How to become an exceptional security manager

IT tips and tricks from a surgeon's textbook

If you're a security manager, focus more on the basics (e.g. patch management, password policy, malware blocking) and less on the latest and greatest new artificial-intelligence anti-malware product of the day. Truly secure environments are consistency secure and have the basics well covered.

Pick good metrics. "Metrics" is often a word bandied about by managers seeking ways to report meaningful and measurable statistics to upper management. Metrics are a good thing, but many times, the metrics chosen take more time to collect than the value they provide. Security becomes more about collecting the right metrics and moving the metric in the perceived right direction than actually bettering security.

The book talks about APGAR scores and how they have significantly improved the lives of newborn babies. The APGAR score measures five metrics of a newborn baby (what is their colour, how well they are breathing, etc.) and assigns a 0-2 point score based on the observed result. Babies with low APGAR scores are considered critical cases, and additional treatment modalities are brought to bear quickly. As a five-year EMT paramedic, I can tell you that an APGAR score only takes seconds to do and becomes second nature. It has been credited with saving the lives of millions of babies.

Do you have good metrics? Evaluate the current list of metrics and reports that you collect on a daily, weekly, and monthly basis. Does anyone read them? If you want to find out who does, put very big, bogus outliers in the report and see how long it takes anyone to notice. If you can, analyze the metrics you do collect and decide which ones have the best bang for the buck.

Becoming a better computer security worker or manager means taking a step back and analysing the overall system. Improved processes and more consistent application of current rules will often pay higher dividends than any new technology or product.

Show Comments