Whoever is first in the field and awaits the coming of the enemy, will be fresh for the fight; whoever is second in the field and has to hasten to battle will arrive exhausted.
This is a post about fields. Yes, green, grassy fields.
It’s a strange mystique that non-tech-cyber-IT-etc people (which is most of the people) put on cyberspace. It’s a kind of ‘i’m not sure what goes on in there so i’m not going to even try’ kind of vibe. To help overcome this a bit and conceptualise my main points, I’m going to start by talking about ‘the field’.
‘The field’ that we are talking about is your network. Your systems. Your home network, your business network, whatever networks you own. Ownership is important, because for most people it implies privacy, or liberty. To own something is the essence of our liberal capitalist democracies. When you drive through the country, you see field after field. Someone owns those fields. Just like you own your networks.
Fields are owned. Far in time from ancient china, all land everywhere is now owned by someone. Be it a government, a state, a community, a family, or an individual. Just like cyberspace.
There is also no portion of cyberspace which is not owned. The computing, the storage, the network connections, is all owned. Public internet sites may be open to the public, like a shop, but the site is still owned. Students on a university network exist in cyberspace exactly the same way as they walk around the campus. The university still owns that network, as it does the buildings. Cyberspace is a mirror image of meatspace. If we go back to the field analogy: the internet is the roads which connect the properties in the countryside, and the fields are the respective private networks of businesses. They have access roads off the ‘internet’ roads up to the homestead, and a letterbox, and a sign that says ‘ye olde farming and financial accounting firm’. Okay I’m going too far with this let’s move on.
So imagine now you’re a farmer/accounting executive and you own a field/network.
Theres been a lot of bandits raiding peoples farms and taking their crops/livestock/money/data. So you call me a bandit defence/cyber defence expert. I walk up to your homestead and you greet me at the door.
you say “I’m worried about the bandit problem”
I say “those bandits?” and point at the bandits all over their property carrying out their furniture, taking the grain, leading away the livestock, and setting fire to the fields.
Get to the point
Alright alright.
I would say at least half the time I go to do a security uplift of a network the first thing I need to do is incident response. The amount of effort a business (and their newly paid cyber security provider) needs to expend to secure a compromised system as opposed to an un-compromised system is ten fold.
What was all that stuff about the fields then?
Fields are historically common places for battles. They have good lines of sight, no cover for the enemy, and if you were there first you could dig trenches, and build traps or obstacles. They’re also owned (as we established).
The title sentence is completely true of cyberspace as it is of meatspace. You will exhaust your resources if you do not get to the field of battle before the enemy. The difference is, you own the field. You will always be there first.
The problem is, you need to make it ready for battle. This is where people fail.
It’s a funny thing about ownership. It’s like we can’t see past our liberal capitalist democracy values in cyberspace. People have this feeling that because they own the field it’s less likely that someone will trespass and walk around on it and take stuff. This is probably because they don’t understand how someone could do that, unlike their understanding of petty crime. Perhaps it’s also a sense that they wouldn’t do that, and no-one they know would to that, so who’s going to trespass on my field/network. The internet is internationally connected. People sitting in other countries don’t have to abide by our laws. They don’t have to share our values. They are most often beyond the reach of our authorities. Of course there are also people in Australia who will trespass on your network/field, but there’s also people who will mug you or break into your house.
Cyberspace is a battlefield. Just because you own the field does not mean people aren’t going to trample across it and pillage what they want. You need to defend your field. You need to get it ready for attack before it is attacked.
My advice
You know what we in the cyberspace (cyberspacers? … cybernauts?) call a new network? a greenfields environment. Thats right, GREEN FIELDS. What a coincidence. You can’t write that stuff.
If you have a greenfields network, the first thing you should do is make that field ready for an attack. You should prepare and do as Sun Tzu said and await the coming of the enemy. Because they will come. Setting about making a secure environment from the start is much much easier than doing it years later. Take actual ownership of your portion of cyberspace. Own the attack risk and do something about it, before the enemy does.