The Rules for Secure Operations

These are not mine, this is a compilation of knowledge over years of experience and study. Mistakes have been made and sometimes we learn the hard way. I am attempting to help so that you don't have to take the same path. Some of these are self evident but still are of note. This will be a multi-part series, as there will be many rules to learn from, as there have been many lessons. ABC. Always Be Careful.

Rule 61: “Bad guys attack, and good guys react” is not a viable security strategy.

Rule 62: An adversary is most vulnerable to detection and disruption just prior to an attack.

Rule 63: You should only use security hardware, software, and strategies you understand.

Rule 64: Low-tech attacks work (even against high-tech devices and systems).

Rule 65: Never let them see you bleed.

Rule 66: Don’t believe what you’re told. Double check.

Rule 67: Never mess with a man’s coffee if you want to live.

Rule 68: When overwhelmed divide the tasks in smaller subtasks, simplify.

Rule 69: Hide in plain sight.

Rule 70: Always be ready to go at any moment’s notice. Learn to be light and move fast.

Rule 71: Swift, Silent, Deadly. The only way to go about doing your business.

Rule 72: Think like a man of action, act like a man of thought.

This is the final set of rules, and with them a sense of fatality, fatalism. Absolutisms. Thank you for leting me share my experience and (hopefully) wisdom, may it help you run secure ops. Remember, legality and security have no correlation, you deserve security in everything you do.

Part 1 The Original 12

Part 2 Pick your battles

Part 3 He who angers you conquers you

Part 4 Be content with what you have

Part 5 Under promise and over deliver

-Chronic0ps