Monday, June 25, 2007
Crash!
I found out this morning that the VPN connectivity between the organization that I am supporting and the parent has been down for over 2 weeks. I find it interesting that organizations that rely on interconnectivity to conduct business often are blind to the most sensitive areas of the enterprise that could jeopardize business operations.
I wonder what the difference between being blind to something and choosing ignorance looks like? If systems are architected from the get go with continuity of operations in mind then clearly blindness is a condition caused by factors beyond the control of the system operator. Conversely ignorance is just being stupid because in a world of uncertainty it is certain that a system crash will occur. What concerns me the most is that the systems that are most critical to our national security, such as water and power, are still governed by the same principals of blindness and ignorance.
I know that we don’t live in an ideal world and in that ideal world systems would be designed from the start with clear requirements to ensure that the core business that the system supports is assured at all times. In the commercial space folks can get away with a lot more than in the government arenas. However that too is a challenge in that the Federal Government relies heavily on commercial support to conduct the business of the people. In the past ten years there has been a convergence of information and this integration has changed the face of the planet that we live on. At the same time I think that we are living in one of the most precarious and dangerous times in human history.
One of the more popular theories as to why we have not been contacted by extraterrestrial life is that there simply is no intelligent life out there in the Cosmos. It could be argued that civilizations that reach the point of being able to travel or just simply communicate across the vastness of space simply implode and “burn out”. I look at the world today and think that we are at that crossroads in human history where we can rise up and continue to evolve or simply burn out and vanish into oblivion.
The daunting and yet wondrous fact that is staring directly at us is that we have the choice. We have before us an awesome task of transforming not just how information is processed but how that information impacts the world. The sooner that we collectively and individually realize that our connections are what make us stronger the closer we will be towards taking those evolutionary steps that ensure the survival of mankind.
I wonder what the difference between being blind to something and choosing ignorance looks like? If systems are architected from the get go with continuity of operations in mind then clearly blindness is a condition caused by factors beyond the control of the system operator. Conversely ignorance is just being stupid because in a world of uncertainty it is certain that a system crash will occur. What concerns me the most is that the systems that are most critical to our national security, such as water and power, are still governed by the same principals of blindness and ignorance.
I know that we don’t live in an ideal world and in that ideal world systems would be designed from the start with clear requirements to ensure that the core business that the system supports is assured at all times. In the commercial space folks can get away with a lot more than in the government arenas. However that too is a challenge in that the Federal Government relies heavily on commercial support to conduct the business of the people. In the past ten years there has been a convergence of information and this integration has changed the face of the planet that we live on. At the same time I think that we are living in one of the most precarious and dangerous times in human history.
One of the more popular theories as to why we have not been contacted by extraterrestrial life is that there simply is no intelligent life out there in the Cosmos. It could be argued that civilizations that reach the point of being able to travel or just simply communicate across the vastness of space simply implode and “burn out”. I look at the world today and think that we are at that crossroads in human history where we can rise up and continue to evolve or simply burn out and vanish into oblivion.
The daunting and yet wondrous fact that is staring directly at us is that we have the choice. We have before us an awesome task of transforming not just how information is processed but how that information impacts the world. The sooner that we collectively and individually realize that our connections are what make us stronger the closer we will be towards taking those evolutionary steps that ensure the survival of mankind.
Monday, June 18, 2007
Need Help!
Got something that is on your mind? Throw some ideas at me! I just can't go on throwing venom around. Got to move forward and help the cause!
Tuesday, June 12, 2007
The Death of Privacy
I'm posting this just to throw some thoughts up for latter development. But I see now that everything is connected. Meaning that all issues that revolve around any piece of information are linked and thus by touching on one piont in the web you affect the entire system like a ripple effect.
Privacy and the emergence of you as a digitally profiled identity are hot debated issues. Key questions:
1) How much privacy are you willing to sacrifice in order to gain greater convenience?
2) How much control over your privacy should you have or be a given?
3) Should choice be an option? (Case in point where children are tagged with GPS for recovery purposes. Does the child get to choose?)
4) Should you as an individual be made aware of the risks associated with buying a device and the impact on your privacy? (Ex: Cell phone hacking where the attacker turns on the camera or listens to your conversations to launch Spear Phishing attack at a latter time.)
The fact of life today is that if targeted by a criminal intent on compromising your identity, that the probability is high that you will suffer damages. The damages can range from the inconvenience of having to work with you bank, and other financial institutions, to being falsely imprisoned. I have been accused of being too paranoid, but would argue that we stand past the threshold of the point in time where being to paranoid is excessive, and are in the place where we can’t be paranoid enough. As an information security practice we are the first and last line of defense in a war that we can not loose. The stakes have never been higher and will continue to expand as systems that once were independent of one another become more and more integrated.
Privacy and the emergence of you as a digitally profiled identity are hot debated issues. Key questions:
1) How much privacy are you willing to sacrifice in order to gain greater convenience?
2) How much control over your privacy should you have or be a given?
3) Should choice be an option? (Case in point where children are tagged with GPS for recovery purposes. Does the child get to choose?)
4) Should you as an individual be made aware of the risks associated with buying a device and the impact on your privacy? (Ex: Cell phone hacking where the attacker turns on the camera or listens to your conversations to launch Spear Phishing attack at a latter time.)
The fact of life today is that if targeted by a criminal intent on compromising your identity, that the probability is high that you will suffer damages. The damages can range from the inconvenience of having to work with you bank, and other financial institutions, to being falsely imprisoned. I have been accused of being too paranoid, but would argue that we stand past the threshold of the point in time where being to paranoid is excessive, and are in the place where we can’t be paranoid enough. As an information security practice we are the first and last line of defense in a war that we can not loose. The stakes have never been higher and will continue to expand as systems that once were independent of one another become more and more integrated.
Monday, June 11, 2007
On a Break
I took the weekend off and spent time with the wife. We did a nice easy 14 mile bike ride and then on Sunday went trap shooting. Considering how much I have neglected my shooting skills I did okay. The next thing is the introductory fly fishing class that is offered at the local community college. It’s awesome that the local Jr. College offers a three day class on fly fishing. Colorado is just a great place!
So nothing new here from the Infosec space. My big project right now is to get my Windows Terminal Server up and running so I can further virtualize and partition applications into trusted zones. I’ve also started running VirtualWare appliances.
The big challenge again goes back to funding and then to routing. The CISCO switches I picked up are great but switch port managed. So the challenge I have is how to route virtual machines and more importantly virtual security appliances with limited hardware?
I know that ideally I want a separate zone where my traffic must pass through to get to the internet and that the appliances in that zone should be logically and physically separated. Realistically given my qualitative assessment of risk this is all overkill but I’m not doing this to prove anything. I’m doing this to learn and keep my skills sharp.
I also am reorganizing my work space now that I have moved the wife onto her own desk area and can get my desk the way I want it. I have added an arm mount for my 19” LCD monitor so that has really freed up a lot of desktop RealEstate. I’ll post a picture of my work/play area when it’s finished.
So nothing new here from the Infosec space. My big project right now is to get my Windows Terminal Server up and running so I can further virtualize and partition applications into trusted zones. I’ve also started running VirtualWare appliances.
The big challenge again goes back to funding and then to routing. The CISCO switches I picked up are great but switch port managed. So the challenge I have is how to route virtual machines and more importantly virtual security appliances with limited hardware?
I know that ideally I want a separate zone where my traffic must pass through to get to the internet and that the appliances in that zone should be logically and physically separated. Realistically given my qualitative assessment of risk this is all overkill but I’m not doing this to prove anything. I’m doing this to learn and keep my skills sharp.
I also am reorganizing my work space now that I have moved the wife onto her own desk area and can get my desk the way I want it. I have added an arm mount for my 19” LCD monitor so that has really freed up a lot of desktop RealEstate. I’ll post a picture of my work/play area when it’s finished.
Wednesday, June 06, 2007
Turning a Corner
The past five days since my last post I have had significant experiences that have allowed me to further refine my understanding of the direction I want to help take information security. So here is what I have discovered:
1) Stay positive - Don't use the stick unless you have too and go for carrot first. I admit that when I first started to write on this blog that a lot of frustration came out. I realize that in order to “transform” information security I must be able to offer solutions that both serve the needs of the community without inflicting significant amounts of pain.
2) Be compassionate – Being aware of not only your environment but the people in that environment. Taking on the understanding that part of the job which is not written anywhere on a statement of work is that of educator. We have an opportunity to create a new possibility for the WONKS of the world. If we are bitter and closed to those amongst our ranks who don’t understand how we as can a profession grow?
I admit there are those that I just plain think should be in another line of work but at the same time there was a point many years ago that I did not know what I know now. We need to, each and everyone of us, who understand the guiding tenants of information security adopt someone and mentor them. Regardless if they are practing within this field or not. We don’t have enough mentoring in this field and consequently we are poorer for it.
1) Stay positive - Don't use the stick unless you have too and go for carrot first. I admit that when I first started to write on this blog that a lot of frustration came out. I realize that in order to “transform” information security I must be able to offer solutions that both serve the needs of the community without inflicting significant amounts of pain.
2) Be compassionate – Being aware of not only your environment but the people in that environment. Taking on the understanding that part of the job which is not written anywhere on a statement of work is that of educator. We have an opportunity to create a new possibility for the WONKS of the world. If we are bitter and closed to those amongst our ranks who don’t understand how we as can a profession grow?
I admit there are those that I just plain think should be in another line of work but at the same time there was a point many years ago that I did not know what I know now. We need to, each and everyone of us, who understand the guiding tenants of information security adopt someone and mentor them. Regardless if they are practing within this field or not. We don’t have enough mentoring in this field and consequently we are poorer for it.
Subscribe to:
Posts (Atom)