This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
From Ancient Fortress to Modern Cyberdefense
May/June 2009 (vol. 11 no. 3)
pp. 22-29
Simon Liu, US National Library of Medicine, National Institutes of Health
Jerry Ormaner, US Department of Justice
Establishing an effective enterprise cyberdefense mechanism is conceptually similar to building a fortress city in ancient times. The authors describe the parallels by comparing observation towers, fortified walls, gates, alarms, guards, and cyberdefense.

1. M. Nicolett, "Key Issues for Threat and Vulnerability Management," Gartner Research, 2007; www.gartner.comDisplayDocument?ref=g_search&id=912623&subref=simplesearch .
2. S. Liu, L. Holt, and B. Cheng, "A Practical Vulnerability Assessment Program," IT Professional, vol. 9, no. 6, 2007, pp. 36–42.
3. R.J. Witty et al., "Information Security Awareness Training Is Essential to Protect IT Assets," Gartner Research, Jan. 2005; www.gartner.comDisplayDocument?doc_cd=124778 .
4. B.E. Burke et al., "Worldwide IT Security Software, Hardware, and Services 2007–2011 Forecast: The Big Picture," IDC, Dec. 2007; www.idc.comgetdoc.jsp?containerId=210018 .
5. "Glossary of Terms Used in Security and Intrusion Detection," SANS Inst., www.sans.org/resourcesglossary.php?portal=d652d4163c6872704926e8c88d07f150.com .
6. "Intrusion Detection FAQ: What Is Intrusion Detection?" SANS Inst., Feb. 2008; www.sans.org/resources/idfaqwhat_is_id2.php?portal=bb9cf739eb2f9c19ad099f1bd2fd83d3 .
7. A.T. Williams, G. Young, and J. Heiser, "Essential Incident Response Activities during the First 24 Hours," Gartner Research, Jan. 2006; www.gartner.comDisplayDocument?doc_cd=136485 .
8. M. Pokladnik, "An Incident Handling Process for Small and Medium Businesses," SANS Inst., 2007; www.sans.org/reading_room/whitepapers/incident 1791.php.
9. P. Bowen, J. Hash, and M. Wilson, Information Security Handbook: A Guide for Managers, NIST special publication 800-100, US Nat'l Inst. Standards and Tech., Oct. 2006; http://csrc.nist.gov/publicationsPubsSPs.html .
10. J.D. Howard and T.A. Longstaff, A Common Language for Computer Security Incidents, tech. report SAND98-8667, CERT, Oct. 1998; www.cert.org/researchtaxonomy_988667.pdf .

Index Terms:
IT professional, cybersecurity, cyberdefense, firewalls, antivirus, antispam, incident response, intrusion detection, vulnerability management, identify management
Citation:
Simon Liu, Jerry Ormaner, "From Ancient Fortress to Modern Cyberdefense," IT Professional, vol. 11, no. 3, pp. 22-29, May-June 2009, doi:10.1109/MITP.2009.48
Usage of this product signifies your acceptance of the Terms of Use.