Thursday, November 10, 2011

Everything I know about InfoSec is reinforced in Modern Warfare 3

I picked up Modern Warfare 3 (MW3) the day it came out, one of the only first person shooters I play. While playing online against other gamers I realized a lot of the strategies and philosophies I use in my day job protecting the network from evil. These strategies are even more relevant when I am playing such game modes as Domination and Capture the Flag.

Rule 1 – Do not be afraid to utilize different tools to get the job done.
In MW3 you have plenty of equipment at your disposal, they all provide different tools to get the job done, and excel at different strategies and requirements. With practice you are able to customize your favorite equipment to make them more robust and feature rich. In InfoSec we are taught to utilize some core tools to secure out network. As we gain more experience with the tools we learn the various capabilities that advanced users can comfortably access, as well as coming across new tools that provide a richer tool set to accomplish different needs in the tasks we are assigned.

Rule 2 – Your team is only as strong as your weakest link
In MW3 you might be the best player in the game, but you learn quickly if you cannot win the game by yourself, there are too many variables that are stacked against you. If you want to succeed in the team games you have to work together as a team, and you have to support your weakest link. Just like in InfoSec, you could be the rock star InfoSec guru in the company, but if you attempt to secure everything by yourself, you are going to lose. To protect the network you have to rely on your team and their strengths, those with known weakness need to have helped to improve their skills, while utilizing their strengths to help secure the objectives.

Rule 3 – Maps are different, they have unique qualities, so does each network
In MW3 every map is slightly different and provides different quirks for the players to adapt to. Some maps are wide open with plenty of sight lines while others are packed tightly together, multiple choke points and limited sight lines. The same is true with the networks we are set to defend. Some networks are very distributed and allow everything to pass through; some are tightly controlled with multiple choke points to secure against attacks, while others are small, tightly packed with very limited sight lines to actually see what is travelling in them. Just like the maps in MW3 you must learn the quirks of your network if you want to win.

Rule 4 – You are pwned if you will not adapt to the environment or the attack
In MW3 the likelihood that you will encounter the same environment or attack is very rare. You will end up losing. You must be able to adapt to strategies against you in order to defend or attack the objectives if you want to win. Just like in the InfoSec world, it is very unlikely that you will encounter the same attack vector or environmental variables for every attack. Your strategies must be able to be adapted dynamically to these variables or you will be pwned.

Rule 5 – To survive you must be willing to continue learning
In MW3 it is true the younger players have better hand eye coordination in playing these games, they also usually have more time to play, But I have seen older players play very efficiently against them. In the InfoSec world we are constantly being forced to learn new skills, technologies and attack vectors. If we are not willing to continue to learn than we quickly will become obsolete and increase the risk to the network we are tasked to defend.

Rule 6 – It is ok to specialize in a role
In MW3 every player has a preferred play style, this can be the run and guns kill everything that moves, to the camping sniper who is dropping targets with pinpoint efficiency. In the InfoSec world it is ok to specialize in a few areas and remove yourself from the generalist pool. Keep in mind doing that run the risk of closing some advancement doors, but will allow you to concentrate on the technologies or threats that interests you the most. You can be the guru that specializes in pentest and exploiting webapps, or you can be the guy that is the sniper forensicator* on your team that can pinpoint the data required.  (*word taken from Chris Pogue, Sniper Forensics series)

Rule 7 – It is ok to admit when you have no clue what you are doing, and ask for help
In MW3 this is one of the hardest things I have seen, it is usually by people not afraid of failure. When I first started playing 1st person shooters I was a spray and pray shooter, I mentioned in one game I have no clue what I was doing and some youngster took me to a closed match and walked me through some basic strategies. In InfoSec there is going to be a time when you realize that while you are interested in something you have no clue what you are doing. You can muddle through the tasks and pray that you are doing it right, or can ask for help and learn the skills necessary for success. Hopefully when you ask for help someone will be there to provide assistance.

Rule 8 – If you are not enjoying the action it’s time to change it or move on
In MW3 there will be a time that you are no longer enjoying the session. This can be because the team you are on is not cohesive and refusing to work as a team or the strategies involved just are not working. When this is the case it’s time to find a different session, attempt to get the mentality changed or leave for a few days. The same can be said in the InfoSec world. If you are not happy with your current situation you need take stock of the environment and decide if it is something that you can change and want to within the organization, if you would be happier in another job on another team, or if it has just been a rough few days and you need to take some time away to recharge. In the end a game or work should be something you enjoy more then you hate.

Rule 9 – Regardless how good you think you are, some hotshot punk will come in and pwn you.
In MW3 I keep finding out how good I thought I was is not really as good as the other players in the game. I am a casual gamer, my k/d ratio is horrible, but I have fun and I try my best. I have learned that I am no match for the younger generation when it comes to these games. In the InfoSec world I have learned that there is always someone better than me out there. Someday there will be some hotshot kid come into my environment and show me up, I can either be angry and bent out of shape or I can admit that they are better, and learn from them.

Rule 10 – Sometimes you are going to just have a bad day, just don’t take it personally
In MW3 some days regardless how well you normally play nothing will be going right for you. You will be doing great if you actually have a positive k/d ratio. In the InfoSec you will have those days too. You will do everything you can to keep things working and running smooth, but something will come up and smack you around. It is going to be hard on those days to keep things in perspective, but if you don’t you will get burnt out quicker and not enjoy your job. I have not met anyone in InfoSec that got into this field because they hate it, just like I have not met anyone online in MW3 that started playing because they hate it. If you are having an off day, take a few steps back, adapt to the issue and work to resolve it.
BTW before I forget again.. if you want to match up and help educate me.. XBOX gamer tag is Thrall Rasp

No comments:

Post a Comment