Last Thursday I took my CRISC exams and - the restless person I am - I had already arranged to take sailing classes over the weekend. I always wanted to take sailing classes, and I had gone sailing once several years ago when I was still living in Greece. My idea was that when I grow old I will buy a small sailing boat and sail around my beloved Crete.
But I'm not so old yet and the fact is that I did not enjoy sailing so much after all. It was kind of static - a lot of "do nothing" time. And without really being able to move or stretch too much in such a limited space, I ended up feeling bored and tired.
The interesting thing though is how - during the countless minutes I was sitting doing nothing - I started thinking about analogies between sailing and infosec. Not only crisis management, but preparation as well.
- immediate response is important; as the wind and the currents may change rapidly you need to react as soon as possible. Pretty much the same with infosec incidents. The faster you react, the better
- there is no recovery time; when you think you are over the dangerous situation, a new such threat may materialize immediately and from a different direction
- cooperation is extremely important; if the sailors do not cooperate to act in a coordinated way, or even worse cancel each others' actions by for example raising the sail in the different direction, the situation will not be resolved. Exactly the same with IT and Security teams.
- for sure one has to be prepared. If your ropes are not ready and functioning when the crisis comes, you will not have time to fix them then. As is the case with patching and network diagrams existence.
- leadership is important; we are all friends and exchange ideas when time is available, but during crisis the captain has to take decisions based on their experience and expert knowledge. The instructions have to be followed to a T.
Overall, I don't think I will be learning sailing after all. But I will definitely consider a sailing trip as the next team bonding activity I will get to schedule.