Captain’s log: Star date: 11.6.2012
Location: just on the edge of the Illinois galaxy in the Chicago quadrant
Subject: Information Security Forum Congress
I am not a Trekkie but I thought this was an apropos beginning for my blog coming out of the 2012 ISF Congress. This is one of my favorite conferences in the industry and the conference again did not disappoint. I start with the Star Trek-ish opening because Gene Kranz, of Apollo 13 fame, launched the conference with a fascinating presentation. During the three days of the conference, I also witnessed Whitfield Diffie meander through Information Security past, present and future and Frank Abagnale, of “Catch Me If You Can” deliver a stirring testimony based on his life. It was the aura of these unique individuals that hurled me on this trajectory of philosophical thinking.
The images of the Apollo 13 mission conjured up by Gene Kranz’s speech, coupled with Whitfield Diffie’s conversation of the information security quandaries posed by technology over the past century and beyond, brought to mind the evolutionary nature of security. A current security professional striving for ‘complete security’ is like Christopher Columbus worrying about traveling to the moon. While the moon may be the ultimate new world to explore, Columbus needed to be concerned about staying afloat, keeping his sailors happy, bringing value to the king and queen to keep his head connected to his shoulders and basically surviving the voyage. For him to be concerned about the supreme achievement in exploration was beyond his current technological, social and personal abilities. It would have been a futile and hopeless dream for him to try to reach the moon. But he focused on what was at hand, kept the boat afloat, his sailors pleased, his king and queen satisfied and survived his voyages.
And what came of this focus that centuries later seems to be just one small step for mankind? New markets opened. New technologies drove exploration across the globe. Old philosophies collapsed. Things people accepted as absolute truths fell apart and the world was transformed. All because a guy did something new and tried to survive while doing it. His achievement continued to push open the door cracked by Marco Polo and subsequently yanked open by a stream of adventurous explorers. And thus, we come to the space program and the biggest ‘new world discovered’, as of today, the moon.
Security may seem small compared to the exploits of men who literally put their lives on the line for the dream of exploration but we can see a parallel path. From the Egyptian codes to the Engima; from the bastions of the feudal lords to the mantraps of the bank vault, security has been a constant exploration. Sometimes there is the discovery of new island; sometimes there is the discovery of a new galaxy. We need not strive for the ultimate completeness of total security, we just need to keep the boat afloat, the sailors happy and the kings and queens satisfied. As long as we continue that exploratory path, we will occasionally hit that 2.5 degree window of re-entry necessary to cross the threshold of the Earth’s atmosphere and survive the voyage from the Earth to the moon and back. In that moment, we will protect our most valuable resource, stop a would-be data breach or catch a thief with his hand in the cookie jar. And that moment, as Gene Kranz described the Apollo 13 mission, will be our finest hour.
If you have your own ‘finest hour’ of security exploration, please comment and tell me. I believe, like Polo, Columbus and Armstrong, each of us in the security industry are continuing to open that door to new worlds.