Saturday, July 27, 2019

Why Operations Engineers Don't Always Transition Into Effective Cyber Security Practitioners


The 99% and the 1%.

Operations engineers have every reason to care about the 99%.
That’s the bulk of the operational load.
The impactful percentage that is easy to measure and needs to be monitored. 
The normal. 

A good cyber security practitioner worries about the 1%.
Those operational rounding errors that the operations team probably doesn’t care about.
The long tail details often not represented in the out of the box metrics.
The anomalies.

Both sides look at the same infrastructure and artifacts in completely different ways. This mindset change impacts everything from threat hunting to security capability building. to prioritization. Many successfullly make the transition in mindset but not everyone does.

Yet, resources and hiring are often skewed towards the 99%. "They do a lot of security work" is the rationale. I'd contend that security work within the 99% is a much different skillset that security work within the 1%.

If the airline industry had a 99% safety record, the remaining 1% would be the reason that passengers probably wouldn’t fly, not the 99% of flights without a problem.

Follow me on Twitter for the latest blog updates: @Opinionatedsec1 

SEE ALSO





No comments:

Post a Comment