I went through some military training where the instructor had us all stand up in a room, raise our right hands, and do the wax-on, wax-off motion, and we repeated the word follow the process, the process will save you. It was meant for us to stay within our box and not deviate from the rules. It meant that we should not question the process because this process has been in existence and it is proven to work. There were people that loved the process so much that they breathed it. It was their doctrine. Groups of these people would band together and perfect the idiosyncrasies of the process. Processes are necessary for running operations, as they provide a sequence of what to do when and who will do what when. It is simple. Stay in your lane.

Well, today is different to yesterday. There have been processes that have been in place for years. Like lanes on a road, processes need to be reinforced, reworked, and improved. All organizations are different in the way that they run their IT operations. Maneuver warfare fits the description of what a malicious actor would utilize to get into a network. Defense in depth is another way of saying attrition warfare. Screened subnets, network segmentation, and sandboxing; it is the idea that we should be taking ground from our opponents at different levels to decrease the possibility of exploitation. We need to change the game. Our adversaries are maneuvering for our crown jewel information, finding different vectors, or avenues of approach, to gain access to it.

Defeat is extraction of information or critical loss of business capability.

How do we build processes within our organization that allow for agility, initiative, trust, and collaboration to take action? We need a strategy that allows us to be flexible and continuously monitor our strengths and weaknesses within our organizations' security programs. We must be able to adapt to change quickly and have the capability to anticipate the probability of exploitation of our critical vulnerabilities in strategic areas of interest. We need to have the support and authority to take initiative in exploiting opportunities to improve security.

If we continue to follow our processes, will they save us from compromise?