One of the great eye opening moments for me in the past few years was learning that we are outnumbered. Not only does it appear that there is a non-stop wave of malware and evil sites that are constantly trying to infect our systems, but it seems like our user population is working against us as well by trying to click on every evil link or evil file that they come upon. Because of this it is very easy to feel like the plight of today’s security professional is a grim one. I often say that we are in one of the only professions I know of which is destined to fail. You will have a breach and there will be compromises; you will get called out. In light of this reality I still find that information security professionals are a fairly happy lot. The trade-off for having the cards stacked against us is in that we get to work in on of the coolest fields.
If you don't think so….please get out. There are other people who would love to have your job.
However, I have also realized recently that we are not alone. There is another group of professionals that we work with every day that can help us. Our Administrator brethren are an untapped resource for the information security community. We need to start cross-training with them if we want to stand a chance against the onslaught of attacks and malware that we face on a daily basis.
There are a number of different ways to go about this. There are commercial training options for your systems administrators that are short and to the point. I will be teaching one of these classes online and another in New Orleans in January. Please see the below links for more information.
However, beyond the commercial options there is something that we should be doing as well. I recommend having weekly brown bag meetings where you can show your systems administrators some cool tricks for ideating an incident and they can show you some neat tricks for understanding the business application process flow of your organization. This tradeoff is beneficial because it illuminates both aspects of an organization, security and day-to-day administration.
Keep in mind that one of the greatest instructors of evil, the great Bastard Operator From Hell, was a Systems Administrator. There is much we can learn from them.