Attacks/Breaches

11/30/2007
05:45 AM
50%
50%

When Projects Cause Security Failures

Some tips on how to balance the day-to-day and big projects in security

3:45 PM -- Prioritizing your security responsibilities can be a challenge when there are many tasks and limited time to complete them. Some of us have such an extreme interest in security that we’d do it day and night if possible, but deadlines, managers, and non-work related priorities like family all influence how we prioritize our tasks.

I'm currently faced with more tasks than usual and have been a bit stuck figuring out what to do first. Someone provided me some guidelines that break it down like this: First focus on prevention and protection, then detection, and finally, everything else. Now that's great advice, but I’m still left juggling operational tasks while trying to make steady progress with my projects.

If you’re a manager, then you know projects need to demonstrate continuous progress, and must be completed on time. That's the de facto mindset for a manager because projects have the most impact on a business’ resources (time and money). But if managers go to the extreme of making projects more important than operational tasks, it can backfire.

Operational tasks are the daily activities that keep an organization running smoothly -- reviewing logs from servers, firewalls, and IDS/IPS, applying the latest security updates, reading security news and mailing lists to find out about the latest threats.

Security managers should understand this and realize that if projects aren’t progressing on schedule, it could be due to an imbalance in operational and project duties. If operational tasks fall to the wayside, a server may go unpatched and end up compromised. Even worse, the compromise could go unnoticed because logs weren’t being reviewed due to time spent on projects that got priority over the day-to-day.

What should you do when you experience such an imbalance? Well, a relationship between a security manager and his or her team requires the same fundamental trait personal relationships need to be successful: communication. Managers should have an open-door policy where their team can come when they feel overwhelmed or are unsure how to prioritize their duties. Security team members must take the initiative to speak honestly with their manager. If communication is a problem, consider finding a new job or new employees.

I’ve been fortunate to be in great working environments with communicative and understanding managers in all of my jobs but one. And that one was enough to show me what I was missing and to know what to look for in my next job. I hope everyone can be so lucky.

Just remember, communication is a two-way street for managers and members of the security team to ensure you're striking the right balance in your workload.

– John H. Sawyer is a security geek on the IT Security Team at the University of Florida. He enjoys taking long war walks on the beach and riding pwnies. When he's not fighting flaming, malware-infested machines or performing autopsies on blitzed boxes, he can usually be found hanging with his family, bouncing a baby on one knee and balancing a laptop on the other. Special to Dark Reading

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Tesla Employee Steals, Sabotages Company Data
Jai Vijayan, Freelance writer,  6/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12697
PUBLISHED: 2018-06-23
A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.
CVE-2018-12698
PUBLISHED: 2018-06-23
demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump.
CVE-2018-12699
PUBLISHED: 2018-06-23
finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.
CVE-2018-12700
PUBLISHED: 2018-06-23
A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.
CVE-2018-11560
PUBLISHED: 2018-06-23
The webService binary on Insteon HD IP Camera White 2864-222 devices has a stack-based Buffer Overflow leading to Control-Flow Hijacking via a crafted usr key, as demonstrated by a long remoteIp parameter to cgi-bin/CGIProxy.fcgi on port 34100.