Protection Strategies - Part 2/3

In Part I of this series, I explained how I take a strategy from another familiar setting and produce parallel tactics within the information security realm. Part II of this article will continue this trend by learning the strategies used in Safe Firefighter Operations.

In many ways, the fire department is like any organization: there is a known organization structure, and workers are assembled as teams, and these teams interoperate to accomplish the same goal. And as with most organizations, one team’s interpretation of objectives may differ from another. For example, every team is trying to extinguish a fire with its hose; but it becomes a life safety issue when the interior team is pushing the fire outward with their hose and the exterior team pushes the fire inward with their water stream.

Pre-planned team coordination and clear communications across the entire organization are necessary to prevent injury as well as further damage.  In Part I of this series we learned that emergency services of all kinds rely on the National Incident Management System (NIMS) for a structured approach to communication and decision making at the organizational level. However, to operate safely at the lowest levels of the operation, each team must learn safety “circles of responsibility”. These priorities are simple and effective, and have served me well in both firefighting as well as information security awareness:

• Protect Yourself: Every team member’s primary priority is to protect themselves. This aligns with Maslow’s hierarchy of needs. In emergency situations, one needs to ensure that the team can focus on the issue at hand. If any single individual becomes a victim; then the entire team itself is taken out of service to deal with that individual. In parallel, if your workstation becomes infected, then you and your entire team must stop work while security and support teams review all workstations in that network and mitigate the situation.
• Protect Your Team/Company: Knowing how the loss of a single individual resource can affect team operations, it becomes your responsibility to look out for other team members. If nobody in your team is the evangelist for data security, then it becomes your responsibility to be it. If there is someone already in that role, then you should ensure other team members are following the recommended practices and procedures.
• Protect Your Client: Even though this sounds counter-intuitive for fire rescue operations, it applies. Your client is helpless if your team is disabled, which can be caused by one individual misstep in the team. In emergency situations, first responders will always have taken care of their first two responsibilities (through pre-planning and training) even though it may look like they jump to this step. Similarly, your Cyber Incident Response Team (CIRT) – no matter how small – should have done the same pre-planning and training so their response to your data breach will go smoothly.

As your business operations grow and become more complex, it is imperative that these safety circles of responsibility propagate throughout the organization.