Groundhog Day (Not a Film Review)
Recently there was a re-run of the movie “Groundhog Day” on German TV and after a while I felt a familiar feeling:
Our security efforts are a lot like the story.
The protagonist is caught in something like a time-loop until he gets everything right. A previously cynical, disrespecting, arrogant and selfish news reporter wakes up every morning to the same scene: The alarm clock switches to 6:00 in the morning, the radio plays “I got you babe” and the same day repeats over and over again. During the first iterations he doesn’t change his behavior, being quite a discomforting guy until he realizes that slight changes can make a big difference.
He is only relieved from this situation after he gets everything right: Being nice to his former school schoolmate, changing the tires of the old ladies in their car with a flat tire, catching the child falling from a tree, doing a heimlich maneuver on the guy almost choking on his meal, learning to play the piano and perform a stunning performance on stage, bringing coffee and donuts for colleagues etc. etc. etc.
And this is where you find yourself in a security operation: You don’t advance to the next level until you got everything covered:
- Have a security policy in place and enforce it with adequate controls
- Take care of physical security
- Have a good design for availability and redundancy
- Have a an emergency procedure available
- Install some sort of incident response
- Make regular emergency exercises
- Do regular security audits
- Have a good and up-to-date documentation of at least your most critical services and applications, preferably all of your infrastructure
- (Please fill in whatever escaped my mind on this list)
Such precautions will decide whether you can continue with your operations or whether it’s “Go directly to jail, do not pass Go, do not collect 200” during the next incident.
How good is your security operation? Will you wake up to “I got you babe” over and over again or can you find better responses to incidents so you can finally move on and concentrate on how everything will go in the future?
(IT) Security Groundhog Day – the vicious circle: http://t.co/SOllqwhE #deepsec