Mac OSX for the CSO

I am often asked how I can effectively perform my duties as Chief Information Security Officer using a Mac. 

Probably even more frequently I am asked how I can do all that a CISO should with a staff as small as mine. Wondering how many staff I have? Consider this, my entire staff is writing this. That’s right I have a staff of 1. Well really less than that on Fridays, every morning before 10AM, Mondays, the days immediately preceding holidays, Wednesday afternoons, everyday from 3:58PM to 5PM, …you get the idea. 

The point is that I am drastically short staffed and I need to be as efficient as I can with my time. I can’t lug around a Linux laptop and a Windows laptop everywhere I go. Likewise, I can’t stop using any of the Linux tools or stop using Word or Excel. Oh sure I could flip to Linux and use OpenOffice, but lets be frank. About the only good thing about OpenOffice is its price. The other side of that argument is that I could use only Windows. Honestly, who wants to do that? Unless you have a bottomless budget and are willing to accept substandard security tools, you would have to be a few DLLs short of a full load to use Windows in the security profession. 

I suppose the common perception is that the Mac is akin to a child’s toy and serves no useful purpose in the workplace. The reality is that most of the tools that I need to use daily have been ported to OS X. 

Tools like Nessus, Snort and Nagios all run on the Mac without problem. This gleaming silver lap warmer that I am typing on now is the best of all worlds. Suddenly with my Mac, my staff of 1 magically grows. I am able to efficiently spend my time not on a cadre of keyboards, but on one silver-keyed and backlit keyboard of the Gods. I sometimes daydream that Steve Jobs is my assistant, but that’s usually on Fridays, every morning before 10AM, Mondays…