Rantings of a Cyber Security Analyst - (July Edition)

"Oh, you work in IT? Can you help me with a problem on my computer?"
I am sure anyone who works in the IT field has heard this during family gatherings. In a way, I understand there is always a misconception that people who work in the IT field are assumed to know everything about IT.

Computers, servers and all applications have always been marketed as easy to use products that can solve issues. I would draw this comparison with cars. Cars are always marketed as easy to drive, nice features and good mileage per tank or charge. No one would ever market a car with all the technical details like the camber angle, toe and so on, which made the handling of the car great (I am sure I lost some of you guys here). But that is the point, and for this example, a car mechanic would understand all these and yet, the mechanic would likely find a specialist who does alignment if there is an issue with the car pulling to one side when driving straight.

This also translates to the business world where some smaller companies hire a single IT Manager to deal with all things that fall under the IT umbrella.

Information Technology is a name that covers a very wide field of specializations; there is Networking, Database, Application Developers, Security and so on. For me, I have gone towards the path of security and have dedicated myself towards this field.

Sure, I may know some networking concepts, but I am not the right guy to deploy complex networking with various proprietary network protocols (FabricPath and QFabric comes to mind) or attempt to build and maintain a database.

Most of us can pull out the administrator guide and understand what all those text means. This helps us to do the basic stuff, like installing the application or service into the server, but that does not mean we know how it works.

Most small IT teams do their best to manage many things. Making sure everyone’s laptop and workstations are working normally, all business applications are installed, new users are created on the Active Directory with the right user roles, deploying security controls, maintaining the servers and cloud instances… the list is long. This does not mean they know how everything works, and usually they would ask the respective vendor or partner for assistance. This all works out well as all these activities can be planned and assistance can be arranged prior.

However, security is always a complex subject. Sure, there are tons of solutions out there that can be deployed and installed, but all these solutions are threat deterrence. Think of this as installing a gate for your home. The gate does not fully prevent people from breaking in, it just adds a layer of deterrence but would not stop an extremely determined individual from trying to break in. You can add CCTV cameras, but again, that does not stop the determined individuals and if no one is constantly watching the CCTV feeds, no one is going to react accordingly.

And unlike solutions that help to increase productivity and bring profit to organizations, security spending is often hard to justify when the management does not look at it from a risk perspective.

Fortunately, more organizations are starting to understand this, and more are building a structured IT team or getting outsourced services to help them out.

So please give the single IT personnel a break. He or she may not know everything about security and having the individual burnt at the stake for something beyond his or her expertise is uncalled for.

And to the very first question… No, I will not help you fix your computer.

Biography

Harvey Goh

Harvey Goh is a cyber security specialist having been in the cyber security industry for over 15 years as a technical personnel. Currently he is working as part of Sophos’ Managed Threat Response team. He is also a member of AiSP CTI SIG, EXCO and volunteer at CSCIS CTI SIG.

Views and opinions expressed in this article are my own and do not represent that of my places of work. While I make every effort to ensure that the information shared is accurate, I welcome any comments, suggestions, or correction of errors.