Cb Connect 2018 | Power of You | Register Now


Security Enlightenment Means Understanding “The Path”

May 23, 2016 / Joel Rising

Who has achieved “enlightenment” in the strictest sense of the word?

The Bodhisattva, of course. Who else? Guan Yu? Peter Deunov? Baha’u’llah? That’s a short list.

If being “security enlightened” is anything more than I am, I can guarantee you that Endpoint Detection and Response (EDR) is not just for the enlightened. However, I don’t blame Anton Chuvakin, one of the industry’s leading EDR experts, for asking the question in a recent blog on EDR for Gartner. In his post, Anton notes that “EDR tool WINS (= examples of wildly successful deployments) tend to be concentrated at a highly mature, ‘Type A of Type A,” lean-forward, advanced security organizations.”

He’s absolutely nailed it when it comes to “lean forward organizations.” For the sake of discussion today, we’ll call them “enlightened.”

If enlightened means “certified,” “experienced,” “expert,” or “professional security ninja,” I’m in big trouble! But what if you are “on the path,” as they say? You are a college senior who watches “Scorpion” or “House.” You went to a job fair because you just read “Cuckoo’s Egg,” or because someone you have a crush on read it.  Do you think in two years’ time you could go from intern to SOC Tier to threat analyst to intel lead?

I do. Because I know A LOT of people who did.

They’re still not ninja-level experts but neither am I.  They just set themselves along the path and they’re kicking some Buddha along the way – not just with EDR, but with security in general. They are becoming “security enlightened.”

To me security enlightened means “awakening” and acknowledging the idea that you can no longer plug in, turn on, and walk away from a security solution. It means understanding that “set-and-forget” is not the right path through the new threat landscape.

Most importantly, security enlightenment means walking along the correct path just a little bit more every day. Not to be “better,” necessarily, but to let go of old habits and step into the new reality of information security.

If you want to be secure, you’ve got to walk the path and if you’re looking to skip the path, you’re not looking for real security enlightenment.

TAGS: Carbon Black / EDR / security