Problem Solving

I recently read a presentation by Ivan Ristic (ModSecurity fame). You can find it here. It struck a chord with me and I wanted to share this gem.

In infosec we suffer either one of two conditions (generally) - either we suffer from tunnel vision, focusing on minutae that are rarely of any real relevance to the task at hand, or we attempt to "boil the ocean" in an attempt to solve unsolvable problems.

Ivan's post basically made a very practical recommendation - don't boil the ocean, focus on one problem at a time.

We are all confronted with a variety of problems, either at work or at home and it becomes very, very easy to start lumping isolated problems together, creating a snowball effect. Sometimes they are related but sometimes when you have an emotional investment in something you can't see that the forest is made of individual trees. :)

I am meandering a bit (I tend to if you haven't figured it out by now - sorry) but my point is that while its important to look at the big picture, make no mistake we can only solve one problem at a time.

Extrapolating this to infosec, each of us see something that we as individuals can "fix". I want to put it out there that there are problems we can fix, we just need to pick them off. I've got my own bugbears I'm thinking about and if I have to pick one I want to focus on, it would probably be patch management on an enterprise scale. I'm not sure I can "fix" this but I am pretty sure I have some pretty practical suggestions that would go a long way towards doing so. I'm still contemplating how/where/when I'll go abouts working on a presentation on it.

Anyway, I'm sure you each have one thing you want to fix or more importantly, can fix. I want to emplore anyone reading this to do it.

We may never solve the "security problem" but we can all certainly play a part in trying to fix it. I'd rather be part of the solution than part of the problem.

- J.