Photo Credit: Dan Harrelson via Compfight cc
Startled, bleary eyed and tired, you’re woken by what you assume to be the sound of wild animals attacking a family pet. The unwelcome commotion, it turns out, is one of your children screaming through the baby monitor. You don’t realise it as you stumble out of bed, but you’d make a good security manager.
Long before your first child arrived you conducted your first risk assessment. Sharp corners were padded, and anything small enough to choke on was banished to a cupboard. You instinctively understood many of the risks your unborn child might encounter, and did all you could to reduce or remove them. Recognising there are some things beyond your control, much research into car seats was conducted until you were happy you’d found a product that best protects your little one whilst on the road, and staying within budget. You’ll need to repeat the risk assessment as the baby grows, becomes mobile and able to reach above ground level (failure to do this cost me a games console and several CDs). In fact, over time and without ever realising it, you’ll become a walking talking risk assessment machine.
As the due date approached, your interest in incident response kicked in. What are the signs that baby is on the way? What’s the quickest route to the hospital? Do I have contact details in my phone for the delivery suite? Who will feed the cats? What about letting the family know? There are so many things to consider, so much could go wrong. What if the motorway is closed or the car won’t start? You probably thought about all of this and much more. You considered detecting the incident, initial response, key contacts, communication and contingency, and in doing so formed your incident response plan.
That wasn’t the last incident response plan you’ll have created as a parent, far from it. Your plan will evolve over time, it will improve and grow with your child. You’ll learn from 3am trips to a 24×7 shop for paracetamol, visits to the out-of-hours doctor, and watching TV with the volume set too high. Incidents will be graded, as will your responses, and you’ll become more prepared and better able to detect incidents before they escalate. Where you once initiated DEFCON 1 and rushed to the out of hours Doctor, you now medicate and wait.
Your bedroom is now a SOC (Security Operations Centre). You have a baby monitor by your side as you sleep, capable of alerting you to the slightest of problems. It beeps if the temperature is wrong, and if you’ve gone for some high-end tech then it probably beeps if baby stops moving (or more likely, rolls off the pressure pad under their sheets). If you lose power the monitor’s battery kicks in and wakes you up. As you lay in bed pretending to be asleep, your SOC (sorry, bedroom) is illuminated like a Christmas tree by bright LED lights, just in case the beeping wasn’t enough.
You’ll occasionally be audited by health visitors and Doctors, who will helpfully point out everything you’ve been doing wrong. They’ll also help you with your patching. Don’t let your child become out-of-date, it’s critical to apply the latest updates immediately. By this I mean vaccinations, which much like updates to your computers, take time and frequently result in tears. You’ll explain that the updates are a short-term pain for a long-term gain, but no one will listen.
Just like being a parent, there’s a lot of common sense required in infosec. Recognise risks, plan, learn from mistakes, take advice from experts, and drink lots of caffeine.