I picked up Modern Warfare 3 (MW3) the day it came out, one
of the only first person shooters I play. While playing online against other
gamers I realized a lot of the strategies and philosophies I use in my day job
protecting the network from evil. These strategies are even more relevant when
I am playing such game modes as Domination and Capture the Flag.
Rule 1 – Do not be
afraid to utilize different tools to get the job done.
In MW3 you have plenty of equipment at your disposal, they
all provide different tools to get the job done, and excel at different
strategies and requirements. With practice you are able to customize your
favorite equipment to make them more robust and feature rich. In InfoSec we are
taught to utilize some core tools to secure out network. As we gain more
experience with the tools we learn the various capabilities that advanced users
can comfortably access, as well as coming across new tools that provide a
richer tool set to accomplish different needs in the tasks we are assigned.
Rule 2 – Your team is
only as strong as your weakest link
In MW3 you might be the best player in the game, but you
learn quickly if you cannot win the game by yourself, there are too many
variables that are stacked against you. If you want to succeed in the team
games you have to work together as a team, and you have to support your weakest
link. Just like in InfoSec, you could be the rock star InfoSec guru in the
company, but if you attempt to secure everything by yourself, you are going to
lose. To protect the network you have to rely on your team and their strengths,
those with known weakness need to have helped to improve their skills, while
utilizing their strengths to help secure the objectives.
Rule 3 – Maps are
different, they have unique qualities, so does each network
In MW3 every map is slightly different and provides
different quirks for the players to adapt to. Some maps are wide open with
plenty of sight lines while others are packed tightly together, multiple choke
points and limited sight lines. The same is true with the networks we are set
to defend. Some networks are very distributed and allow everything to pass through;
some are tightly controlled with multiple choke points to secure against
attacks, while others are small, tightly packed with very limited sight lines
to actually see what is travelling in them. Just like the maps in MW3 you must
learn the quirks of your network if you want to win.
Rule 4 – You are
pwned if you will not adapt to the environment or the attack
In MW3 the likelihood that you will encounter the same
environment or attack is very rare. You will end up losing. You must be able to
adapt to strategies against you in order to defend or attack the objectives if
you want to win. Just like in the InfoSec world, it is very unlikely that you
will encounter the same attack vector or environmental variables for every
attack. Your strategies must be able to be adapted dynamically to these
variables or you will be pwned.
Rule 5 – To survive
you must be willing to continue learning
In MW3 it is true the younger players have better hand eye coordination
in playing these games, they also usually have more time to play, But I have
seen older players play very efficiently against them. In the InfoSec world we
are constantly being forced to learn new skills, technologies and attack
vectors. If we are not willing to continue to learn than we quickly will become
obsolete and increase the risk to the network we are tasked to defend.
Rule 6 – It is ok to
specialize in a role
In MW3 every player has a preferred play style, this can be
the run and guns kill everything that moves, to the camping sniper who is
dropping targets with pinpoint efficiency. In the InfoSec world it is ok to
specialize in a few areas and remove yourself from the generalist pool. Keep in
mind doing that run the risk of closing some advancement doors, but will allow
you to concentrate on the technologies or threats that interests you the most.
You can be the guru that specializes in pentest and exploiting webapps, or you
can be the guy that is the sniper forensicator* on your team that can pinpoint
the data required. (*word taken from
Chris Pogue, Sniper Forensics series)
Rule 7 – It is ok to
admit when you have no clue what you are doing, and ask for help
In MW3 this is one of the hardest things I have seen, it is
usually by people not afraid of failure. When I first started playing 1st
person shooters I was a spray and pray shooter, I mentioned in one game I have
no clue what I was doing and some youngster took me to a closed match and
walked me through some basic strategies. In InfoSec there is going to be a time
when you realize that while you are interested in something you have no clue
what you are doing. You can muddle through the tasks and pray that you are
doing it right, or can ask for help and learn the skills necessary for success.
Hopefully when you ask for help someone will be there to provide assistance.
Rule 8 – If you are
not enjoying the action it’s time to change it or move on
In MW3 there will be a time that you are no longer enjoying
the session. This can be because the team you are on is not cohesive and
refusing to work as a team or the strategies involved just are not working.
When this is the case it’s time to find a different session, attempt to get the
mentality changed or leave for a few days. The same can be said in the InfoSec
world. If you are not happy with your current situation you need take stock of
the environment and decide if it is something that you can change and want to within
the organization, if you would be happier in another job on another team, or if
it has just been a rough few days and you need to take some time away to
recharge. In the end a game or work should be something you enjoy more then you
hate.
Rule 9 – Regardless
how good you think you are, some hotshot punk will come in and pwn you.
In MW3 I keep finding out how good I thought I was is not
really as good as the other players in the game. I am a casual gamer, my k/d
ratio is horrible, but I have fun and I try my best. I have learned that I am
no match for the younger generation when it comes to these games. In the
InfoSec world I have learned that there is always someone better than me out
there. Someday there will be some hotshot kid come into my environment and show
me up, I can either be angry and bent out of shape or I can admit that they are
better, and learn from them.
Rule 10 – Sometimes you
are going to just have a bad day, just don’t take it personally
In MW3 some days regardless how well you normally play
nothing will be going right for you. You will be doing great if you actually
have a positive k/d ratio. In the InfoSec you will have those days too. You
will do everything you can to keep things working and running smooth, but
something will come up and smack you around. It is going to be hard on those
days to keep things in perspective, but if you don’t you will get burnt out
quicker and not enjoy your job. I have not met anyone in InfoSec that got into
this field because they hate it, just like I have not met anyone online in MW3
that started playing because they hate it. If you are having an off day, take a
few steps back, adapt to the issue and work to resolve it.
BTW before I forget again.. if you want to match up and help educate me.. XBOX gamer tag is Thrall Rasp
No comments:
Post a Comment