Sunday, October 05, 2014

Information Security... Backwards, Broken, and Bigger.

I just did an entire two day class on information security issues (which could easily have been a two week class, or a two month class), where I spent 3/4... Hell, 7/8 of the class not actually directly dealing with the issues in question, or just using them as examples of the bigger issue.

The official title of the class (delivered at the ISC2 global security congress last weekend) was "Big Data and Information Security: opportunities, challenges, and changes in the way we all use and manage information".

I based the class on a nonconventional definition of "Big Data" as a set of information oriented capabilities (not data oriented, information oriented, and not any specific technologies etc..), and a high information model of information awareness, and information management.

I spent most of those two days teaching people how to break down the problem and reorient themselves to it; to actually have any real understanding of what the problem REALLY is, why its a problem, and how to deal with it...

...Because everything we have been doing in information security up to now fundamentally misunderstands all of those things, and is oriented incorrectly to properly address them, or more specifically the larger problem, and the greater mission.

This is not because we are incompetent or stupid... But because our tools for seeing and understanding the problem, and then addressing it, have been so limited.

We have literally been doing everything backwards for decades... And what success we have had is because those attacking us have had similarly limited tools and understanding.

Now, that's changing... And we have to do everything entirely differently...

Not just "more of the same, only harder, and smarter, and more efficiently"... We have to reorient entirely.

Our model is unfixably broken, so any success we have is limited, and cannot easily be applied to other problems. We just keep throwing more and more resources, more layers, more patches and Band-Aids...

16 hours with some of the smartest and most experienced people in my field in the room... And by the end, I think... I hope... I might have made a dent in helping them understand that the model we have is unfixably broken... And what we need to replace it with.

We can't fix it or extend it, or improve it... We have to replace it.

Once you replace the model and reorient yourself to it... Problems don't disappear... But they become much easier to understand, to break down, and to address the smaller elements that make up the larger problem, in the context of that larger problem, and in service to the larger mission.

What am I talking about?

It's all in the title(s).