In some instances, as in Level II or III attacks, they have the potential to be catastrophic. Bearing this in mind, I will now restate what I discussed in the executive meeting regarding the three generation of IA technologies but shall better clarify their relevancy to our company.
The first generation of IA technologies is exclusively focused upon the prevention of intrusion. As may be deduced from Liu, Yu and Jing's (2005) definition and analysis of the first generation of IA Technologies, it is imperative that any corporate entity, not just ours, have such a system in place. It involves the implementation of multiple levels of data securitization, seeking to protect information from both unauthorized physical and network access and attack. It is, thus, that our data is encrypted, for example. Encryption functions to maximize the security of data by rendering the deciphering of data retrieved through unauthorized access, difficult.
The second generation of IA technologies is founded upon an acknowledgement of the fact that the first generation of IA technologies cannot preve...
The IT department was effectively able to identify the intrusion attempts and to offset them precisely because the company has second generation IA technologies in place, whether firewalls or intrusion detectors.
As you may recall from our meeting, I did not spend too much time discussing the first and second generations outlined in the above but focused on the importance, indeed, imperatives, of implementing third generation IA technologies. Even while conceding to the fact that the implementation of such a system of technologies is expensive, I would argue that not doing so can prove even more costly. To clarify this, I will define and discuss third generation IA technologies in specific relation to our company.
The third generation of IA technologies withstands categorization into two groups, as Liu, Yu and Jing (2005) explain. These are intrusion making and defense in depth. Within the context of the first, the primary aim is to maximize the survivability of a system, even when it has been subjected to attack. It necessitates the redesigning of our current system around the following principles:
"(a) redundancy and replication, (b) diversity, (c) randomization, (d) fragmentation and threshold cryptography and (e) increased layers of indirection" (Liu, Yu, and Jing, 2005, p. 112).
This system will maximize, not only the company's ability to prevent and detect intrusions but, of greater importance, it will protect our data, hence the company, if violated.
The second category of third generation IA technologies I mentioned at the meeting is defense in depth. It would involve our implementing technologies as "(a) boundary controllers, such as firewalls and access control, (b) intrusion detection and (c)