Gamification of the BIA Process

Posted on March 26, 2025 by Brent Huston

In an era where information security is more critical than ever, the hunt for innovative solutions to complex challenges is relentless. One such challenge is the Business Impact Analysis (BIA) process, which is pivotal in identifying potential impacts of disruptions on business operations. By incorporating gamification into this process, organizations can transform what is traditionally a dry procedure into an engaging, enlightening experience for employees.

BusinessIllustrated

Understanding the nuances of the BIA process starts with its foundational elements, aimed at assessing the potential impact on a business due to security breaches or other disruptions. When combined with gamification—an approach using game design elements in non-game contexts—information security processes can become more intuitive and motivating. This blend not only facilitates better training but also enhances awareness and responsiveness to security concerns.

This article delves into how gamification can revolutionize the BIA process, making it more interactive and effective. From teaching the CIA Triad through new interactive tools to tackling legal and regulatory obligations with creative problem-solving, we’ll explore how gamified approaches are setting new standards in cybersecurity. With case studies and insights from leaders like MicroSolved, we’ll present a comprehensive guide to enhancing the resilience and security of modern digital infrastructures.

The Basics of Business Impact Analysis (BIA)

A Business Impact Analysis (BIA) is a vital tool for businesses looking to protect themselves during unexpected events. By assessing potential risks, a BIA helps organizations maintain operations, even in emergencies. This process integrates risk management, disaster recovery, and business continuity planning. It prepares businesses to handle disruptions, whether they are natural disasters or cyber attacks. A well-structured BIA identifies how different disruptions might affect critical business functions, helping to minimize impacts. By doing so, it helps businesses stay on track toward their objectives, ensuring a robust business continuity plan is always in place.

Definition and Purpose

A Business Impact Analysis (BIA) is a strategic process designed to forecast the effects of disruptions on critical business processes. Its goal is to ensure business continuity in the face of unexpected incidents. Through a BIA, companies can swiftly recover from events like cyber attacks and power outages. The process involves risk assessments and planning for both business continuity and disaster recovery. By identifying vital processes and resources, a BIA sets the groundwork for a thorough analysis, enabling informed decisions on maintaining operations during challenging times.

Key Components of BIA

In a Business Impact Analysis, understanding potential threats is crucial. BIAs identify these threats and evaluate their impact on business operations. They also assess vulnerabilities in third-party vendors that could affect the business during disruptive events. An important aspect of a BIA is calculating downtime costs. This involves categorizing applications based on their severity levels, which allows for a clear recovery strategy. Furthermore, BIAs are essential in forming business continuity and disaster recovery plans. By pinpointing critical processes and resources, these plans ensure the business can continue core functions during upheavals. Another critical component is determining the maximum tolerable downtime. This concept helps shape recovery time and point objectives, ensuring quick and effective responses to disruptions.

Understanding Gamification in Information Security

In the world of information security, keeping employees engaged is crucial. One innovative way to accomplish this is through gamification. By integrating elements of gaming into training, organizations can enhance user engagement and understanding. This method transforms security policies and training into less burdensome activities. With gamification, employees are not just learning—they’re engaging in a dynamic, interactive way. Through this approach, security teams can maintain a culture of security awareness that is both sustainable and effective.

What is Gamification?

Gamification is a strategy that uses game-like elements in non-game settings. This includes contexts like employee training. The aim is to increase engagement and participation. Key elements often include rewards, points, and leaderboards. By introducing these fun aspects, security awareness programs become more engaging for employees. This approach not only makes learning more entertaining but also encourages better retention. Consequently, good practices are incentivized among employees. As threats and business needs evolve, gamification can adapt. This ensures training programs stay relevant and effective.

Benefits of Gamification in Security Processes

Gamification offers numerous benefits in security processes. It makes learning about security less of a chore and more engaging. Participants find the experience enjoyable, which in turn improves retention. By using gamified elements, organizations stimulate employee interest. This keeps their attention on understanding crucial security policies. Interactive methods such as simulations and role-playing are enhanced through gamification. These methods increase learning effectiveness and retention. Additionally, gamification supports the reinforcement of security practices. This is achieved through activities that captivate user attention using dynamic methods. Moreover, gamified training provides opportunities for recognition and rewards. This approach incentivizes employees to adopt and maintain good security practices, fostering a culture of ongoing awareness and vigilance.

Integrating Gamification into the BIA Process

Integrating gamification into the Business Impact Analysis (BIA) process enhances user engagement by making activities interactive and enjoyable. Gamification can improve the motivation and involvement of individuals taking part in BIA. Incorporating elements of gaming makes the process more appealing and easier to understand. This strategy helps strengthen the identification of critical business processes and resources. By doing so, it enhances the overall continuity strategy. Such engagement allows stakeholders to grasp business continuity and disaster recovery plans better. This ensures they’re more prepared for emergencies. The use of gamification incentivizes active participation and fosters a unified sense of responsibility and readiness among team members.

Enhancing Engagement Through Gamification

Gamification introduces gaming elements into non-game settings to boost engagement. This strategy keeps training sessions lively and effective through interactive approaches like simulations and role-playing. Implementing gamification can also be part of recognition and rewards programs. These programs aim to encourage good practices. Gamification ensures continued awareness by keeping participants interested through interactive methods. Additionally, using gamification in training programs updates learners on new threats, policies, and best practices engagingly.

Teaching the CIA Triad with Interactive Tools

Interactive tools are effective in teaching the CIA triad by aligning with corporate culture and using security awareness campaigns. Gamification methods in these tools can boost engagement by making learning more appealing. The CIA triad has evolved into a hexad, so tools should adapt to these changes. A solid understanding of information security frameworks is key when developing these interactive tools to align with organizational practices. Effective tools should include continual improvement practices, highlighting the need for iterative learning and assessment, ensuring that learners stay informed and adept at handling security tasks.

Bringing ISO 27001:2022 to Life

Effective adaptation to ISO 27001:2022 involves conducting a gap analysis to spotlight areas needing updates or new implementations. Organizations must revise their policies and procedures to reflect the latest updates of ISO 27001:2022. Implementing training programs is crucial for educating staff on new requirements, fostering a culture of security awareness. Tech platforms like ISMS.online help streamline compliance and continuous improvement. Regular communication with stakeholders about updates and changes is key, ensuring alignment and building trust within the organization. Engaging stakeholders through these updates helps institutions maintain a robust framework for security measures.

Identifying and Addressing Key Elements

Business Impact Analysis (BIA) is essential in Information Security, assessing processes, resources, and data assets to understand risks. The SIREN System provides a complete solution for conducting BIAs and risk assessments effectively. A key component of this process is understanding the potential threats and impacts on critical business functions. Social engineering audits help gauge employee security awareness and physical security measures, aligning practices with a culture of security awareness. Regular assessments and communication with key users uncover gaps between theory and reality. Developing continuity and recovery strategies based on BIA findings is vital for mitigating risks and ensuring service continuity. To maintain effectiveness, Business Continuity Plans (BCPs) must undergo regular testing through simulations or drills, pinpointing any weaknesses and ensuring that the plan remains updated.

Legal, Regulatory, and Contractual Obligations

Conducting a BIA helps businesses meet legal, regulatory, and contractual obligations. This is a major part of ISO 22301 standards. By identifying these obligations, companies can avoid regulatory fines and align with compliance requirements. The BIA process enforces controls to address legal gaps. As part of business continuity planning, recognizing these obligations ensures that companies develop a robust business continuity plan. This plan is vital for both internal audits and regulatory requirements.

Recognizing Application Dependencies

A BIA identifies dependencies between applications within an organization. Recognizing these is important. It uncovers risks associated with software as a service (SaaS) that rely on external dependencies. A failure in one application can disrupt others or critical business operations. Conducting a BIA allows businesses to manage these risks, ensuring smoother business operations. By understanding how new applications affect existing ones, organizations can adapt and improve their systems.

Resource Allocation and Prioritization

Defining the scope of an Information Security Management System (ISMS) influences how resources are allocated. This ensures alignment with risk assessment priorities. A comprehensive ISMS process uses tools for risk assessment and policy management, aiding in effective resource allocation. Business Impact Analyses help identify critical business processes, directing resource prioritization based on disruption impacts. By establishing recovery objectives like Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs), companies can ensure resources are allocated to restore critical functions swiftly. A robust Business Continuity Plan demands resource allocation for action plan testing. This ensures readiness during real emergency events, supporting resilient business operations and informed decisions.

Calculating Downtime Costs

Calculating downtime costs is essential in any Business Impact Analysis (BIA). Downtime refers to the period when critical business functions are unavailable. For many businesses, this can lead to significant financial losses. A well-executed BIA examines potential threats and helps prioritize recovery strategies. This supports informed decisions on which areas require immediate attention and resources. By assessing the severity of different applications, companies can identify critical business operations and apply robust business continuity plans.

Methods for Calculating Costs

To calculate downtime costs, various methods are employed. Business Email Compromise (BEC) breaches cost around $50,000 per incident, while the median cost for ransomware is about $46,000. These figures highlight the need for comprehensive risk management. Businesses must consider their unique factors—such as customer base, revenue, and value at risk. Analyzing both maximum potential impacts and minimum likely losses gives a clearer understanding of potential financial risks. Documentation aids in risk management and ensures regulatory compliance, thereby reducing potential costs.

Using Gamification for Accurate Projections

Incorporating gamification into business continuity and risk management strategies can enhance accuracy. Gamification involves applying game-like elements—such as points and rewards—to educational contexts. Doing so increases engagement and retention among employees. This approach can be particularly effective for training security teams. By creating a culture of security awareness, businesses improve their response times to security incidents. Feedback mechanisms like quizzes help evaluate the success of these programs. By using interactive methods, businesses keep their workforce informed and better prepared to handle potential disruptions.

Enhancing Cybersecurity Measures

In today’s digital world, cybersecurity is crucial for protecting vital assets, systems, and data from threats. Implementing strong measures is essential to guard against unauthorized access and damage. An effective cybersecurity plan involves regular monitoring and testing to evaluate current defense strategies. This ongoing assessment helps in adjusting measures to maintain security. Incident response planning is also key. Strategies must be in place to tackle issues like cyberattacks swiftly. Collaboration with external partners, including government agencies and industry groups, enhances these efforts by sharing insights and best practices. Lastly, a thorough risk assessment identifies vulnerabilities within the digital system, aiding in the protection and resilience of infrastructure.

Developing Robust Risk Assessments

Developing comprehensive risk assessments is pivotal to securing digital assets and systems. The first step involves outlining the assessment’s scope, covering all digital elements and processes. Creating an inventory helps document each asset’s location, function, and importance. Identifying threats like natural disasters, cyberattacks, and hardware failures is another critical step. By understanding these potential risks, organizations can better protect their operations.

To enhance resilience, organizations should leverage expertise from industry associations and security consultants. These external resources bring valuable insights to the table. Additionally, it’s essential to keep risk assessment methodologies updated. As technology and business requirements evolve, so do threats and vulnerabilities. Regular reviews ensure that risk management strategies remain current and effective.

Preparing Disaster Recovery Plans

A well-prepared disaster recovery plan is vital for any organization relying on IT systems. Regular testing through simulations, tabletop exercises, or live drills helps identify any gaps. This continuous practice ensures the plan is updated and effective. Disaster recovery plans must be documented with all necessary details. This includes recovery strategies, critical contact information, and communication protocols. Storing this information securely both on and off-site is crucial for quick access during a crisis.

The effectiveness of a disaster recovery plan also depends on diverse perspectives. IT professionals focus on reducing downtime and data loss, while business stakeholders aim to protect customer service and finances. This collaborative approach enhances resilience, allowing timely restoration of critical IT systems and minimizing operational impacts. By incorporating risk assessment and business impact analysis, organizations can better prepare for potential threats and understand their effects on business operations.

Strengthening Digital Operational Resilience

In today’s digital world, protecting business operations against disruptions is essential. Strengthening digital operational resilience means keeping critical business functions running even during crises like cyberattacks, technical failures, or natural disasters. A robust resilience strategy lessens the damage from such incidents and keeps an organization’s reputation intact. Beyond protecting assets, digital resilience builds customer trust, ensuring that services continue smoothly even in tough times. Sharing insights and strategies with other organizations enhances security across the digital environment. Moreover, testing and training are crucial. Regularly evaluating Business Continuity Plans (BCP) and Disaster Recovery Plans (DRP) ensures they work effectively when needed. Such preparation readies organizations to handle emergencies efficiently.

Fortifying Against Potential Threats

Securing an organization against potential threats starts with regular risk assessments. These assessments identify and prioritize risks, setting the stage for effective security strategies. Building a culture of security awareness within an organization is important. Employees need to understand cybersecurity risks and learn best practices. Continuous monitoring plays a crucial role in detecting and managing threats. Organizations often use security operations centers for this purpose. Additionally, strong incident response and recovery plans help minimize damage from breaches, restoring normal operations quickly. Collaboration is also key. Partnering with industry peers and government bodies enhances knowledge-sharing. By pooling resources and threat intelligence, organizations can develop informed action plans and strengthen overall security frameworks.

Quantifying Human Risks with Gamification

Gamification is changing the way businesses approach security awareness. By integrating game elements into training, organizations make learning about security policies engaging. This approach transforms what can be a mundane process into an exciting one, increasing employee participation. Gamification keeps employees interested and boosts retention of security protocols. These interactive experiences are not just fun, they are effective. Studies show that gamified training leads to higher engagement and voluntary participation in security initiatives. Employees are more likely to remember and follow security measures when the learning process is enjoyable. By using games, organizations transform their culture of security awareness, making employees active participants in safeguarding the business.

Case Studies and Success Stories

Incorporating gamification into business processes has shown remarkable results across different industries. Hyundai transformed its innovation program, reducing rework by 57% with the SoftExpert Suite platform. Similarly, Raízen achieved impressive financial gains, projecting earnings of R$60 million with their ideas program using the same platform. In the realm of cybersecurity, SoSafe’s Human Risk Management platform uses gamified e-learning to boost engagement and instill better security practices. These success stories demonstrate how gamification can lead to tangible benefits like process efficiency, financial gains, and improved security awareness.

Leading Organizations Implementing Gamified BIA

Leading organizations are increasingly adopting gamified Business Impact Analysis (BIA) methods to handle complex datasets and ensure proper project scoping. Engaging senior management and stakeholders from the start enhances the effectiveness of a gamified BIA process. This involvement is crucial to set accurate recovery time objectives, aligning with the broader Business Continuity Plan (BCP). Through gamified strategies, businesses can develop robust continuity and recovery plans that support uninterrupted operations during disruptions. The process also encourages workforce participation, making the analysis more thorough and leading to better-informed decisions and a stronger culture of security awareness.

Measurable Outcomes and Benefits

Employing gamification in security training boosts employee engagement and retention by making learning both fun and educational. Regular assessments, such as quizzes and surveys, can pinpoint areas needing improvement, ensuring programs remain effective. Practical surveys and questionnaires can measure users’ security awareness levels by evaluating both theoretical understanding and real-life practices. By tracking participation rates, organizations can maintain high engagement levels, which is vital for robust information security. Recognition and rewards programs further incentivize employees to adhere to security policies, reinforcing desired behaviors and enhancing overall security frameworks.

Get More Info and Help from MicroSolved

MicroSolved offers expert guidance on improving your business’s security posture. They focus on helping organizations understand and manage potential security risks. Their team of security professionals aids in developing a culture of security awareness within companies.

Key Services Offered:

Security Incident Handling: Fast and effective response to security incidents to minimize impact.
Business Continuity Planning: Create robust business continuity plans to ensure critical business operations continue during disruptions.
Risk Management: Identify and manage potential threats to secure business objectives.

Benefits of Choosing MicroSolved:

Informed Decisions: Provide data-driven insights to make informed decisions about security strategies.
Regulatory Compliance: Ensure that security policies meet regulatory requirements through thorough internal audits.
Tailored Action Plans: Develop custom action plans to address specific business needs.

Service	Benefit
Security Incident Handling	Minimizes impact through prompt response times
Business Continuity Planning	Supports critical business functions during disruptions
Risk Management	Identifies potential risks for proactive management

MicroSolved empowers businesses to adopt robust security frameworks, ensuring comprehensive protection against potential impacts. For more detailed guidance, reach out to MicroSolved to enhance your business’s security operations.

* AI tools were used as a research assistant for this content.

High-Level Project Plan for CIS CSC Implementation

Posted on July 6, 2023 by Brent Huston

Overview:

Implementing the controls and safeguards outlined in the Center for Internet Security (CIS) Critical Security Controls (CSC) Version 8 is crucial for organizations to establish a robust cybersecurity framework. This article provides a concise project plan for implementing these controls, briefly describing the processes and steps involved.

Plan:

1. Establish a Governance Structure:

– Define roles and responsibilities for key stakeholders.

– Develop a governance framework for the implementation project.

– Create a project charter to outline the project’s scope, objectives, and timelines.

2. Conduct a Baseline Assessment:

– Perform a comprehensive assessment of the organization’s existing security posture.

– Identify gaps between the current state and the requirements of CIS CSC Version 8.

– Prioritize the controls that need immediate attention based on the assessment results.

3. Develop an Implementation Roadmap:

– Define a clear timeline for implementing each control, based on priority.

– Identify the necessary resources, including personnel, tools, and technologies.

– Establish milestones for monitoring progress throughout the implementation process.

4. Implement CIS CSC Version 8 Controls:

– Establish secure configurations for all systems and applications.

– Enable continuous vulnerability management and patching processes.

– Deploy strong access controls, including multi-factor authentication and privilege management.

5. Implement Continuous Monitoring and Incident Response:

– Establish a comprehensive incident response plan.

– Deploy intrusion detection and prevention systems.

– Develop a continuous monitoring program to identify and respond to security events.

6. Engage in Security Awareness Training:

– Train employees on security best practices, including email and social engineering awareness.

– Conduct periodic security awareness campaigns to reinforce good cybersecurity hygiene.

– Provide resources for reporting suspicious activities and encouraging a culture of security.

Summary:

Implementing the controls and safeguards outlined in CIS CSC Version 8 requires careful planning and execution. By establishing a governance structure, conducting a baseline assessment, developing an implementation roadmap, implementing the controls, continuous monitoring, and engaging in security awareness training, organizations can strengthen their security posture and mitigate cyber threats effectively. This concise project plan is a starting point for information security practitioners seeking a robust cybersecurity framework.

If you need assistance, get in touch. MSI is always happy to help folks with CIS CSC assessments, control design, or other advisory services.

*This article was written with the help of AI tools and Grammarly.

Operation Hardened Buckeye

Posted on May 15, 2015 by Brent Huston

MSI is pleased to announce the immediate formation and availability of Operation Hardened Buckeye!

This special program is dedicated to assisting Ohio’s Rural Electrical Cooperatives.

MSI will set up aggregated groups of Electrical Cooperatives and perform services and offer tools to the groups en-masse at discounted rates, as if they were one large company. Essentially, this allows the co-ops to leverage group buying, while still receiving individual reports, software licenses and overall group-level intelligence & metrics.

MSI will offer a package consisting of the following:

External Vulnerability Assessment with aggregated executive level reports/metrics & individual technical detail reports
An aggregated Targeted Threat Intelligence engagement with individual notifications of critical findings and an aggregated intelligence report for the group
3 HoneyPoint Agent licenses and a console license per co-op that participates
Deep discounts to individual co-ops who desire application assessment, internal vulnerability assessments, wireless assessments or other MSI professional services (including MSI::Vigilance & ICS Network Segregation Services)
Deep discounts for ongoing assessments and targeted threat intelligence as a service

Caveats: All assessments will be performed at the same time. Co-ops must each sign onto a common MSA. Each co-op will be billed for the total of the package divided by the number of participating co-ops. Co-ops must provide accurate IP address ranges for their external assessment.

This enables the co-ops to have a security baseline of their security posture performed, including aligning their current status against that of their peers. It also allows for each of the co-ops to deploy a HoneyPoint Agent in their DMZ, business network and control network for detection capabilities. The targeted threat intelligence will provide them with an overall threat assessment, as well as identifying individual targets that have either already been attacked or are likely to provide easy/attention raising targets for future attacks.

We will be holding a webinar for those interested in participating on Thursday, May 21, 2015. You can register for this event here. You can also download the flyer about the program here.

For more information, please contact Allan Bergen via the email below or call (513) 300-0194 today!

Email: sales@microsolved.com

MSI Risk Assessments and Policy/Process Reviews

Posted on October 9, 2014 by Brent Huston

MSI still has a few engagement slots open for Enterprise or Application-focused Risk Assessments for the 4th quarter. Avoid the end of the year rush, and give Allan Bergen (513-300-0194, abergen (at) microsolved<dot>com) a call today to discuss booking risk engagements with the team before the end of the year. We have some special incentives for clients who book these engagement slots, so touch base with Allan to hear about them.

Our team has had a wonderfully successful year doing application focused risk assessments. We can tear into the policy/processes and exposures of systems like accounting, CRM, EDI processing and/or industrial control. These assessments can be performed with or without technical components such as vulnerability assessment and penetration testing.

If you would like to close the year with a close look at one of your specific systems or critical processes, give Allan and a call and arrange for a scoping discussion with our risk team. As always, thanks for reading, and we appreciate you choosing MSI as your security partner!

Quick Poll on Social Media and Compliance

Posted on June 26, 2014 by Brent Huston

Our team is putting together some blog posts and other content on social media policies and compliance. Can you please help us with our research work by spending just 3 minutes to complete the following quick 3 question poll?

You can find the poll here.

Thanks, in advance, for your insights. We will be publishing the results of the poll, along with our other content in the coming weeks. Thanks again for your kindness!

MSI Contributes to Criminal Underground Report

Posted on March 25, 2014 by Brent Huston

MSI is proud to announce that a Rand report that we contributed to is now available. The report details the underground economy and provides insights into the operation, intelligence and flow of the underground markets.

You can download a free copy of the report here.

We are happy to support research projects such as these and they represent yet another way that MSI fulfills our promise to give back to the security community. If you have questions about this project or about our other contributions, please reach out to me on Twitter (@lbhuston).

Operation Lockdown Update ~ Xojo Web App Security

Posted on September 23, 2013 by Brent Huston

Just a quick note today to bring you up to date on Operation Lockdown. As many of you may know, MSI began working with Xojo, Inc. a year or so ago, focusing on increasing the security of the web applications coded in the language and produced by their compiler. As such, we gave a talk last year at XDC in Orlando about the project and progress we had made.

Today, I wanted to mention that we have again begun working on OpLockdown, and we remain focused on the stand-alone web applications generated by Xojo.

Last week, Xojo released Xojo 2014R3 which contains a great many fixes from the project and our work.

The stand-alone web apps now use industry standard HTTP headers (this was true for the last couple of releases) and have the ability to do connection logging that will meet the compliance requirements for most regulatory guidelines.

Additionally, several denial-of-service conditions and non-RFC standard behaviors have been fixed since the project began.

My team will begin doing regression testing of the security issues we previously identified and will continue to seek out new vulnerabilities and other misbehaviors in the framework. We would like to extend our thanks to the folks at BKeeney Software who have been helping with the project, and to Xojo for their attention to the security issues, particularly to Greg O’Lone, who has been our attentive liaison and tech support. Together, we are focused on bringing you a better, safer and more powerful web application development platform so that you can keep making the killer apps of your dreams!

InfoSec, The World & YOU Episode 2

Posted on June 6, 2013 by Brent Huston

Once again, Victoria Lowengart (@gisobiz) and I team up to discuss events in the real world and how they impact cyber threats. This time around we talk North Korea, Anonymous and touch on Industrial Control Systems. We also give a quick preview of Op Petrol. Check it out here:

Grab the MP3.

Thanks for listening and until next time, stay safe out there!

HoneyPoint Used to Confirm Skype URL Indexing

Posted on May 29, 2013 by Brent Huston

Last week, several sources were talking about the indexing of URLs that happen inside supposedly secure and private Skype sessions. There was a bit of press about it and we thought it would be fun to test it out and easy to do with HoneyPoint Personal Edition. Here’s how we did it:

First, we stood up a HoneyPoint Personal Edition and dilated port 80 with a web listener. We configured it to look like a default under construction page on an IIS box. We then exposed it to the Internet.
In order to cut down on noise from scanning while we were testing, we decided we would use a target page in our test URL of vixennixie.htm, since scanners aren’t generally looking for that page, if we get scanned while we are testing, it won’t interfere with our data gathering and analysis.
Next, we created a Skype chat between to members of the team and made sure each of us was configured for full security.
Once this was confirmed, we passed the URL: http://target_ip/vixennixe.htm between us. The time was 1:13pm Eastern.
Then, we waited.
Lo and behold, we got this nearly 12 hours later:

2013-05-22 01:09:45 – HoneyPoint received a probe from 65.52.100.214 on port 80 Input: HEAD /vixennixie.htm HTTP/1.1 Host: target_ip Connection: Keep-Alive

A whois of 65.52.100.214 shows:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

#
# Query terms are ambiguous. The query is assumed to be:
# “n 65.52.100.214”
#
# Use “?” to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=65.52.100.214?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 65.52.0.0 – 65.55.255.255
CIDR: 65.52.0.0/14
OriginAS:
NetName: MICROSOFT-1BLK
NetHandle: NET-65-52-0-0-1
Parent: NET-65-0-0-0-0
NetType: Direct Assignment
RegDate: 2001-02-14
Updated: 2012-03-20
Ref: http://whois.arin.net/rest/net/NET-65-52-0-0-1

OrgName: Microsoft Corp
OrgId: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US
RegDate: 1998-07-10
Updated: 2011-04-26
Ref: http://whois.arin.net/rest/org/MSFT

OrgNOCHandle: ZM23-ARIN
OrgNOCName: Microsoft Corporation
OrgNOCPhone: +1-425-882-8080
OrgNOCEmail: noc@microsoft.com
OrgNOCRef: http://whois.arin.net/rest/poc/ZM23-ARIN

OrgTechHandle: MSFTP-ARIN
OrgTechName: MSFT-POC
OrgTechPhone: +1-425-882-8080
OrgTechEmail: iprrms@microsoft.com
OrgTechRef: http://whois.arin.net/rest/poc/MSFTP-ARIN

OrgAbuseHandle: HOTMA-ARIN
OrgAbuseName: Hotmail Abuse
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@hotmail.com
OrgAbuseRef: http://whois.arin.net/rest/poc/HOTMA-ARIN

OrgAbuseHandle: ABUSE231-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@hotmail.com
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE231-ARIN

OrgAbuseHandle: MSNAB-ARIN
OrgAbuseName: MSN ABUSE
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@msn.com
OrgAbuseRef: http://whois.arin.net/rest/poc/MSNAB-ARIN

RTechHandle: ZM23-ARIN
RTechName: Microsoft Corporation
RTechPhone: +1-425-882-8080
RTechEmail: noc@microsoft.com
RTechRef: http://whois.arin.net/rest/poc/ZM23-ARIN

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

I’ll leave it to the reader to decide what they think about the data. You can draw your own conclusions. We just appreciated yet another use for HoneyPoint and a quick and dirty project to play with. Thanks for reading!

SDIM Project Update

Posted on April 17, 2013 by Brent Huston

Just a quick update on the Stolen Data Impact Model (SDIM) Project for today.

We are prepping to do the first beta unveiling of the project at the local ISSA chapter. It looks like that might be the June meeting, but we are still finalizing dates. Stay tuned for more on this one so you can get your first glimpse of the work as it is unveiled. We also submitted a talk at the ISSA International meeting for the year, later in the summer on the SDIM. We’ll let you know if we get accepted for presenting the project in Nashville.

The work is progressing. We have created several of the curve models now and are beginning to put them out to the beta group for review. This step continues for the next couple of weeks and we will be incorporating the feedback into the models and then releasing them publicly.

Work on phase 2 – that is the framework of questions designed to aid in the scoring of the impacts to generate the curve models has begun. This week, the proof of concept framework is being developed and then that will flow to the alpha group to build upon. Later, the same beta group will get to review and add commentary to the framework prior to its initial release to the public.

Generally speaking, the work on the project is going along as expected. We will have something to show you and a presentation to discuss the outcomes of the project shortly. Thanks to those who volunteered to work on the project and to review the framework. We appreciate your help, and thanks to those who have been asking about the project – your interest is what has kept us going and working on this problem.

As always, thanks for reading, and until next time – stay safe out there!