If you've read the blog for a while you know I promote threat-centric security in addition to vulnerability-centric security. I think both approaches are needed, but I find a lot of security shops ignore threat-centric approaches. But in this brief post I'd like to talk about one skill you're likely to need in a threat-centric team.Clearly knowledge of programming languages is helpful for vulnerability-centric security. Those who can program in the right languages can help identify vulnerabilities, develop exploits, and do other code-centric work.
Different skills are needed for threat-centric security, however. If a programming language is helpful for vulnerability-centric operations, then a foreign language is helpful for threat-centric operations. Specifically, analysts will find it useful to read and potentially speak the language used by their adversaries. It is likely that while learning a foreign language, and more importantly maintaining or improving that skill, the analyst will learn about the adversary's culture. At the highest level of threat-centric security, analysts understand the adversary not through native eyes, but through the adversary's eyes.
None of this is news to anyone with an intelligence or counterintelligence background, but I think this approach represents additional maturity in an enterprise security program.
Tidak ada komentar:
Posting Komentar