Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

1.92 Seconds, On Repeatability

The Williams Grand Prix Engineering team currently owns the record for the fastest pit stop in Formula One at 1.92 seconds. Think about that. In the time it takes you to blink twice, a car pulls in, has 4 wheels taken off and a fresh set put on and drives away. That’s mind-blowingly fast.

The Williams Grand Prix Engineering team currently owns the record for the fastest pit stop in Formula One at 1.92 seconds. Think about that. In the time it takes you to blink twice, a car pulls in, has 4 wheels taken off and a fresh set put on and drives away. That’s mind-blowingly fast.

When NBC Sports interviewed the pit crew that set that record and asked them how they got to be so blazingly fast, the answer was quite simple. Repeatable motions and practice.

In order to get to 1.92s for a pit stop the Williams crew practiced. And practiced. And practiced until they had it down to muscle memory. Hundreds maybe even thousands of times. Each of the crew team had a role to play and they knew exactly what to do and how and when to do it. One person’s job was to use the air tool to loosen the lug. Another’s job was to pull the old tire off. Another’s job to put the new tire on. Then the person with the air tool would bolt the tire back in.

There is a lesson to be learned here for security professionals and leaders. That lesson is really three-fold.

First, there is the lesson of specialization. The person who operates the air tool, while they are familiar with the “tire off” operation, doesn’t perform that role. They have one role to play, and they specialize in it. That’s all they train for. That’s all they do.

In our field, you specialize, too. But realistically you’re never just going to be a forensics acquisition specialist – and that’s all you’ll ever do. Most companies aren’t big enough to have such deep specialists only doing one job. Instead you’ll train and get amazingly good at one thing, but you’ll also learn others at which you’ll be OK. The point is to specialize. Know your strength and your passion, and study it. Live it.

The second lesson is repeatability through process. Yes, that sounds complicated – but it’s actually quite simple. Develop a process that is as simple as possible to accomplish the task at hand. Then take that process apart and find efficiency gains you can get by making adjustments. After that, what’s left is automation. Automate using whatever you have available – commercial and open source tools included.

Repeatability is so critical, I urge you to spend a lot of your energy and time here. As much as you need to do. Don’t overlook the importance of having something that’s repeatable. To be repeatable, a process must be well-documented, well-understood and well-practiced. I’ll focus on that last part in a second. Documentation is critical. Pretend like you’re writing up instructions for someone who has never done this before. Process flow diagrams are always preferable in the heat of the moment because no one wants to have to skim through a 40-page manual to figure out what to do when any particular thing goes wrong. Trust me. This is a topic for a whole other article in the future, but I’ll leave it at that. Document like you’re doing it for an eighth grader.

Advertisement. Scroll to continue reading.

Finally, the last lesson is practice. No one on that Williams team was at 1.92s on their first try. In fact, I’m willing to bet that the first few times that person with the air tool tried to unbolt and bolt they maybe even got the direction of the tool wrong. Meaning that they had it set to right (tighten) when they needed it left (loosen). But after practicing a thousand times the likelihood of getting it wrong drops off a cliff. Not to say that they won’t ever get it wrong, but the likelihood is dramatically lower.

Practice is one of those things people say we can’t really do. How do you really practice for a situation when your CEO is compromised and the board memos are being leaked to the Internet? Simulations are nice, but they don’t simulate the pressure of real-life. There is no substitute for real-life situations. So, to that I say, practice in real-life.

Once you have some confidence (and not a moment before) had someone from one of the many red teams out there hit you with what they’ve got. Then go into battle mode. Practice,  find your failures and have someone write them down. Then practice those pieces until you’ve got it right, without thinking. Then do the whole thing again and identify more broken stuff. Rinse and repeat until you’re perfect. Then do it again because you’re delusional—no one’s perfect.

There you have it. You too can get down to your 1.92s. Whether it’s changing a Formula One car’s tires or responding to a ransomware attack against your medical device IoTs. The key is to find a way to be repeatable by developing the process, establishing repeatability and then practicing until it becomes muscle memory.

Good luck out there!

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...