ABSTRACT
Each organization may rate an exploit diŸerently. Of course, this depends on how dramatic the impact is to its business operations. Overall, the security community does not rate a speci›c exploit unless it has had a dramatic consequence on the Internet. e eŸect of an exploit can be rated by the number of vulnerable systems within the organization, the speed of propagation, or the impact it has on business operations. If an organization has determined that the number of vulnerable systems is high or that a large percentage of its information technology (IT) infrastructure is vulnerable, the damage potential of an exploit can be exponential. If the vulnerable systems cannot be contained, or quarantined, the organization must put manpower in place to patch all the vulnerable systems before the exploit has migrated onto them. e speed of propagation can result in an exploit
causing a lot of damage. If the exploit is through a worm traversing from one vulnerable system to the next, it will be very di®cult for the organization to contain it until all the systems have been patched appropriately. However, if an organization is using an intrusion detection system (IDS) and intrusion prevention system (IPS) in an environment-wide deployment, the chances of detecting and quarantining the worm in a shorter time frame are higher than if it were not. If the impact to normal business operations results in a network outage or if business services are disrupted, the organization may lose revenue because of the exploit and the number of vulnerable systems within the environment. is is the worst outcome an organization can experience. A disruption to business operations can result in a loss of revenue because services, which the organization provides, may not be able to continue until the exploit is contained and the vulnerable systems patched.
