Friday, July 16, 2010

Human Language as the New Programming Language

If you've read the blog for a while you know I promote threat-centric security in addition to vulnerability-centric security. I think both approaches are needed, but I find a lot of security shops ignore threat-centric approaches. But in this brief post I'd like to talk about one skill you're likely to need in a threat-centric team.

Clearly knowledge of programming languages is helpful for vulnerability-centric security. Those who can program in the right languages can help identify vulnerabilities, develop exploits, and do other code-centric work.

Different skills are needed for threat-centric security, however. If a programming language is helpful for vulnerability-centric operations, then a foreign language is helpful for threat-centric operations. Specifically, analysts will find it useful to read and potentially speak the language used by their adversaries. It is likely that while learning a foreign language, and more importantly maintaining or improving that skill, the analyst will learn about the adversary's culture. At the highest level of threat-centric security, analysts understand the adversary not through native eyes, but through the adversary's eyes.

None of this is news to anyone with an intelligence or counterintelligence background, but I think this approach represents additional maturity in an enterprise security program.

1 comment:

webjedi said...

Rich,

This reminded me of one of the first times we started seeing an influx of stuff from China at a former employer many years ago. My cohort and I spoke English (as well as he also spoke French and I German) - so we were at a loss... luckily his girlfriend at the time (now wife) was from China (now naturalized US citizen) who we shuttled of an email to her to have her help translate. It did wonders, because at the time all that existed to help was Babelfish and the other translation engines hadn't yet supported Asian languages.

As I would note, having now brought this up, barring any of the CI issues (which some companies aren't as worried about) that the DoD has, using translation software (private or public) isn't a bad way to help in cases where you run into having to have some language skills on a case or doing research. I know it's become invaluable when I work handling incidents without the actual lingual skills or resources readily available. I was wondering what your thoughts are on that. As for "know thy enemy" - it's also good practice to have a few good foreign language blogs, on-line editions of newspapers (do they still exist) and other sites to get the other perspective and to also utilize the same tools. You never know, with enough poor Ching-lish translations, it may spur folks into actually taking the next step and learning to read and speak it.