Mace & Associates
IT Systems Security Engineering and Project Management

San Francisco, California

Current IT systems security efforts are not enough in the face of 21st Century ubiquitous computing with IP on everything & everywhere and increasing threats. Reactionary ad-hoc responses to security threats by placing more and more security appliance and defensive systems are falling behind.

A more systemic approach from an overall view is needed to model defenses in response to the overall environment and actual threat models.

Mace and Associates specializes in consulting and education with a systems management project management and systems engineering methods to help to assure a IT defense posture that matches an organization's specific threat and risk profile.

First, a organization specific system dynamic casual loop diagram is developed, with positive and negative feed backs. This initial mental model is then translated into a computerized dynamic modeling tool, such as Vensim.

Finally, the programmed dynamic model is run, often revealing many unnoticed relationships, tipping, or inflection points, or erratic oscillation trends. With this information, a tailored defense model can be designed, implemented, and adjusted for a more successful defense.


In the example dynamic model run above left, we see, over time, that intrusion detections peak and then decline. Also, the model projects that intrusion will increase. How is this? Perhaps our intrusion sensitivity is configured too restrictive, in order to reduce false positives. We have reduced false positives, but allowed true intrusions to get past our detection functions. With a dynamic model, we can quickly change what-if variables, or balance various trade offs, and then see the model's projection of our overall system configuration's performance and outcomes.


For more information, call 415-999-2049
  or email to