Home page logo

nanog logo nanog mailing list archives

Re: The Backhoe: A Real Cyberthreat? [ & Re: cyber-redundancy ]
From: sgorman1 () gmu edu
Date: Fri, 20 Jan 2006 18:11:47 -0500

The difference being the financial system can use the knowledge to make themselves more resilient.

How does the bank customer use the information you listed to make themselves more resilient?

Further, the banks are a fairly trusted and well regulated group.

There are a good number of bank customers that are not good guys.

Is there a fear the banks will use provider information for malicious ends?

Is that the reason the providers will not give the information?

Could it be they do not want customers to know most of their SONET rings are collapsed?

----- Original Message -----
From: Sean Donelan <sean () donelan com>
Date: Friday, January 20, 2006 4:44 pm
Subject: Re: The Backhoe: A Real Cyberthreat? [ &   Re: cyber-redundancy ]

On Fri, 20 Jan 2006, Frank Coluccio wrote:
To answer Sean Donelan's question, yes, enterprise customers 
and/or their agents
_do _need to have specific information on the routes in which 
their leased
facilities (and even dark fiber builds) are placed, ephemeral as 
those data might
be at times due to SP outside plant churn. They need this data 
in order to ensure
that they're not only getting the diversity/redundancy/separacy 
that they're
paying for, but because of the more fundamental reason being 
that it is the only
way they have to provide maximal assurances to stakeholders of 
the organization's

Is the same thing also true for customers of financial 
institutions?  Why
are financial institutions so reluctant to give details about the
locations of their data centers, processing offices, money transport
routes and security procedures to their customers?  Don't 
customers of
financial institutions have the same concerns about the survivability
of the financial institutions as the financial institutions have about
their suppliers?

Doesn't this just turn into Y2K all over again with every organization
demanding guarantees and copies of data from every other organization?

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]