var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-35754314-2']); _gaq.push(['_setDomainName', 'securityeverafter.com']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })();

Saturday, June 10, 2017

An Occasional Look in the Rear View Mirror


I recently posted the 
below on the SANS Internet Storm Center.

With two new drivers in my home, I am training them to occasionally look in the rear view mirror of their car as an effective way to increase their situational awareness when driving. What if this principle were applied to the area of hardware and software inventory? Perhaps in the form of a quarterly reminder to consider CIS Critical Security Controls 1 and 2 that called for an objective look at hardware and software that might not be as shiny and new. Intentionally searching for this type of deferred maintenance could very well find unnecessary risk that is imposed on the entire organization.

Some organizations have an interesting approach - for every new tool purchased, two tools must also be retired. What a novel section to include in the business justification for the next new tool. Take a look in the rear view mirror every once in a while - particularly at the area of technology retirement to make sure you don't just continue to increase the collection of tools. Who knows what might be discovered.

What grade would you give yourself in the discipline of technology retirement? Please leave what works for you in our comments section below.

Russell Eubanks

Saturday, May 6, 2017

What Can You Learn On Your Own?


I recently posted the 
below on the SANS Internet Storm Center.

We are all privileged to work in the field of information security. We also carry the responsibility to keep current in our chosen profession. Regularly I hear from fellow colleagues who want to learn something, but do not have a training budget, feel powerless and sometimes give up. I would like to share several approaches that can be used to bridge this gap and will hopefully inspire a self-investment both this weekend and beyond. None of these ideas cost anything more than time.
 
I decided to borrow an idea from an informal mentor, something I generally give them credit for, but not always. I decided to wake up early each morning with the intent to learn something new every day. Maybe the something is a new tool, a new linux distribution or taking an online class. Having done this now for the last 7 years, I can say without hesitation or regret that it has been pivotal in making me a better me. I am convinced that applying just a little bit of incremental effort will serve you well as well.

Ideas to get you started:              
  • SANS Webcasts and in particular their Archive link                         
  • Serve as an informal mentor to a junior team member, while being open to learn from them 
  • Volunteer help out in a local information security group meeting
  • Read that book on your shelf that has a little more dust that you would like to admit
  • Subscribe to Adrian Crenshaw’s YouTube channel 
  • Be intentional by creating a weekly appointment with your team in order to learn something new over a brown bag lunch
  • Foster an environment that facilitates a culture of learning

After considering this topic for a long time, I want to ask this question - What are you doing to invest in yourself, particularly in ways that do not cost anything but your time? Please leave what works for you in the comments section below.

Russell Eubanks

Friday, April 28, 2017

KNOW before NO


I recently posted the 
below on the SANS Internet Storm Center.

A good friend told me that an engaged information security professional is one who leads with the KNOW instead of the NO. This comment struck me and has resonated well for the last several years. It has encouraged me to better understand the desires of the business areas in an attempt to avoid the perception of being the "no police”. 

We are each able to recognize the value in sprinkling in the information security concepts early and often into software development projects. This approach saves each of the stakeholders a great deal of time and frustration. Especially when compared to the very opposite approach that often causes the information security team to learn at the very last minute of a new high profile project that is about to launch without the proper level of information security engagement.

There are certainly projects and initiatives that may very well still warrant a “no” from an information security perspective. Before we go there by default, I respectfully invite us all to KNOW before we NO. I truly believe that each of us can all improve the level of engagement with our respective business areas by considering this approach. In what areas can you KNOW before you NO next week?

Please leave what works in the comments section below.

Russell Eubanks

Saturday, March 25, 2017

Distraction as a Service


I recently posted the 
below on the SANS Internet Storm Center.

Have you noticed that some security projects never seem to get finished? Despite the best of intentions, often times they linger, sometimes for years. I believe that distractions play a role in security projects being delayed and ultimately never being completed. If not monitored closely, nothing will get moved from the to do list to the this security project is finally done list.

For me, it has always been natural to accept every new project that needs attention. I want to be helpful and perceived as a good team player and I bet you do as well. I found that it is easier to say yes to every request for help than to say no. I suspect that "why yes I do have a minute" and "of course I can help you with that problem” sound very familiar. I have found this behavior can also carry potential for a negative reputation as an information security professional when it impacts the delivery of security projects.

While it is normal to want to help, it is not always natural to remain focused immediately after a distraction occurs. I have determined to ask the question "what is the next action I can take right now?” immediately after a distraction. I found this behavior helpful to remain both mission focused and results oriented. With some intentional discipline and focus on the impact of distractions on security projects, the impact of unplanned distractions can be minimized.

It is impossible to enumerate all of the ways distractions can impact a security project. It is very possible to more quickly recognize them when they occur and put measures in place to reduce the impact of distractions severely impacting productivity. Are distractions keeping you from closing out projects and ultimately preventing you from providing full value to your organization?

Please leave what works for you in the comments section below.

Russell Eubanks

@russelleubanks