|
| Recent
Articles |
Thoughts On ITIL
Interesting, skeptical take on ITIL, by a person (Noel Bruton) with some apparent long term presence in the industry. He claims that there are four schools of thought with respect to configuration management: Those who haven't finished their config "programme".
Information Security - A People Problem
Interesting article out on outlaw about how information security is a people problem, which is something that we all probably really do know, even if we won't really admit it all the time. The URL for the article is here, and...
What Are Our Co-workers Doing On The Net?
8e6 has a report here that should provide all of us in security an amusing insight into what our co-workers are doing on the internet. Apparently, they ran a contest to see who had the most egregious uses of the internet discovered by co-workers and employees.
Vista To Be More Generous Than Santa
Once Microsoft Vista gets into the marketplace, it will benefit the economy and drive job creation in the tech industry; no word on whether it will whiten teeth and freshen breath though. A Microsoft-funded study...
Rules For Great IT Project Success
Project delivery makes IT organizations credible. When IT "gets it right" at the project level, its ability to impact the financial results of a company increases and its leadership in providing strategic direction improves.
Element VS. Enterprise Configuration Management
The term "configuration management" continues to be a badly overloaded phrase, with almost as many meanings as "service." One distinction I am making recently is between: 1. Enterprise configuration management. 2. Element configuration management.
Outsourcing - Relationships And Issues
Many folks cringe when we start talking about the experiences that we have with outsourcing anything from the company. Some folks swear that outsourcing was the best thing that happened to them. My take on it is what is the skill of the outsourcing company in...
|
|
|
02.05.07
When The Paranoia Meter Pops
 By Dan Morrill
Bad security days happen, when the paranoia meter pegs and there is no substantiating facts behind it, some days it's bad to be a paid paranoiac.
The day might start out normally, but by the end of the day every paranoia meter in the building is going off. It's like everyone knows there is going to be a major layoff, or that some thing got over looked, or mistakes were made but we don't know what the mistakes were. We feel like we are being watched, people start behaving differently, your boss shows up in the office more than usual to see how its going or what you are up to. Things like this happen all day long.
Yet everything is quiet, no early warning system is going off, no one is telling you to pack your office, all the web sites and systems still belong to you.
Sometimes, everything that can go wrong isn't really going wrong. It's just that gut instinct that you develop over time to deal with information security events, and some times it is just going to trigger regardless.
Staring at the monitors, going through system logs, going through your IDS logs, or your security management systems isn't going to get you the answer, there is no answer, there is still nothing going wrong.
As your paranoia goes, you suddenly notice that everyone is reacting to the sudden increase in corporate fear, uncertainty and doubt.
Dealing in an "at will" work environment does not help, that nagging voice in the back of your head that tells you something is going wrong is still letting you know that something is going wrong. Everything looks suspicious at this point. Even your boss dropping off a free slice of pizza coupon (the boss never did that before, something has to be up).
Time to sit back, maybe take some time away from the day, maybe go work in the cafeteria if you can, do what you need to do to get away from the office. Paranoia is infectious, and people will see your altered behaviors. Then they will think that you are on some big case, or something major is going on, and then the rumors start flowing that something is happening.
That is where Daniel Robin and Associates "Making Workplaces Work Better" can come in handy. In their Dysfirmations section here, they have a list of things that can make even the professional paid paranoiac happy. I edited these down to those that most closely fit the professional paranoiacs view point on life.
"I have the power to channel my imagination into ever-soaring levels of suspicion and paranoia.
In some cultures what I do would be considered normal.
I am at one with my duality.
The complete lack of evidence is the surest sign that the conspiracy is working." (Daniel Robin and Associates).
Comments
About
the Author:
Dan Morrill has been in the information security field for 18 years, both
civilian and military, and is currently working on his Doctor of Management.
Dan shares his insights on the important security issues of today through
his blog, Managing
Intellectual Property & IT Security, and is an active participant in the
ITtoolbox blogging community.
|
|
