Earlier I discussed the Virtue of Higher Focus as a fundamental security concept. With hundreds of thousands of hackers using hundreds of thousands of tools to exploit hundreds of thousands of vulnerabilities, there is little hope of addressing every possible security issue directly. Thus, it is important to approach security from a "higher" view. If a new worm broke out, putting the Internet on high alert for contamination, it would, of course, be necessary to take a specific action, apply a specific patch, close a specific port on the firewall, or add a specific signature to all IDS devices. This is not contradicting the Virtue of Higher Focus. However, if we took specific actions that prevented only this worm and not the 100 similar worms soon to be developed, we would be in violation of this virtue. The Virtue of Higher Focus represents the way in which we must think about security in our everyday lives. Addressing security in a higher manner helps us deal with two common security problems:
The question is, then, how do we deal with higher security? How do we work to keep ourselves safe when hundreds of new exploits are developed every month? The answer to these questions comes with some time-honored security practices, best practices that have been used for thousands of years. In this chapter, I will review several of the key security tools that will keep an organization safe, despite the highly dynamic nature of information warfare. All of the following practices help to generalize security practices and further develop security minds. These practices include:
|