Mastering Systematic Problem Solving for Complex Security Challenges

Preface

The motivation for this article comes from a new Job model released by the company and a performance‑related question: how to solve problems systematically. The author shares the latest knowledge and practice, summarizing several core viewpoints.

Complexity is relative; not every complex problem requires systematic thinking.

Systemic thinking = comprehensive thinking + deep thinking + dynamic thinking; its typical expression is a big picture plus key elements.

Systemic problem solving means mastering all possible links in a chain, reducing the number of “face‑palm” incidents until no one can defeat you in that domain.

Real‑world cases should be compared repeatedly to see how thinking and practice evolve.

What Is a Complex Problem?

Simple vs. complex problems are relative to the reference point. For a child, 1+1 may be complex; for a primary‑school student, it is simple. The degree of certainty determines complexity: fully certain problems are simple, fully uncertain ones are complex.

Why Do Complex Problems Need Systemic Thinking?

Only deep‑level complex problems require systematic solutions. Higher‑level engineers (P6, P7, P8) tend to produce better results because they think more comprehensively and deeply, reflecting the company’s job model that demands systematic and forward‑looking thinking.

What Is a System?

System: a set of interrelated parts that together form an entity with specific functions.

Key keywords: multiple parts, mutual interaction and dependence, a functional whole.

What Is Systemic Thinking?

Systemic thinking means fully understanding a system—its components, relationships, overall structure, and evolution—to improve decision‑making. It consists of:

Comprehensive thinking : ensure no component is omitted and view the problem holistically.

Deep thinking : solve problems thoroughly and efficiently, getting to the essence beyond surface symptoms.

Dynamic thinking : adapt to changing external environments (e.g., new security laws, geopolitical events) and keep focus over time.

How to Achieve Systemic Thinking?

Experience builds neural pathways that link A to B, C, D, etc. To master all possibilities, one can “exchange time for space”: conduct extensive blind‑folded learning, association, and practice, then cross‑validate with peers across teams and domains to approach the knowledge boundary.

Case Study: Systemic Solution for Data Leakage

Problem definition : External attacker causes data leakage; goal is a systematic solution.

Thinking process

Comprehensive : Identify attacker types, leaked data, storage locations, leakage channels, and sub‑problems.

Deep : Prioritize, assess inter‑dependencies, and design thorough technical countermeasures.

Dynamic : Adjust focus as regulations (Cybersecurity Law, Data Security Law, etc.) and threat landscape evolve.

Thinking result : A high‑level diagram (big picture) with key elements and items was created.

The diagram shows entities such as data storage (OSS, SFTP, ODPS, etc.) and internet boundaries (web, app, email, VPN, etc.).

Implementation items (selected)

Transparent inbound traffic tagging

Inbound phishing detection

OSS anomaly detection

Attacker knowledge graph

Attacker intent identification & situational monitoring

Office‑endpoint data theft detection

Production‑host data theft detection

Service‑side anomaly detection (SFTP/OSS/ODPS)

Database anomaly detection

Data‑leakage vulnerability monitoring

Data honey‑pot

Personal‑information firewall integration

Risk discovery & remediation suggestions

Practice Results

The systematic approach significantly improved detection rates for known attack techniques and increased the proportion of whitelist strategies that can counter unknown attacks. Over the past three years, the team distilled a whitelist‑generation methodology applied across security scenarios, filing more than ten patents.

Outlook and Expectations

Current manual whitelist creation is slow and costly. The author plans to build a trustworthy strategy‑generation center powered by expert knowledge and large language models, aiming for rapid, reusable, and scalable security policies.