Security Theory – Secure Enough

I have smart cards and security baselines, so is my network secured?

I started working as an infrastructure guy and playing around Active Directory and networking .I worked in many different platforms and products before I decided to specialize in network security and I have been working and researching in this field for 5 plus years now, and my researches at first was not about security products themselves, but about the theory of security and all related things like risk assessments and threat modeling, before I focused on Cryptography science and Public Key Infrastructure then jumping to Microsoft security products and solutions including Smart Cards and Identity life-cycle and management

I sometimes get asked this question “Do we have a secured network?” and also people think that my role is to make things 100% secured  and that if we brought dozen of security products and the latest intrusion detection and prevention devices in addition to deploying smart cards ,that we have reached the state of secured network. The answer for all those questions is NO.

“Security” is defined as “freedom from risk or danger; safety”. It is obvious that security in computers can never gain this goal. “Computer Security” on the other hand is more “management of risk” as “Secure” means we can stop working because the network is now secure.

So, network security is a process, a task description, not an end state. It is a journey, not a destination. I would like to think of network protection as the goal and network security as a task description.

Let us get back to the question “Is your network secured? “. Well, we cannot answer this question, but instead we are aiming to have “Secure Enough” network though. What does that mean?  One way to look at it is by comparing it to a car alarm. Does a car alarm make it harder to steal a car? No, not really. Does it prevent the? Well, that depends. If you have an alarm but the car next to you does not, it is likely that a thief may just steal the car next to yours (unless he really wants yours).

It is kind of like the old story about a camping trip. Two guys are sing by the fire and one of them asks what they will do if a bear comes. The other guy says, “That’s why I am wearing sneakers. “The first guy asks, “Do you really think you can outrun a bear though?” The second responds, “No, but I don’t need to. I just need to outrun you!” In some cases, it is simply enough to be a more difficult target than someone else.

I hope you got my idea clear now. As long as bad guys are not out to get to our network specifically, if we protect our network sufficiently, it is likely that they will attack a network that is less secure, unless they really want something from our network. So we face two challenges: protecting our network from casual attacker or virus that does not care which network it destroys, and protecting our network from the determined attacker who wants information from us.

However, if we take some fundamental steps, we will have accomplished the former as well as make the job of the determined attacker much harder. This frees us to focus on the part of staying far enough ahead of the determined attacker. In a sense, protection is like a temporal security. It makes sure that we are secured until the bad guys learn enough to break our defenses. At that me, we had beer have additional defenses in place.

That’s only me.. Tell me what you think?

3 comments on “Security Theory – Secure Enough

  1. As long as you concentrate your security efforts using microshit technology, sorry I meant Microsoft, you will always find others running faster than you. I hope u can deal with that bear alone…. Lol

    • Hi my freind, nice seeing you here. Yes, I love working on Microsoft technologies that is right. But let me tell you something…
      When it comes to Security, it is not a matter of a tool from certain vendor. It is about security theories and threats modeling… This is what matter…

      Microsoft is throwing away their security line of products and not into security products now.

      So, it is not about the tool man.. as i always say “A fool with a tool, is still a fool”

  2. Very True!
    I believe that the no matter how you have hardened you network the biggest bug still the security team itself.

    Nice article 😉

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s