Home > Uncategorized > The Importance of Situational Awareness

The Importance of Situational Awareness

Mica Endsley introduced the notion of situational awareness in dynamic systems in 1995. An oversimplified summary of what he wrote is that systems produce information that can help people become more aware of what is going on around them.

The longer I have been in the information security arena, the more I realize just how important situational awareness is. But situational awareness is far greater than the result of interacting with systems. We are bombarded with information from a myriad of sources every day. It is truly a rare individual who is able to filter out irrelevant information and tune in to relevant information. But even people who possess amazing filtering capabilities may miss information that may be extremely relevant to them and their job, and they thus may not be as situationally aware as they could and should be.

One of the areas in which information security professionals need a high level of situational awareness is in monitoring and intrusion detection. We have network monitoring tools, system logging, intrusion detection tools, and more, yet too often we do not realize what is going on in our computing systems and networks. TJX provides a perfect example. The time between the first break-ins into TJX’s network and when these break-ins (which had greatly proliferated) were first detected was an unbelievable 18 months. I wonder what system and network administrators as well as information security staff were thinking all the while—in reality, they lacked situational awareness. The same was true of the same groups of staff at Heartland Payments Systems—the good news there is that it took “only” six months to detect the break-ins there. And the same was also true of staff at the University of California-Berkeley, where it took nearly a half year to detect the fact that a massive data security breach had resulted in the compromise of personally identifiable data of nearly 100,000 faculty, staff and students.

But situational awareness is much broader than scope than its application to the technical area. It in particular applies to managers. My experience has taught me that a large percentage of managers are not really situationally aware. They too often are in touch neither with the pulse of their organizations nor what their subordinates think of them and how good or bad the morale among them is. Scott Adams portrays this kind of situation in his legendary Dilbert cartoons, as do the writers of the television show, The Office (where Michael comes across as a very out-of-touch head manager). I’ve also found that non-situationally aware managers are very often the very worst managers anywhere. Why? I suspect that being out-of-touch is very much related to narcissism. Very self-centered people are paying attention to themselves, and not others or what is happening in the office environment in which they are a player.

We’ll let the psychologists ruminate on why some people lack situational awareness so badly. At the same time, however, consider how lack of situational awareness can hamper an information security practice. Lack of knowledge of the business a security practice is supposed to serve is a fatal sin, one that virtually isolates that practice from the business. Lack of knowledge concerning the degree to which employees and contractors are complying with policies, standards and procedures means that no feedback concerning their success as control measures is available, meaning that appropriate changes and adjustments to them will probably not occur.

People often wonder how to become more situationally aware. A good starting point is getting a 360 degree appraisal on yourself done—one in which superiors, peers, and subordinates evaluate your performance. Another is to analyze what sources of information you may be missing and try to tune in to these sources. Another is to go through the painful process of discovering your “blind spots,” things about yourself that others know, but that you do not know. Frank and open discussions with others will help considerably in this regard. Whatever you do, I urge you to work on improving your situational awareness—it is one of the most important endeavors you can do to improve your effectiveness not only on the job, but in life in general.

Categories: Uncategorized Tags:
  1. No comments yet.
  1. No trackbacks yet.
You must be logged in to post a comment.