CIA
English: Information Security Components layering the Information Assurance at three levels: Physical security, Personal Security, Organizational security. These layers protect the value of the information by ensuring Confidentiality, Integrity and Availability. (Photo credit: Wikipedia)

OK. In the previous post “Cyber Security how does it correlate to personal Self-Defense?” we left off at attempting the correlation of the following Cyber Security Controls into Personal Security Controls.

CSC 1: Inventory of Authorized and Unauthorized Devices
CSC 2: Inventory of Authorized and Unauthorized Software

Now in relation to Cyber Security these two controls are primary about controlling your computer environment; we don’t want rogue (unauthorized) devices or software  in our environment because they introduce vulnerabilities that could be exploited.

Just in case you are unfamiliar with the terms vulnerability and exploit here are the definitions:

In computer security, a vulnerability is a weakness which allows an attacker to reduce a system’s information assuranceVulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw.
Vulnerability (computing) – Wikipedia, the free encyclopedia
https://en.wikipedia.org/wiki/Vulnerability_(computing)

An exploit (from the English verb to exploit, meaning “using something to one’s own advantage”) is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something …

Exploit (computer security) – Wikipedia, the free encyclopedia

https://en.wikipedia.org/wiki/Exploit_(computer_security)

In human terms a vulnerability is leaving yourself open so that someone can take advantage \ exploit and put you in a compromising position.

A common scenario is people walking around and focusing on their phone or tablet instead of being aware of their surroundings (vulnerability) and allows a bad-guy (threat) to exploit (mugging) the vulnerability (lack of awareness)

OK now that we have the technical jargon out of the way how do we relate that to personal self-defense and the individual practitioner.  When looking at the terms “Authorized / Unauthorized Software and Devices” what exactly does that mean?  Does it have something to do to with alien abductions, rear-end inspections and then forcing you to slow dance to Lady in Red?  Simply put, no.

How do we relate these terms of unauthorized hardware and software to what and who we are? When you wake up and get dressed are you unknowingly putting on un-authorized items of clothing? Does that ugly sweater that Aunty Carol gave leave you vulnerable in such a way so that others can exploit you and then make you do things like try and eat that un-edible Christmas tradition called a fruitcake?  Worse yet, would they be able to remote control you like a Zombie and force you stand under the mistletoe and kiss appalling people?

Does that piece clothing that sticks to you via static clinic considered a rogue piece of clothing?  Possibly.

How about, substituting unauthorized with unaware or un-validated?

Have you validated the techniques you learned by training with a resistant partner?

The tool or tools you carry for self-defense:
Do you practice with it?
Do you practice with drawing that tool from it’s concealed location?
Have you attended appropriate training for your chosen firearms and the potential scenarios?

Do you know anything about your local self-defense laws?
Example:
[ Defense of Personal Property ] § RCW 9A.16.020 The use, attempt, or offer to use force upon or toward the person of another is not unlawful in the following cases: [You can use reasonable force to defend your property, but not deadly force.] . . . (3) Whenever used by a party about to be injured, or by another lawfully aiding him or her, in preventing or attempting to prevent an offense against his or her person, or a malicious trespass, or other malicious interference with real or personal property lawfully in his or her possession, in case the force is not more than is necessary; (4) Whenever reasonably used by a person to detain someone who enters or remains unlawfully in a building or on real property lawfully in the possession of such person, so long as such detention is reasonable in duration and manner to investigate the reason for the detained person’s presence on the premises, and so long as the premises in question did not reasonably appear to be intended to be open to members of the public; . . . “One of the defenses to a charge of assault is that the act was committed in the defense of property of the actor, or of one whom he is under a legal duty to protect. It is the generally accepted rule that a person owning, or lawfully in possession of, property may use such force as is reasonably necessary under the circumstances in order to protect that property, and for the exertion of such force he is not liable either criminally or civilly” State v. Bland, 116 P.3d 428 (2005) fn3. (citing Peasley v. Puget Sound Tug & Barge Co., 125 P.2d 681 (1942)). [ You can even assault someone to prevent damage to or the taking of property. But you cannot use more force than is necessary, and certainly not deadly force. ]

Vilos, Evan; Vilos, Attorney Mitch (2010-06-01). Self-Defense Laws of All 50 States (pp. 415-416). Guns West Publishing, Inc.. Kindle Edition.

Are there thoughts / actions leaving you vulnerable in ways that others can exploit?; aka Situational Awareness
Examples:
When attending an event do you know where the exits are?

Do you maintain an appearance of confidence? Bad guys often prey on the unaware or those who appear vulnerable.

When someone enters your or is on the edge of your personal bubble are you aware of what they are doing?
Are their hands in their pocket?
Are they demonstrating any signs of aggression verbally or physically?

When attending large public events with family, friends or partner, do you:
Have a rallying point in case of separation?
Have an exit plan in case of a violent event?

I think you get the idea or ideas presented; I’m not trying to break new ground here or reinvent the wheel.  I’m just an information security nerd exploring the correlation of Cyber Security and Martial Arts or as Datu Worden says “Connecting  The Systems” virtually and physically.

 

Leave a Reply

Your email address will not be published. Required fields are marked *