Operations

10/23/2018
10:30 AM
Joshua Goldfarb
Joshua Goldfarb
Commentary
Connect Directly
Twitter
RSS
E-Mail vvv
50%
50%

Good Times in Security Come When You Least Expect Them

Not every cybersecurity endeavor can have a huge impact. But a small percentage of your efforts can still produce results that blow you away.

Writing can be a funny thing. Sometimes you spend days working on and struggling with a piece. Other times, a piece comes to you in a flash of inspiration in the span of just an hour or two.  How much a piece interests or speaks to your readers seems to have little to no correlation with how long you spend on it.

What does this have to do with security? Sometimes you spend lots of time and money on a given effort. But the benefits you get and the good that comes of it may be what you least expected. Or, to put it another way, a given effort may result in dozens of effects that may seem irrelevant or of no value to you. And yet, there may just be that one effect that makes the whole effort worthwhile. 

In security, we have many different initiatives going at any one time. Some may require more effort, while others less effort. Yet, as we progress with our efforts, we are sometimes surprised to learn that each initiative affects security posture differently. Often, an initiative's impact has little to no correlation to the amount of resources it requires.

How can organizations find that diamond in the rough and take advantage of the occasional gems that make an effort worthwhile? It is in this spirit that I present five ways to be prepared for good things to happen when you least expect them.

  1. Exit the Tunnel: We all get tunnel vision from time to time. But when we get overly focused on a given philosophy, a given approach, a given set of tasks, or a given work program, we often miss all the good going on outside of the tunnel we put ourselves inside. Being open to something happening in our periphery can help us find new and creative ways to solve problems and see the good that might otherwise pass us by — like that next great way to improve our security posture.
  2. Welcome Input: Don't just welcome input — actively solicit it. Is it possible that you'll hear a bunch of bad ideas that you can't possibly consider for one reason or another? Of course. But what about that one gem of an idea that you'll hear that may solve a difficult problem you've been wrestling with for quite some time? When you least expect it, you just might hear something that will pleasantly surprise you with its cleverness. But if you don't welcome and solicit input, you'll remain unprepared to receive the good that may come from the thoughts and input of others.
  3. Open Your Eyes: Some of us tend to "close our eyes" in a professional sense from time to time. It pays to open our eyes, be aware of our surroundings, and take a look around as often as we can. Perhaps you will notice something you wouldn't have noticed otherwise. Sometimes, there are good things happening just beyond our field of vision. And, more often than not, we are the ones limiting the extent to which we can see what's out there. Broadening our perspective allows us to notice and leverage the good that may be going on just outside of where we're accustomed to looking. 
  4. Open Your Mind: How many times in our lives do we hear something without truly parsing, understanding, and internalizing it? Similarly, how often do we encounter or notice something without truly seeing it for the good it brings and the value it adds? For most of us, these scenarios likely happen quite frequently. It helps to look at things with a different spin sometimes to try and reframe them and see the positive effects. To look for the good. Doing so allows us to navigate events differently. It causes us to be aware that when we look upon something differently, we may see it from an entirely different perspective in order to leverage it for good, even if how to do so wasn't initially obvious to us.
  5. Take a Long Drive for a Short Concert: I once drove three hours each way for an hour-long concert. The entire seven-hour trip was worth it just for that one hour of enjoyment. Why am I telling you this story? The overwhelming majority of your efforts may produce nothing at all of value, and that's OK. Not every security endeavor can have a huge impact, or even end in success. But a small percentage of your efforts may produce results that blow you away — and that is what is most important. It's important to look upon your security endeavors as an investment. The security organization that continues to make wise investments will continue to reap positive results from those investments. Its security posture will improve. Conversely, the security organization that runs from investment because not every single investment pays dividends immediately will stagnate and eventually worsen with time as risks and threats evolve. 

Related Content:

 

Black Hat Europe returns to London Dec. 3-6, 2018, with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions, and service providers in the Business Hall. Click for information on the conference and to register.

Josh (Twitter: @ananalytical) is an experienced information security leader with broad experience building and running Security Operations Centers (SOCs). Josh is currently co-founder and chief product officer at IDRRA and also serves as security advisor to ExtraHop. Prior to ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
MarkSindone
50%
50%
MarkSindone,
User Rank: Apprentice
11/7/2018 | 12:34:37 AM
Re: My grandfather's plaque
Every effort counts and in the topic of cybersecurity, every single step can produce great results. This is why we should never perceive any amount of preventive measures as minor or worthless when implementing security means. We need to try every method available to eventually derive with which are the ones that suit our requirements.
josh@idrra.com
50%
50%
[email protected],
User Rank: Apprentice
10/24/2018 | 1:46:37 AM
Re: My grandfather's plaque
Interesting comment - thank you for sharing this thought with us.
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
10/23/2018 | 10:53:28 AM
My grandfather's plaque
This article reminds me of a POINT 6: There is no limit to what a man can do or where he can if he doesn't mind who gets the credit."  Raymond Eisenhardt Sr. though quoted to Ronald Reagan and Robert W. Woodruff of Coca-Cola - plaque on their desk.  He had his firm cast that plaque.  Share credit and never stint it if is somebody else, and you wil go far. 
Microsoft President: Governments Must Cooperate on Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/8/2018
Why the CISSP Remains Relevant to Cybersecurity After 28 Years
Steven Paul Romero, SANS Instructor and Sr. SCADA Network Engineer, Chevron,  11/6/2018
5 Reasons Why Threat Intelligence Doesn't Work
Jonathan Zhang, CEO/Founder of WhoisXML API and TIP,  11/7/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19220
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to execute arbitrary PHP code via the host parameter to the install/ URI.
CVE-2018-19221
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. It allows SQL Injection via the admin/login.php guanliyuan parameter.
CVE-2018-19222
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. It allows a /install/mysql_hy.php?riqi=0&i=0 attack to reset the admin password, even if install.txt exists.
CVE-2018-19223
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. It allows XSS via the first input field to the admin/type.php?id=1 URI.
CVE-2018-19224
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. /admin/login.php allows spoofing of the id and guanliyuan cookies.