This blog post will be slightly different than the ones I typically do as it is not technology driven. Rather this one will focus on describing a way of talking about security programs and the team that uses them.
Security as a Car
I was playing Forza Horizon 5 (very fun driving game) and it triggered a memory. I remember hearing someone talk about describing security as a car (I cannot remember who said it, but I will try to find so they get credit). Everything is great until you come to a curve and that is when the security program comes into play.
Let’s explore this a bit more. As everyone knows, there are different levels of cars. You have your basic entry-level car. It gets you from point A to point B and that is about it. No frills and it doesn’t do it quickly. Something like the old Reliant Robin could barely take a corner without crashing.
Then you have a sports car. It also gets you from A to B but can do it a bit faster and, most likely, will look better than your entry-level car. You can think of something like a muscle car like a Ford Mustang for this level.
Finally, you have the hyper-cars. These are the highest end cars that typically cost as much as a small plane and can go as fast as one. These are the cars like the Bugatti and high-end Lamborghinis.
Now, all of these cars are just fine when driving on a straight road. You may get more people staring at you in a hyper-car than an entry-level car but they both work just fine. Then you hit a curve, which, when dealing with security, is an incident.
This is typically where the higher end cars will shine more than the lower end cars. All the cars will allow you take the curve, but the higher end cars will allow you to take them faster and get back up to speed quicker. In terms of security, this means that you can handle the incident quicker and get back to normal that much faster.
So, in this scenario, the cars represent your security hardware and software. But what about the drivers?
There is a British car show that I used to watch (not sure about trademarks so I am not going to mention it), that had ordinary people driving an ordinary car around the track to see how fast they could go. Of course, different people had different times. Some were good and some were bad. Then they would have F1 drivers, drive the cars and the times were far better than what the ordinary people were posting. They also had one of the best Nurburgring drivers drive the track in a van and she was passing high end sport cars.
Think of your security team as the drivers. Some teams can take basic security software (low-end car) and really make something out of it (take the corner fast). Other teams may take some of the most advanced software (hyper-car) and, perhaps through no fault of their own, not be able to do much with it (cannot take that curve very fast).
Is this a post a bash against lower end software? Absolutely not. It is a post that is saying that no matter what software you have, you need a good team drive it and use it to make it around the corners as fast as possible.
Just like a F1 driver in a lower end car could do far better than I could in a hyper-car, a really great security team can do more with lower end software than a regular team can do with great software.