SURVIVABILITY
               There  are  more  holistic  organizational  benefits  which  come  from  executing  security
               operations  swiftly.  Some may consider it liability, others may refer to it as reputation, or
               call  it  PR.  But  it  really  includes  all  of  the  above:  it  is  the  ability  for  an  organization  to
               favorably survive a serious security incident. The speed at which security operations are
               executed  says  something  about  an  organization’s  attitude  toward  security.  When
               vulnerabilities  are  remediated  slowly,  and  when  there’s  no  dedicated  effort  to  detect
               intrusion or respond to an incident with urgency, it communicates a lack of priority to the
               organization.


               When  assets  and  potentially  private  user  data  hangs in the balance, it is important that
               actions  document  responsible  security  handling.  Actions  should  be  explainable,  and
               defensible if necessary. How security operations are conducted should be evidence that
               the  company  places  a  high  priority  on  security.  Should  these  actions  become  public,
               their  reality  should  serve  as  a  PR  asset,  enforcing  a  message  to  the  public  that  an

               organization  takes  security  seriously. Otherwise, lax policies and procedures, or actions
               inconsistent  with  adequate  policies  and  procedures,  may  have  the opposite effect, and
               serve  to  demonstrate  neglect.  An  organization’s  mishandling  of  security operations can
               become a bigger damage control problem than the actual security  incident in play.



               CONCLUSION
               In  security,  it  isn’t  enough  to have policies and procedures defined. It isn’t even enough
               to  execute  on  those  policies  and  procedures.  Battles  against  attackers  are  won  by
               whomever  presses  their  initiative  first.  What  determines  the  effectiveness  of  a  security
               program  is  the  ability  to execute at speed. As security professionals, we are always on
               the clock.


               About the Author


                                          Brad  O’Hearne  is  a  25-year  career  software  architect  /
                                          developer,  application  security  expert,  and  independent
                                          security  researcher.
                                          He  resides  in  Gilbert,  AZ  and  enjoys  cycling,  soccer,  reading,
                                          and spending time with his family.
                                          He  is  available  for  consultation  and  can  be  contacted  at
                                          [email protected].








                   19    Cyber Defense  eMagazine – June 2018 Edition
                         Copyright © 2018, Cyber Defense Magazine,  All rights reserved worldwide.