It is time for another round of ‘Overrated/Unterrated’! As usual i’m asking an InfoSec expert to share his/her opinion on whether an item is overrated or underrated by the society/profession, relative to how s/he believes it should be rated. It is great to have Stu Hirst (@StuHirstinfosec on Twitter) to weigh in on hot topics like zero trust or ATT&CK. Besides being a well known expert for Cloud Security (Skyscanner, Photobox, Just Eat), he’s also an avid speaker on the topic and regular contributor to community events.
Underrated. Another buzz term of the last few years, but fundamentally an important principle; the idea that any component should be verified as part of an internal or external architecture. We’re well aware that breaches often traverse sideways and cause further damage. However, the realities of rolling out such a thing as the Zero Trust principle is, as in many security areas, complex! I think we’ll see this continue to be a dominant theme over the coming year or two.
Overrated. I love the idea of chaos engineering, always have! However, in Security terms, it’s not something many teams will be doing. The idea of deliberately breaking something, to prove / improve responses and recoveries is in theory, a solid one, but not one many organisations will have the ability to embed successfully.
Underrated. One of my major ongoing concerns with our industry is whether Security Teams are truly focusing on actual risk to their business. As opposed to fictional events or misguided attack vectors. The Mitre ATT&CK framework is a wonderful resource for understanding and developing threat models and should be a go-to knowledge base for any Security pro not currently using it already. It comes down to the old adage of ‘think like an attacker’!
If you ask me, Stu is right on the money with his view on Zero Trust. This can only get more important for Security Professionals with the Corona pandemic induced remote working boom. What do you think? And where do you stand on chaos engineering? As always, share your comments below or write your own post. The important bit is that we, as a profession, keep an open mind and continue with constructive discourse.
This blog post originally appeared on LinkedIn