prioritise their network defences to deal with the threats which are most likely to have the greatest impact on their IT infrastructure and company information and integrity.

“Our security intelligence team identifies and tracks 200-300 new vulnerabilities and threats each month, which is an enormous load for companies to keep up with while also focusing on their core business,” says Chris Rouland, vice president of ISS' X-Force.

“Customers have demanded help from ISS to address the most dangerous risks first. Easy-to-use and backed by X-Force intelligence, the CRI is a valuable management and risk reduction tool against which organisations can measure their preparedness for a catastrophic network attack or business system failure,” he adds.

The list will detail attacks against mission critical systems first, followed by vulnerabilities or attacks against primary and general assets. To determine the types of attacks that make the CRI, ISS has outlined a number of criteria. For example, threats must be pervasive to almost all companies across all industries; they must also represent an attack against confidentiality, integrity and availability of critical data or cause catastrophic business system failure. Furthermore, they must be susceptible to virus or worm creations.

ISS is also incorporating the CRI into its Internet Scanner vulnerability detection tool, which will enable the product to automatically identify any critical security problems and provide help and assistance in how to combat and protect against these security threats. Furthermore, the solution will be able to prioritise the patching and security processes using the information from CRI.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code