Senior lawyers always used to advise their juniors to focus on the human side of the profession. I vividly remember the golden words one of the professors of law from Sindh Law College in Hyderabad, who used to quote in his introductory lecture to the students of LLB Part 1, “A good lawyer is always a part of the solution, and not a part of the problem. A good lawyer has knowledge and skills, and anyone devoid of knowledge (law and related subjects) and skills can impede access to justice.” However, the situation nowadays is totally different. Last week, I visited a few friends and saw a few students in different bar rooms. I was really shocked to notice that the virtues that I have mentioned above, have waned. Such a great degree of deterioration in the cardinal virtues in this highly valued and rewarding profession has really upset me as a humble disciple of law and political science. The relevant legal bodies at all levels are requested to take notice of this dismal situation, which has put this noble profession in the grip of turmoil. It now has a tarnished image.
Information security still immature, RSA conference told
Mature professions have already gone through the transition from superstition to data-driven decisions, he told attendees of the RSA Europe 2013 conference in Amsterdam. In statistics, degrees of freedom are parameters in a system that are free to vary independently, which means they do not matter and can be disregarded, said Thompson. As a profession matures, its practitioners have a growing ability to identify what things matter so they do not waste time and energy on those that do not. The speed at which a member of a profession can identify what does not matter is a measure of that professions maturity, he said. Unlike mature professions such as medical or accounting, security professionals have not yet developed a standard set of tried-and-tested metrics that enable practitioners to make data-driven decisions. Even baseball team selections are no longer made on gut feel, but are based on proven statistical analysis of players performance, said Thompson. However, he believes information security has begun making the transition, with an increasing focus in the industry on developing the ability to make data-driven decisions. More on security as a business enabler Most businesses need to transform IT security, says RSA This week saw the launch of an industry-wide project aimed at collecting as many useful, positive security metrics as possible to enable data-driven security by the Trustworthy Internet Movement (TIM). Thompson said statistical analysis could transform information security in much the same way as it has transformed baseball, insurance and retail. Considering the velocity of change in IT, it is important for information security professionals to be able to figure out what does not matter very quickly, said Thompson. Like a spotter who is responsible for the safety of a gymnast on parallel bars, he said an information security professional needs to provide dynamic protection without interfering with the business. The spotter does not tell the gymnast what not to do, but spots potential danger and is there to protect when needed, he said. Security no longer has veto power, so it has to become aligned with where the business needs to go, help it to get there and protect it in the process, said Thompson. Five years from now, the discipline of security will be about business not technology, it will be about aligning with the business and being flexible by figuring out what does not matter, he said. Having the ability to identify and focus on the things that matter, said Thompson, will mean that security professionals will no longer be the ones saying no, but in the profession of business enablement.