Photo Credit: 1upLego via Compfight cc
Most superheroes have special powers:
· Spiderman – web shooter, ability to climb walls and to sense danger
· Superman – flight, strength and speed
· Captain America – increased agility, strength, speed, endurance, and reaction time
Batman doesn’t have any of these special powers, come to think of it neither does Ironman and others. Instead they rely on real life skills and technology, a bit like myself!
So how does this relate to security? Tools such as intrusion detection/prevention systems (IDS/IPS), vulnerability scanners and firewalls help to secure your organisation. They help protect the perimeter similar to Batman’s motion sensors and surveillance cameras he uses for the Batcave. These tools require analysis to determine if the attacks your organisations are seeing are a realistic threat. As an example a conficker attack detected on your IDS can be useful if you are not patched against it. If you are patched do you need to be alerted about it if you know all your systems are secure? Ironman’s suit is not vulnerable to bullets so this is not a threat to him but it does have sensors built into it so he is able to detect other potential threats.
Now for the offensive. Batman uses technology by listening in on police scanners to pin point where the baddies are. He is being pro-active by trying to stay ahead of the perpetrators which is what security professionals need to do to anticipate the bad guys next move. In the movie Avengers Assemble the super heroes came together to battle the enemy and by doing so were successful. Similarly, security professionals can do the same by sharing experiences (good and bad) so we can learn from them.
We mustn’t forget the human element in all this in that awareness is key and as the super heroes of information security we must exploit all opportunities to educate and inform the masses wherever possible – “with great power, comes great responsibility” (quote from Spiderman).