- Steve Jobs is a man of a few words
- Internet routing blasts into space
- 15 free downloads to pep up your old PC
- IBM smartphone software translates 11 languages
- New attack fells Internet Explorer
Mich Kabay takes a high-level view of security issues and provides resources to help safeguard your corporate and personal security.
And now for something completely different!
In 1993 I published a column entitled “Velocihackers and Tyrannosaurus superior” in the paper version of Network World. The article caused considerable amusement because it analyzed the popular movie “Jurassic Park” from an information security perspective.
I’m delighted to report that Jason Holloway, vice president of marketing of the security firm ExaProtect has published an amusing security analysis based on “Monty Python and the Holy Grail.”
The film follows a bizarre rendition of King Arthur (“Son of Uther Pendragon”) and the Knights of the Round Table (and Patsy) as they roam about Britain (knocking coconuts together as sound effects to make up for the lack of horses) seeking the Holy Grail (including in a castle occupied by French soldiers who inform him that Arthur’s mother was a hamster and his father smelt of elderberries). But I digress.
Holloway makes the following points from his analysis of events in the movie.
1. Build security on secure foundations (unlike Prince Herbert’s father who built his castle in a swamp).
2. Use security information and event management (SIEM) to avoid being overwhelmed, as by the Knights Who Say “Ni!”
3. Avoid false positives, as when Sir Lancelot rushes off to Swamp Castle to rescue… Prince Herbert.
4. Beware the presumption of causation based on correlation, as when Sir Bedevere tests a woman accused of being a witch by
claiming that she would weigh as much as a duck - and thus be made of wood.
5. Be sure to store log files so that you can interpret current security alerts in the light of data - unlike the Knights’
focus on the incomplete record left by Joseph of Arimathea about the Castle of aaaaaaaarrrrrrgggghhhhh.
6. Remain flexible in setting and adapting policies - unlike the Black Knight who repeats “None shall pass” regardless of
circumstance.
I urge all Monty Python nuts^H^H^H^Hfans to enjoy Holloway’s excellent essay.
M. E. Kabay, PhD, CISSP-ISSMP, specializes in security and operations management consulting services. CV online.
Rss FeedRss Feed
The Leader in Network Knowledge
Comments (1)
RE: Jason Holloway's Holy GrailBy Anonymous on October 16, 2007, 12:33 pmMr. Holloway's article is a good start, but it completely overlooks the lesson of Castle Anthrax - "Sex is more fun than security. This cannot be proven, however...
Reply | Read entire comment
View all comments