Mark Amory | 4 August 2015
One of the first things any engineer (in any discipline) should do is understand the problem. In the world of security engineering, it helps to know what you are trying to protect and importantly how and why people might want to attack it, in order to create robust Cyber Security.
Whether the problem is protecting data or infrastructure, it is vital that the security engineer understands every facet of the asset to be protected and any vulnerabilities that may be associated with it.
Once the asset is understood, a risk assessment and threat analysis needs to be carried out that will determine the attack surface of the asset. Once the attack surface is determined, mitigating steps can be designed and implemented to reduce the attack surface and eliminate, or reduce risk.
All the time, the ideal security engineer will have to consider how to maintain the CIA triad (Confidentiality, Integrity, Availability) with respect to the asset being protected.
The ideal security engineer will also need to consider four other elements – People, Process, Technology and Physical security.
Working out how to protect an asset effectively is not an easy task, so desirable properties any security engineer needs to have include:
- Logical problem solving
- Attention to detail
- Understanding of People, Process, Technology, and Physical security controls
- Good communication skills
An ideal Security Engineer will need to address the security needs of the business, for example, a security engineer may have to consider the following:
- Open ports on outward facing servers, code listening on those ports
- Services available on the inside of the firewall
- Code that processes incoming data to a database
- Processing of data by human or machine
- An employee with access to sensitive information being socially engineered
- Theft of devices
The above problems, in one way or another involve People, Process, Technology, and Physical security.
How does the engineer maintain the CIA triad around these?
- The ideal security engineer needs to have an in-depth knowledge and hands-on skills of many aspects of I.T., including hardware, software and networking.
- The ideal security engineer needs to play a role in devising comprehensive security policies, which should work to protect the company now and be robust enough to cope with the changing threat landscape.
- The ideal security engineer must also work on implementing and managing the business continuity/disaster recovery strategy, including working with key stakeholders to keep business continuity, disaster recover documentation and training up-to-date.
- Security engineers need to know how to test new hardware, software, and networking systems before implementation and keep on top of them as a regular process of management, testing that the controls put in place actually work is a key aspect of the security engineers’ role.
- Finally, the ideal security engineer should be able to fix problems both on and off-site. Engineers need to be able to examine, troubleshoot and fix security irregularities both at the office and remotely.
For more information check out some of our popular cyber courses