Monday, January 25, 2010

Sharing with the TaoSecurity Blog

I recently posted a comment which I'd like my readers and students to take a look at on Richard Bejtlich's TaoSecurity Blog.

You will find several of Richard's books on our reading list. He is, in my opinion, a thought leader in the field of Information Security. This is especially true of his ideas concerning Network Security Monitoring (NSM).

I encourage you all to take a look at the whole threaded conversation, but below is a copy and paste of my comment:

Richard,

I'm not sure I'm really following you on this one. Are you suggesting that the 'point in time' doesn't matter?

I generally find your 'out of the box' thinking refreshing (and often inspiring); but, I think I'm missing your point. Or, perhaps I'm just not agreeing with you.

I can agree that we are facing 'on-going' campaigns of cyber-threats in many arenas, and that we need to plan with the big picture in mind. But even in a physical campaign of war; while we must have high level strategy that leads battlefield level tactics, we must win the individual 'point in time' conflicts (at least the key ones) in order to win the war. Wouldn't you agree?

How does IT Security, or if you will allow the term cyber-warfare, differ? I have spent quite a bit of time converting Sun Tzu's The Art of War into IT Security wisdom. To me - his warfare consulting applies in cyberspace as well as physical terrain.

While Sun Tzu does advocate that the war is won or lost in the planning stage, before the enemy is even physically engaged; in the end, the best planning won't amount to a hill of beans if the boys in the trenches can't overcome their foes. That is IMHO the Zen aspect of IT Security - you have to be 'in the moment'.

From a Sun Tzu point of view, I believe that the lesson of his which most American companies that I've worked with are failing to heed is the "Know the Enemy, Know yourself." And of those two suggestions - it is actually the "know yourself" which is hurting the most. I could probably go on at the length of a book on that one... so I'll quit here ;)

Sensei Metajunkie


No comments:

Post a Comment