It is pitch black. You are likely to be eaten by a grue.
> install security_tools_of_awesomeness.exe


For those who have no idea what a grue is, you can click the link and allow your mind to expand to the wonderful world of Zork gaming. If you don’t know what a grue is, and don’t want to know, I’m not sure we can still be friends. What I loved about Zork was that there was no clear way of playing the game. You had to figure it all out on your own, and sometimes you were eaten by a grue. The same is true for some of us in Information Security.

So why the zork and grue references? Well, let’s use our imagination for a minute. Instead of being in an open field west of a big white house, imagine that this is the situation you are in. You have arrived at a new company as their new Security whatever (insert CSO, Engineer, Computer person as appropriate). This company has zero security controls in place to protect their network. You have a limited budget and time. You can choose 3 tools to help you. Which 3 tools do you pick?

Which 3 tools would you use if you had zero budget? What about only $10,000? How do you solve a problem that a lot of organizations seem to be facing? The tools don’t necessarily have to be hardware or software. Some of the best “tools” I have are people with programming skills. Do you choose IDS, antivirus, and log management, or do you choose a SIEM, IDS, and a programmer? Do you have the time to write a program or not? Will you be eaten by a grue?


This blog post doesn’t propose to answer that question. This blog post is designed to get your creative juices flowing. Remember, not every organization has a large budget to get security implemented. I really want to know what approach you would take to solve this problem. If you would please respond to my twitter post with your ideas I’d be interested in seeing your solution.

You install the security tools of awesomeness. But, during the install the power goes out.
It is dark.
A grue grins evilly. However, it is so dark that you can't see it grin.
You have been eaten by a grue.
Would you like to play again? [Y]es [N]o

