This information security strategist is changing jobs! Well, for a while anyways. The Intel Information Technology division, supports a variety of options for temporary job rotations across the company. Such internal movement encourages the circulation of ideas, perspectives, constructive criticism, and the sharing of best methods and practices. It builds a stronger business community and fosters closer employee teamwork, which can be challenging with 80k workers in 150 locations, resulting in more effectiveness across the entire organization.
I seized an opportunity within of the Information Security team, chartered with protecting Intel's internal business operations, to partner with the product folks who are designing the security features of Intel's future products. What a win! Incorporate security veterans seasoned with practical experience with the brilliant designers and engineers creating security technology building-blocks for the future of the computer.
I am truly excited to dive into the security feature product side of the industry. Intel has a coveted advantage from a security perspective, as we design the base computing hardware. In the race for attackers to get lower in the stack, we already sit at the bottom with control of the core computing hardware and therefore reign over the most basic logic elements in the computer. There is real power in that location. Intel is well positioned to take advantage of this for the security benefit of all.
When I accepted the rotation I began thinking back on all the long nights working crises, responding to incidents and investigations, all the creative solutions applied to unusual situations, and reflected on the many scars from years in the trenches. I scratched out a wish-list a mile long, which includes my most crazy ideas to secure systems, data, networks, enterprises, clouds, infrastructures, communities, and industries at the hardware layer. Be honest, wouldn't you do the same?
So I am packing my bags, bringing all the wacky ideas, and leaving the halls of IT for a few months. I will get to work with some of the worlds finest engineers, product managers, and architects in the computer industry! Although it is humbling to know I am the lowest common denominator when it comes to brains, in every meeting I attend, I do get the benefit of learning from the best and brightest. It is great the product teams are willing to have this old security dog in their discussions.
I think is it a fair trade, as they get to pick my brain on how the industry struggles to develop, deploy, and sustain security controls in the ever elusive goal of achieving optimal security. As a strategist, I have the advantage of the big picture over time. How threats are evolving, what is and will be targeted, and how the attack methods will lead ahead of the defensive countermeasures. I will help contribute to the macro picture as they are the experts in the micro functions which constitute the very building block foundations of what could be a prerequisite for the next generation of security tools, protections, services, and defensive capabilities.
REALITY CHECK: To be completely honest, it may not exactly be a fair trade. I get to learn from the best and brightest, while they get stuck with a cynical, slightly paranoid, glass-half-full, InfoSec security veteran who likes to talk far too much. Additionally, they will witness my Dr. Jekyll impersonation when discussing how security advocates may use product features to deliver security and then see me switch to Mr. Hyde as I also lament on how the same features could possibly be used by the malicious for nefarious purposes. And my sarcasm is just a bonus to sweeten the deal.
So off I go to the product groups, on loan for 6 months. Much thanks to the IT CIO who supports such cross pollination of ideas and likes risk-taking now and then. Or maybe she is just not a fan of my sarcasm.