Modularity and reuse are top of mind when we design cybersecurity capabilities. Our design should break down into a number of building blocks. These can be technical, like network segmentation. Building blocks can be architectural, like a DMZ or demilitarized zone networks. At the top-level, we can have solution building blocks which are product-specific, such as VMware NSX micro-segmentation for untrusted networks. From technical to architectural to solution, we move up in specificity. This is great for reuse. But it does pose a problem, for a building block that’s perfectly right in one area can be perfectly wrong in another.
Think about it like a font. In fact, think about it like the world’s most controversial font: Comic Sans. Vincent Connare is a noted type designer who worked with Microsoft in the 1990s. In 1994, Connare drew inspiration from Marvel and DC comics to develop the new Sans font. The original use case was cartoon characters in an ill-fated Microsoft GUI. But the font outlived its original purpose. Why? Because it is kid-friendly, warm, and in direct contrast with most every other font on Windows and Mac. People love the font almost as much as people hate it.
Comic Sans is perfect for a playful comic. It’s perfectly wrong for warning signs about electrocution. Sure, use Comic Sans on an ice cream truck. Don’t use it on an ambulance. Buzzfeed has an entire listicle of several Comic Sans fails. The point is, the font isn’t wrong. The usage is.
Use building blocks thoughtfully. Everything is right somewhere. Nothing is right everywhere.
This article is part of a series on designing cyber security capabilities. To see other articles in the series, including a full list of design principles, click here.