Archive for March, 2008

Parallels Between Information Security and ‘Blink’ by Malcolm Gladwell

March 14th, 2008 Comments off

I just finished reading the book ‘Blink’ by Malcolm Gladwell, and I was really impressed with Chapter 4, entitled “Paul Van Riper’s Big Victory”. The chapter deals with the notion of “analysis paralysis” in a big way, and tells the story of the DOD’s Red and Blue Team exercises started in the early 2000-2001 timeframe, dubbed “Millenium Challenge”. Paul Van Riper, a retired Marine general, ran the Red Team, and he ran it with a very interesting personal philosophy: you can never see and/or understand the whole picture in a war or battle. Why? You can’t know what the enemy is thinking, or exactly how they’ll act.

Napoleon subscribed to this same theory, and it obviously worked well for both men. To keep it short, Van Riper took what he *did* know and leveraged it to the utmost. He behaved in unpredictable ways, launched preemptive strikes against the Blue Team, and essentially succeeded in kicking their asses every which way to Sunday. This didn’t sit so well with the acronym-laden Blue Team leaders, who promptly called “Reset!” and set all sorts of restrictions on Van Riper so that he, in essence, couldn’t win the second time around. Then, (typical government mindset here), they actually had the gall to *celebrate* when they “won” the second time. Hilarious! No wonder our govt works so well and the Chinese are enjoying the fruits of our sensitive databases.

All that aside, it really drove home a major point (as the book does in general): Trust the gut. Don’t get all caught up in meeting after meeting, trying to decide on the absolute best course of action after comparing every possible alternative known to man. Think quickly, go with what feels right, and get things done. For god’s sake, don’t come up with internal acronyms if you can help it. Do hackers have to follow rules? Not so much, so expect the unexpected and learn to react fast. Information security practitioners are tasked with preparation for, and defense against, inevitable attacks from malware and anything else that comes our way. We can learn some lessons here.

Categories: Information Security Tags: