Mythic Monday – Superhero Teams

Some may call them movies for kids that never grew up, others may call them mythic legends of our time.  Whatever your stance, you might have noticed that superhero movies have been quite popular in recent years.  The most recent resurgence started with your basic theme of “ordinary person becomes a super hero at about the same time that an ordinary person becomes a super villain” (Spider-Man and Batman Begins).  More recently, it has morphed into “superheroes teaming up to fight against teams of super villains” (Spiderman 3 and X-Men: The Last Stand).

While the literary quality of such films is debateable, the big security lesson here is that when you’re being attacked on many fronts, it helps to team up. At present, there are threats from all fronts. Uncountable authors release numerous malicious software packages every day. The malware adjusts its own code to avoid detection and spread. Moreover, the majority of companies are often under direct attack by foreign nationals and direct competitors. All of these attacks are growing more subtle, so the challenge is not just in foiling the attackers but also in detecting them. In order to stand a chance, we have to team up too.

So how does this work in practice?

One way is to do what you’re doing now, spend a bit of time each day reading security news from various sources. These can be blogs, podcasts or news sites. Another way is to join groups, whether they are local or online. Local groups tend to meet once a month. The online groups, in contrast, usually do not have a specific meeting time but are very issue-focused. One member may post a question and others will step forward and help to answer it. Some groups are a combination of the above.

Just as being a member of a superhero team isn’t a weekend job, there has to be an ongoing commitment to be successful in a security group. In many cases, it doesn’t really matter which particular group you join so long as you are committed to it. While different groups have their own respective foci, any of them will be better than nothing.

The following are groups that I personally use in my day-to-day work:

• ISSA Des Moines – A business-focused group focusing on education of the members.
• Iowa Infragard – An information-sharing effort between the FBI and businesses. Local chapters exist in other areas.
• SANS Advisory Board – Online group that assists its members with existing issues and helps guide the SANS certifications.
• Central Iowa Area Linux Users Group – Iowa-based group focusing on Linux and Open Source technologies.  Other LUGs exist in other regions.
• Agile Iowa – Iowa-based business-focused group to discuss Agile development practices.  It’s always good to get other points of view regarding what you are actually protecting.

There are, of course, others that I visit on the occasional basis, such as the Des Moines Web Geeks, and the Central Iowa Bloggers and The Virtualization User Group, but I realize that I have a limited amount of time, and it’s better to focus where I can be most effective.  Over time, I may have to narrow my commitments even further.

We may not have an security-focused Justice League or Avengers team, but we also don’t have many lone-wolf security superheroes.  So those of us that work in this field have to work together.  I hope to see you there.