Security Ripcord

As I was walking between buildings today I looked up into a sky filled with huge columns of Cumulonimbus clouds. I stopped and watched them for a minute because the sky is much smaller in Dallas and you do not really see this kind of thing if you are not close to the coast. The more I looked the better my depth perception became and I started noticing more features and columns hidden within the normally flat appearance the clouds present at a quick glance. It truly was an inspiring sight and one of the reasons we made the move down here to Corpus Christi.

As I continued on I started thinking about the way more detail came into view once I let my eyes adjust. During Marine Sniper school we were made very familiar with this technique. We learned to use it when looking through foliage and other obstacles to detect and monitor. We called it "burning through" because as you looked through the obstacle and let your eyes adjust to the things in the distance the close obstacles disappeared as if they were not even there. It is actually rather interesting once you get use to it, but it does take some practice to be able to do it properly and quickly. As I started thinking about it even more I realized that although I am no longer crawling through the bushes I am, in fact, still practicing this technique on a daily basis.

When most people look at a situation they generally see the flat picture. They see the Internet as a tool that provides them access to information around the world. It gives them insights and capabilities most of them do not even comprehend. They see the web application and the features that it allows them to utilize. They see their computer system as a storage device for the letters, photographs, games, and more. Even system and network administrators, people with a lot more insight to technology than most users, tend to think about how to keep their environments operational. They have a business to keep moving and delays and outages are serious problems that cost money.

There is nothing wrong with a flat picture. It does have detail. It provides the necessary capabilities to the people who need it. Security professionals, however, do not have this luxury. They must be able to "burn through the technology" to see what is really happening within and beyond the flat picture. Things they should be able to take into consideration when evaluating a situation and making decisions include:

• log and alert analysis;
• network and application protocol evaluation;
• network, application, and operating system deployment;
• policy and procedure development and implementation;
• end-user and administrator training;
• effective change management;
• vulnerability and penetration testing;
• risk assessment;
• patch management;
• customer, administrator, manager, executive, developer, and end-user relationships;
• politics;
• etc.

These examples are not individual in nature. Rather, their combination creates the whole picture. It can be frustrating at first. Technology environments, especially large ones, can be confusing and daunting. The picture is flat when viewed from a high level but with practice and experience security professionals are able to "burn through the technology" and see how each of the bulleted items effects the rest, be it directly or subtly. The good news is that once they learn how to look at the picture in this manner security professionals are able to relate what they see and express their concerns in a more understandable context.

Moving to a new area and entering a new environment sure does change the picture a lot. But with time I am sure that I will be able to begin understanding how all of the pieces fit together. And as I do I will begin to be able to "burn through the technology" and really become a positive impact. Until then I will be content with enjoying the view.

Go forth and do good things,
Cutaway

security, technology, Cutaway Security, Security Ripcord

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported.

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.