Heather. Where have you been?(!?)
Heather Noggle
Technologist | Speaker | Writer | Editor | Strategist | Systems Thinker | Cybersecurity | Controlled Chaos for Better Order | Musician
I stopped writing. Mostly.
For a while nothing was funny, and you don’t want to read me when my brain’s not funny. I don’t either.
In January I have some big decisions to make.? With my background, I’m either a very solid “we have to have her” fit for a full-time job or I’m a resume meh in a pile of more meh.? There’s not much in the middle. So full-time job option is on the right.
Then, over here on the left is Codistac, which I’ve largely neglected while I’ve been working at building Missouri Cybersecurity Center of Excellence - MCCoE.?
So, I took a writing hiatus for a month – did some branding for Codistac and a rewrite of how I envision the company, some work at Missouri Cybersecurity Center of Excellence, and a whole lot of thinking and occasionally in-the-moment posting.
And I want to give you this – the picture above represents 50 years of IT experience.? Brian J. Noggle and Heather Noggle (me!), both looking for work or full-time jobs.
I’d love to talk with you if you have interesting work in any of the Codistac spaces.
We’re good people, and we do good work.
Codistac core offerings below – representing our strongest skills.
Fractional work now will give me the space and opportunity to build the very small business cybersecurity services into something repeatable and beneficial for many. Brian’s the best QA person I know – lots of cackling arises from his office regarding the bugs he finds.
You might hear from me soon asking for some brainpower and introductions.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Full-time roles we’re the clearest fit for
Brian – Senior Automation Engineer, Senior Software Quality Assurance, Senior Software Tester, SDET
Heather – Business analyst, Technical Business Analyst, Data Integration Analyst, Software Engineering Manager, and GRC-related roles.
So. Are you ready for quantum computing?
I’m not sure quantum computing is stable enough to give an accurate answer whether it is ready for quantum computing, but still we strive.
Or free associate.
Here’s some quantum Googliness – I give you Willow. No, it’s not in competition with Zillow. Or MyPillow. Armadillo, phyllo (a stretch). Billow – I can do all this iteration, and we still can’t rhyme orange. Willow is Google’s quantum computing chippy endeavor. https://blog.google/technology/research/google-willow-quantum-chip/
Quantum computing will not solve the inability to rhyme orange problem. Charles Buchler sent me the “all things quantum glossary” last week (dating back to 2018), so I’ll include that to be helpful.
Roger Grimes writes about how it’s sooner than you think that we have to be (macro) concerned, while conversations I’ve been having closer to the small business playing field remind us that we still need to conquer MFA.? Expect me to do more writing on quantum computing, though. Probabiity would state yes.
Also, Qubiticus would like his qubits back.
You know what else rhymes with Willow? Peccadillo.
(Very) Small Business Cybersecurity – Levels 1 and 2
On December 7th I spoke as a keynote speaker for the inaugural Eybrids cybersecurity conference, and I talked – unsurprisingly – about very small business cybersecurity.
I’ve been hinting at levels of cybersecurity and how for those who’re doing very little (or next to nothing), the recommendations and order shift ?– Level 1 is core cyber hygiene from a human behavior perspective and very little technology. I introduced Level 2 – which is a fundamental understanding for the organization that cybersecurity is a journey that’s necessary as a cost of doing business in the 2020s (and, of course, beyond). A realization.
An organization needs to make a commitment to maintain its Level 1 gains, add training, and work toward an appropriate level of cybersecurity maturity.
The CIS Controls come in here, and I recommend attempting to build on that Level 1 by starting Control 14’s safeguards as a concurrent or close-following effort as the CIS foundational Controls of 1, 2.? (Know and document your assets, hardware and software).
So, 1, 2, and 14. These are then quickly followed by 3 and 4. 3 is Data Protection and 4 is Secure Configuration of Enterprise Assets.
That’s a LOT in level 2.? But the sooner an organization tackles it, embraces the need to be secure online, and builds a plan, the more ready that organization is for business in reality.
To conclude – we begin with some human behavior cyber hygiene and then more into a commitment from the organization to work on some maturity.? Step 1 of level 2 is CIS controls 1 and 2 and the start of a cybersecurity awareness and management program of CIS control 14. Step 2 of level 2 is CIS controls 3 and 4.
Yes, I’ve upset the apple cart a bit.? Happy to talk with you about that.? Expect more writing and speaking about this topic.
-=-=-=-=-=-=-=-
And, because this newsletter edition is full of visuals, I will link to some more – these are visual representations of the CIS Controls built from version 8 and highly applicable and HELPFUL for organizations working to make sense of the framework.
Shout-out to Pax8 and Matt Lee, CISSP, CCSP, CFR, PNPT for their work on this effort and putting together the group.
Status of the Corporate Transparency Act
<blink><font color="red" size="1024">ON HOLD</font></blink> (have to simulate it)
If you haven’t filed yet – maybe you were waiting (purposefully) like I was, then be sure to watch to see if filing will become necessary in the future.
Here’s the scoop on why it’s on hold.
“In light of a recent federal court order, reporting companies are not currently required to file beneficial ownership information with FinCEN and are not subject to liability if they fail to do so while the order remains in force. However, reporting companies may continue to voluntarily submit beneficial ownership information reports.”
So…that’s like “please pay your invalidated parking ticket”
Write like AI is Watching
It is watching, and there’s never been a better time to be a writer.? What, you say?
Seriously – differentiate your writing – conversational but with good information.? Talk with your readers.
All the writing advice I’m fit to give is right there – at least now since I took a few newsletter slated times off.
I talked about this more in yesterday’s post.
And, Merry Christmas, from the Noggle Cats
Breaches from across the years. Daily tree breach tours available.
Webinar tomorrow!
Talking with Zach Kromkowski of Senteon (amazing rising company) about internal communication in the workplace on December 17th.? Join us for the webinar.
Join us! 4 EST, 3 CST, 1 PST.? Y’all can figure out MST as 2.
New Articles
Yes, back to writing.
Both of these are at Elnion.
Thank you, thank you!
TY for 3000+ subscribers! Tell your friends – I will do more writing.? Let’s move this bad dog newsletter into 5000 plus in Q1 2025.
Save, Comment, Like, Follow, Subscribe, Hire, Recommend, Share, Engage
Please – I appreciate you! You can contact me via DM or the contact form on Codistac at https://codistac.com/
Verb!
Technologist | Speaker | Writer | Editor | Strategist | Systems Thinker | Cybersecurity | Controlled Chaos for Better Order | Musician
2 个月Btw - I need to credit the amazing photographer on this - Billie Wiegand, will you please step forward?
AI & Cybersecurity Advisor | Former Attorney | Award-Winning Author | Speaker | Founder of The Cyber Dawn? | “When it comes to AI and cybersecurity, prevention beats reaction every time.”
2 个月Congratulations Heather Noggle! Once again, you show us you are multi-talented, curious, purposeful, and an important contributor to the #cybersecurity #community. I encourage you to keep fighting the good fight through your writing, teaching, and speaking. I look forward to seeing your accomplishments in 2025!
Cybersecurity Strategy & Transformation | Manage Complex, High-Profile Risks | Build Scalable, Resilient Teams | Foster Culture of Risk Prevention & Protection | Collaborative & Transparent Leader | US Navy Veteran ??
2 个月I can so relate to this: “With my background, I’m either a very solid “we have to have her” fit for a full-time job or I’m a resume meh in a pile of more meh.” Glad to see you “back”!
Seeking Part-Time USA-Remote role that I can retire from after 30 years of service:┃Identity & Access Management┃IT Leader┃[15+ Years of Experience: Helpdesk ? Desktop Support ? Networks ? Healthcare IT ? Cybersecurity]
2 个月I just assumed the algorithm was hiding your posts from me, in favor of promoting content from my 2nd and 3rd connections, but I feel you very strongly on NOT wanting to write here on LI. ????
Cybersecurity & IT Consulting - gigabunny.com
2 个月Don't just add the experience yrs like 20+30=50, you got to multiply it 20x30=600 and call it something new like "Amplified Annual Experience Index" ;-)