Essential aspects of working with Security Operations

Today Javvad Malik, London-based information security professional, performed a talk at BSides London. The talk incorporated his Love and Hate relationship with Security Operations. Javvad opened the talk referring to his start in the field. He brought up several points including the fact that at the time the general public had no idea what security operations were and even himself and his team were uncertain why certain security controls were in place. Mr Malik focused on this point for several minutes during the talk, re-emphasizing the fact that many security controls still in use today were only there because someone else has put them into place. He then proceeded to bring up a famous social experiment involving  5 monkeys in a cage. To summarise the experiment 5 monkeys were placed in  a cage with a banana, each time a monkey went for the banana all the monkeys would be splashed by water, until eventually no monkeys would go for the banana. After this, one wet monkey would be replaced by a dry monkey. When this monkey then went for the banana it would be stopped by the others. This process continued until their were only dry monkeys left in the cage, with all of them refusing to go for the banana. Mr Malik emphasized the fact that we as security professionals share the same mentality when it comes to security measures and that it needed to change.

Mr Malik continued his talk, referring to several aspects of his career. Eventually he came across the point of accepting risks in business. As well as showing immense forms of showmanship in his talk Mr Malik mentioned something a previous client said to him, this being:

“When its live we just tend to accept the risk.”

Javvad responded to this by simply saying:

“You can’t accept the risk on certain things.”

Eventually Javvad’s talk came to a close and he left the talk with several items of though:

  • Conflict is part of the Job
  • You’ll get your hands dirty
  • Learn to script
  • Embrace your limitations

Image source:

James Stevenson

Im a Cyber Security enthusiast that loves all things to do with technology. I'm specifically interested in cyber security and ethical hacking.

You may also like...