The Digital Big Bang. Phil Quade

Читать онлайн книгу.

The Digital Big Bang - Phil Quade


Скачать книгу
in some cases, days. The speed of the threat actor, your own technology environment, and your ability to defend it is entirely predicated on the speed of change. That pace of change also includes the necessary changes to our speed of making decisions. The critical actions of stopping, impeding, disrupting, and responding to cybersecurity risk and events that affect privacy in a digital world force us to make rapid and accurate decisions never required in previous decades. New methods of data acquisition and analysis for decision support are critical aspects of creating these new strategies for success in a digital age.

      This chapter focuses on strategies to understand, plan for, and affect the impact of speed on how you think about and execute your responsibilities in defending your business or agency.

      THE STRATEGIC IMPERATIVES

      You may think that to align to the change in speed, you simply have to move and act faster. Although in some cases that is true, there are better ways to approach operational acceleration and excellence in the face of dynamic change than fighting speed with more speed. How we think, act, and instrument our protection portfolio and operations are all key aspects in making this dynamic shift to operational enablement in the age of speed. The reality is that the world, technology, and threats will only continue to gain momentum, and if the only tool in your toolbox is an ability to run faster, you'll soon realize the limits of that way of thinking. Strategic imperatives such as risk, intelligence, transparency, and action-based decision making are additional tools that when learned, practiced, and mastered will create new capabilities that are far more effective and sustainable than speed itself.

      THE PURPOSE OF YOUR MISSION

      1 Understand your environment. Your success depends on your direct ability to succeed within the environment in which you operate. To do that, you need to understand your environment through transparency, knowledge, and access. This includes crucial elements such as understanding your critical assets, a holistic understanding of the resources and technology deployed through a comprehensive configuration management database (CMDB), and data flow diagrams that detail how information flows through your business. Just as important is the understanding of your third-party ecosystem, your supply chain, and how your services are in effect an integrated component of your customers' supply chains. Your ability to quickly understand the impact of any given event through this level of transparency is a fundamental component to being able to think and act quickly.

      2 Drive safely at high speed. Your business success depends on speed to market and speed to respond. Your job is to get everyone there safely. This sense of speed enablement, or acting like the brakes on the car so your business is confident to go faster, requires a mature risk process. Effective risk programs have tiers of risk considerations and actions that create broad bands of flexibility and enable decision making based on preselected and informed risk formulas that serve as guiding principles. Spending time developing those mechanisms and allowing them to mature, educating your business, and just as importantly, educating your team will empower and enable all levels of the organization to recognize and facilitate business-based risk decision making at speed.

      3 Plan ahead. Your opposition is well funded, utilizing capabilities and decisioning guiderails that are faster than yours. As in an old-fashioned gunfight, the first one to put lead on the target wins. This means that you need to be comfortable with rapid decision making based on accumulated knowledge rather than absolutes and have a “gun belt” of premade decisions, actions, and plans on your side. For instance, if you have a ransomware incident that is less than x% contained, do you shut down your data center? If you are suffering a financial crimes attack, will you call law enforcement, and if so, what agency and what is their number? Simple efforts such as tabletop exercises or defining preplanned partners significantly add to your ability to react fast in times of crisis. Prepositioned decision making agreed to by your leadership also ensures that your business will understand, support, and expect clear action and leadership from you when needed.

      4 See the big picture. You need over-the-horizon threat modeling. I think everyone would agree that seeing a speeding train coming at you is better than getting run over by one. Unfortunately, too many people concentrate too myopically on their own operating environment and never look up long enough to see the train coming down the tracks. The use of intelligence services, information-sharing partnerships, and other mechanisms that give you a view outside your business into adjacent industries, like competitors or aligned ecosystems, are great ways to measure and prepare for the potential impact of issues not yet affecting your business. This greatly enhances your time to prepare, plan, and react to situations and opportunities that too often are missed because of insular behaviors.

      5 Make the most of limited resources. Managing a business with limited return on investment (ROI), no profit, and smaller teams takes a different approach. Not every industry has the mission criticality of a nuclear power plant or the financial resources of the financial sector, and most of us never will. But just because we can't build large operating teams doesn't mean there aren't methodologies we can put forth to make us more nimble and adaptable. For instance, sometimes less is more. Often, many of the services we use are not employed on a constant basis, and thus the costs associated with maintaining them or the skills needed to maintain them are wasted. Why not consider third-party contracting support for those services? And that's not just for limited services. If there are opportunities to leverage or utilize an ecosystem of providers to deliver core services at a lower cost, or to use automation and cloud-based services to maintain a more current and manageable portion of your operations, why not consider them? Sometimes, using simplified capabilities rather than an entire offering allows you to have those capabilities most necessary to react fast for the most critical issue, while maintaining a profit and loss (P&L) reasonable for your business.

      THE SCIENCE OF RACING: ACCELERATION, DECELERATION, HARD BRAKING, AND KNOWING WHEN TO APPLY EACH

      The natural attraction of humans to speed has been a part of our history from the time we could walk upright.


Скачать книгу