Operations

10/23/2018
10:30 AM
Joshua Goldfarb
Joshua Goldfarb
Commentary
Connect Directly
Twitter
RSS
E-Mail vvv
50%
50%

Good Times in Security Come When You Least Expect Them

Not every cybersecurity endeavor can have a huge impact. But a small percentage of your efforts can still produce results that blow you away.

Writing can be a funny thing. Sometimes you spend days working on and struggling with a piece. Other times, a piece comes to you in a flash of inspiration in the span of just an hour or two.  How much a piece interests or speaks to your readers seems to have little to no correlation with how long you spend on it.

What does this have to do with security? Sometimes you spend lots of time and money on a given effort. But the benefits you get and the good that comes of it may be what you least expected. Or, to put it another way, a given effort may result in dozens of effects that may seem irrelevant or of no value to you. And yet, there may just be that one effect that makes the whole effort worthwhile. 

In security, we have many different initiatives going at any one time. Some may require more effort, while others less effort. Yet, as we progress with our efforts, we are sometimes surprised to learn that each initiative affects security posture differently. Often, an initiative's impact has little to no correlation to the amount of resources it requires.

How can organizations find that diamond in the rough and take advantage of the occasional gems that make an effort worthwhile? It is in this spirit that I present five ways to be prepared for good things to happen when you least expect them.

  1. Exit the Tunnel: We all get tunnel vision from time to time. But when we get overly focused on a given philosophy, a given approach, a given set of tasks, or a given work program, we often miss all the good going on outside of the tunnel we put ourselves inside. Being open to something happening in our periphery can help us find new and creative ways to solve problems and see the good that might otherwise pass us by — like that next great way to improve our security posture.
  2. Welcome Input: Don't just welcome input — actively solicit it. Is it possible that you'll hear a bunch of bad ideas that you can't possibly consider for one reason or another? Of course. But what about that one gem of an idea that you'll hear that may solve a difficult problem you've been wrestling with for quite some time? When you least expect it, you just might hear something that will pleasantly surprise you with its cleverness. But if you don't welcome and solicit input, you'll remain unprepared to receive the good that may come from the thoughts and input of others.
  3. Open Your Eyes: Some of us tend to "close our eyes" in a professional sense from time to time. It pays to open our eyes, be aware of our surroundings, and take a look around as often as we can. Perhaps you will notice something you wouldn't have noticed otherwise. Sometimes, there are good things happening just beyond our field of vision. And, more often than not, we are the ones limiting the extent to which we can see what's out there. Broadening our perspective allows us to notice and leverage the good that may be going on just outside of where we're accustomed to looking. 
  4. Open Your Mind: How many times in our lives do we hear something without truly parsing, understanding, and internalizing it? Similarly, how often do we encounter or notice something without truly seeing it for the good it brings and the value it adds? For most of us, these scenarios likely happen quite frequently. It helps to look at things with a different spin sometimes to try and reframe them and see the positive effects. To look for the good. Doing so allows us to navigate events differently. It causes us to be aware that when we look upon something differently, we may see it from an entirely different perspective in order to leverage it for good, even if how to do so wasn't initially obvious to us.
  5. Take a Long Drive for a Short Concert: I once drove three hours each way for an hour-long concert. The entire seven-hour trip was worth it just for that one hour of enjoyment. Why am I telling you this story? The overwhelming majority of your efforts may produce nothing at all of value, and that's OK. Not every security endeavor can have a huge impact, or even end in success. But a small percentage of your efforts may produce results that blow you away — and that is what is most important. It's important to look upon your security endeavors as an investment. The security organization that continues to make wise investments will continue to reap positive results from those investments. Its security posture will improve. Conversely, the security organization that runs from investment because not every single investment pays dividends immediately will stagnate and eventually worsen with time as risks and threats evolve. 

Related Content:

 

Black Hat Europe returns to London Dec. 3-6, 2018, with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions, and service providers in the Business Hall. Click for information on the conference and to register.

Josh (Twitter: @ananalytical) is an experienced information security leader with broad experience building and running Security Operations Centers (SOCs). Josh is currently co-founder and chief product officer at IDRRA and also serves as security advisor to ExtraHop. Prior to ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
10/23/2018 | 10:53:28 AM
My grandfather's plaque
This article reminds me of a POINT 6: There is no limit to what a man can do or where he can if he doesn't mind who gets the credit."  Raymond Eisenhardt Sr. though quoted to Ronald Reagan and Robert W. Woodruff of Coca-Cola - plaque on their desk.  He had his firm cast that plaque.  Share credit and never stint it if is somebody else, and you wil go far. 
josh@idrra.com
50%
50%
[email protected],
User Rank: Apprentice
10/24/2018 | 1:46:37 AM
Re: My grandfather's plaque
Interesting comment - thank you for sharing this thought with us.
MarkSindone
50%
50%
MarkSindone,
User Rank: Apprentice
11/7/2018 | 12:34:37 AM
Re: My grandfather's plaque
Every effort counts and in the topic of cybersecurity, every single step can produce great results. This is why we should never perceive any amount of preventive measures as minor or worthless when implementing security means. We need to try every method available to eventually derive with which are the ones that suit our requirements.
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
2018 Was Second-Most Active Year for Data Breaches
Jai Vijayan, Freelance writer,  2/13/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8948
PUBLISHED: 2019-02-20
PaperCut MF before 18.3.6 and PaperCut NG before 18.3.6 allow script injection via the user interface, aka PC-15163.
CVE-2019-8950
PUBLISHED: 2019-02-20
The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices with firmware 1.46p1-0028 allows an attacker to login to the admin account via TELNET.
CVE-2019-8942
PUBLISHED: 2019-02-20
WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image c...
CVE-2019-8943
PUBLISHED: 2019-02-20
WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring...
CVE-2019-8944
PUBLISHED: 2019-02-20
An Information Exposure issue in the Terraform deployment step in Octopus Deploy before 2019.1.8 (and before 2018.10.4 LTS) allows remote authenticated users to view sensitive Terraform output variables via log files.