During the mechanical and analogue period, things were simpler. We could physically see the enterprise infrastructure that we had to manage. If things broke down, we troubleshooted, detected the problem, and fixed it. When a typewriter broke down, the repairmen could see what’s broken, and fix it; when an analogue phone broke down, the phone company sent a technician to fix it.
Since time immemorial, we’ve used our basic senses to fix things. Our sight, hearing, smell, taste, and touch was enough to fix most of our problems in the analogue age. Then things got complex, in a good way, but with complexity came complex problems.
Computerisation and digitisation gained ground rapidly with more advanced technologies, such as virtual infrastructure taking over physical infrastructure. Rooms full of physical servers were replaced by multiple virtual servers in a few physical servers.
All this computerisation and digitisation in enterprise networks also brought a new set of gremlins that were too complex to be managed and repaired using just our basic senses. We could no longer repair the complex infrastructure that is the enterprise network using our sight, hearing, smell, taste, and touch, mainly because most of it simply doesn’t exist physically.
Because most of the enterprise network infrastructure doesn’t exist physically, incidents of physical assaults by criminals and terrorists are now staggeringly outnumbered by virtual attacks launched by hackers sitting remotely. Now we have to rely on digital information that the digital enterprise network spews out in the form of logs, alerts, and reports and information from experts, such as security-related news and blogs.
The logs and reports are our eyes into the security of the virtual world; information received from external sources are our ears, and the virtual attacks that other enterprise networks face, which might be potential problems for us have become our taste and smell. All these come together to form our cyber senses.
Enterprises rely on technology security experts to secure their networks, and the security experts rely on their cyber senses to design and deploy the security infrastructure that protects enterprise networks from attackers.
However, designing security infrastructure involves challenging decision making that stumps quite a few security experts simply because network security and decision making are two different skills. When experts design security for enterprise networks, they must take into account the existing network infrastructure topology and, more importantly, their own decision making skills.
We emphasise on the decision making skills because securing networks involves identifying risks to the networks. If you don’t know your threats, what do you defend against? There’s no point building a fortress when your attackers typically launch air attacks.
In this part of the two-part series, we talked about how experts must use their cyber senses to design a solid security framework for enterprise networks. In the next part, we’ll talk about how you can use your decision making skills to gather and process information and work with stakeholders to implement the security framework.