The Infosec Archives 01.28.2022 - V9
?? Brendon Rod ??
IAM Resilience Evangelist ?? | Startup Afficionado ?? | Go-to-market Architect ??
Hey friends,
Welcome back to the Infosec Archives volume 9.
Thank you again for your contributions to the community, I really enjoyed learning from all of you and am excited to pay it forward to those who may have missed them.
?And now... Let's dive in. ??
--------------------------------
Did you know what happened on this day?
Explosion of the space shuttle Challenger
On this day in 1986, the U.S. space shuttle Challenger exploded 73 seconds after liftoff from Florida, killing all seven aboard, including a schoolteacher who had been chosen as the first American civilian to travel in space.
?????????
News:??
Conti ransomware hits Apple, Tesla supplier, encrypts 1.5k servers and 12k workstations, asks for $15 million.
The Conti ransomware gang has been linked to an attack on Delta Electronics, a Taiwanese electronics manufacturing company and a major supplier of power components to companies like Apple and Tesla.
The attack took place last Friday, on January 21, according to a?statement?shared by the company with stock market authorities.
________________
News:??
The UK NCSC plans to release Nmap scripts that you can use to scan your networks for severe vulnerabilities
UK government plans to release Nmap scripts for finding vulnerabilities
The UK government’s cyber-security agency plans to release Nmap scripts in order to help system administrators in scanning their networks for unpatched or vulnerable devices.
The new project, titled Scanning Made Easy (SME), will be managed by the UK National Cyber Security Centre (NCSC) and is a joint effort with Industry 100 (i100), a collaboration between the NCSC and the UK private sector.
????https://therecord.media/uk-government-plans-to-release-nmap-scripts-for-finding-vulnerabilities/
?
?????????
?Jobs ??????
Paging all my SecOps friends, we have a SOC Analyst position open here at Sailpoint! This is a great opportunity for someone who has a little bit of experience to join an amazing team with an even more amazing culture. From no meeting tuesdays, to friday vibes I can say that being a part of this team is absolutely wonderful.
Please feel free to take a look, and send me a DM if you're interested.
________________
Jobs ??????
I’m?#hiring?on behalf of a Cyber Security Consultancy in the Netherlands, this job is Sponsoring for Visas. Know anyone who might be interested?
________________
Jobs ??????
I am looking to help my friend,?Hollis Henderson?get into the cyber security roles he's been looking for.
We talk a lot about cyber security not being entry level and candidates not having the IT experience necessary to break in.
Hollis has that experience, five years of varying experience from help desk, to IT/OT virtual infrastructure management to his current contract role support Naval infrastructure and is currently broadening his skillset in cloud environments.
On top of the above, Hollis is a life-long learner, team player and has taken time out of his day many times to help myself and others learn networking concepts.
He has an active secret security clearance and is willing to relocate within two weeks of a job offer.
Current Certifications - AZ900, BTL1, CCNA and Sec+
Hollis is looking to get into a SOC, security analyst or security engineer type position.
Please help me help?Hollis! Tag someone, even just a like or a comment helps visibility.
________________
Jobs ??????
Our client is looking for a Senior Security Engineer to join their team. This role can be 100% Remote for U.S.-based candidates. The link to this job is found in the comment section.?
________________
Jobs ??????
Another personal recommendation for people that are hiring for cyber… I’ve done a CTF with Matt and he’s well rounded, skilled, tenacious, and fun to hang out with. I also would be very afraid of him if I were a cyber criminal. He knocked out insane forensic challenges yet remains modest about his abilities. He will be an asset to any organization smart enough to pick him up.
Matthew is a Security and Osint professional who's experience includes placing 2nd in the world with his team and receiving an MVP mention for his Maltego Graph at the Anti-Human Trafficking Intelligence Initiative's Darkwebathon.
________________
Jobs ??????
Hey everyone,
I'm happy to share that I'm looking for a security architect that will work under me and will lead the application and product security in anecdotes.
I can assure you it's a super interesting position with A LOT of interesting stuff to do. If you want to hear more, please reach out, and we can discuss it on coffee/virtual coffee.
?????????
Careers/Advice: ??
Don't keep blindly applying for jobs;
I hear it all the time "I have applied for so many roles but not hearing back or getting interviews"
Do something different then; obviously, that method is not working the way you want.
Change the narrative, think outside of the box.
1. Use your Linkedin more - I see it repeatedly; people who say the above typically have incomplete profiles and rarely use it. Use it more, comment on relevant posts, post content that demonstrates you and engage with the community. For example, hiring managers and recruiters reside here, reach out and connect with them, ask them for help.
2. Join communities - Again, people in these positions are typically rarely involved with the industry, join groups, communities and go to conferences to connect with people.
3. Step out of your comfort zone - Change what you are currently doing, try something new, write an article, start a group, produce a video introducing yourself, think about how you can get yourself seen and get your passion noticed.
Become more than a piece of paper in a pile or a PDF file in an ATS, your choice.
Get noticed, get hired. Make excuses or take action.
________________
Careers/Advice: ??
Why should you be the quietest person in the room in the Cyber Security Field?
We've all been in meetings with "that guy" who seems to be the smartest and most vocal person in the room. He's been in the field for years, made his mark, and has a ton of experience. It's his way or no way.
Morale is down within the IT team. The system administrators try to speak up about an application that the security team is making them turn off, but they are not heard.
Morale is down in the web development team. They voice a concern about code that the security team is making them change, but security doesn't want to hear it.
The end users are frustrated because of a new procedure that security is pushing on them which makes their job harder, but their concerns seem void.
In this field, we must learn to listen to each and every concern. I'll repeat it again. In this field we must "listen" to each and every concern.
Over the years I've learned to not be the loudest person in the room. I sit back and listen. Then I listen more. I try to process the information that is coming at me.
I then speak up, but instead of directing, I'm asking questions. I'm asking questions so that I can understand all of the frustrations and push back.
After asking questions, I listen more to their answers and possible alternate solutions.
Finally, I speak up and make sure that they know that I'm not only listening, but hearing them.
I care about their concerns. I care about morale. I care about doing things efficiently as a "team", not on my own.
Be the quietest person in the room.
Things will happen when people are heard and feel of value.
?????????
Infosec Wisdom: ??
The great resignation in cybersecurity could also be be called the great onboarding. Poaching and recruiting is in full force and if you are a cyber leader, you are likely onboarding new talent this year.
My experience is that the first week onboard sets the tone for that persons tenure. Creating a space that so the new recruit feels comfortable, empowered, optimistic and generally happy about their decision to choose your organization, starts on day 1. HR has a role but the culture on your team starts with you as the leader. Don’t take this opportunity lightly. You only have one chance to make a first impression.
领英推荐
No matter the size of your organization on week 1 the following should be prioritized.
1. At least one skip level 1x1 meeting and intro (ideally the CISO)
2. Overview of the company mission, values, or structure and how they make money (this is highly undervalued)
3. Overview of the security vision, mission, & core values (if you don’t have this defined, consider doing so)
4. Walk through of the security strategy and roadmap and identification of how this individual will contribute (shows them they are valued before they’ve done anything)
5. Initiate formation of a development plan and lay out potential career paths
There are more things of course like training, meeting people and getting access to apps but I find these 5 to be the most impactful when setting the tone for their new career.
What other “must haves” would you add to this list for week one? What would you drop from my list?
________________
Infosec Wisdom: ??
Having a cyber attack is expensive. Unfortunately, managers are unaware of how expensive it is. Managers, for example, only consider the ransom demand, but neglect to include the financial cost of a court ruling and a claim by the stakeholder. However, this is a problem we?can?discuss later. There are many more immediate,?very high costs.?Do you know how much money you would have to spend if you experienced a cyber attack the first time?
The calculations presented here are quite general and based on the bare minimum. In the end, no matter what size or area of business you're in, the steps you must take are universal. After a few days, it is possible to estimate whether the event will cost a million dollars or 20 million.
The importance of this understanding lies in the fact that it directly impacts the business.?It is impossible to grow a business with such a large outlay, even if the company has deep pockets. A result of this is that no developers are hired, no marketing is invested, and no growth is achieved. In addition, businesses that remain static do not face market forces as they expand. It's unfortunate and unnecessary, but it's a death sentence for the company and could be avoided by taking measures.
How much money will you?spend in the first week of the cyber attack? Here's how I explain it:
________________
Infosec Wisdom: ??
Influencing Management on Cybersecurity is HARD.
You can make things WORSE by...
Not being clear of the consequences.
Saying an issue is HIGH risk does not provide clarity.
Guess what?
The CEO is dealing with "high risk" all of the time.
1) New product line might not sell
2) Key employees might leave
3) Partners could pull out of a deal
Telling management that the risk is high does not provide proper context.
As the cybersecurity community, we can do better by being clear what consequences might occur.
To illustrate how we are behind the finance department in communication, the acting troop of Rob & Rob put on a little skit entitled...
"If Cybersecurity people worked in Finance"
Let us know what you think in the comments below.
?????????
Mentorship/Education: ????
Special Edition - Breaking into Cybersecurity with Jeff Bollinger - Incident Response 1/28/22 1 PM ET
About Breaking Into Cybersecurity: This series was created by Renee Small & Christophe Foulon to share stories of how the most recent cybersecurity professionals are breaking into the industry. Our special editions are us talking to experts in their fields and cyber gurus who share their experiences of helping others break-in.
Check out our new book, Develop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level: https://www.amazon.com/dp/1955976007?
________________
Mentorship/Education: ????
Here's a screenshot of my quick meeting with?Ashwin Krishnan. He has welcomed me to join his?#StandOutIn90Sec?project where he gets to know new cyber security entrants in just 90 seconds to add a little humanity and become more than a resume. It was short, sweet and very meaningful to meet a friendly face in the cyber community. Video coming soon!
?????????
Infosec Think Tank: ??
I’m sorry - I’m just so tired of seeing Security Analyst roles (essentially entry-level roles) require two - three years of professional experience or a degree.
If I’m tired, I dunno what all you Security Newbies are feeling.
But I’m going to say it - if you’re looking for someone with two or three years of professional experience, that is an Engineer role. It’s not an Analyst job.
An Analyst job is a take a chance on someone who has rockstar potential, but needs a little training and help role.
Remember that not everyone has the means to get a degree or an internship.
Look for the gems. Train them on the job. Give them a chance. Let’s do better.
· 11,131 likes ????
· 577 comments ????
________________
Infosec Think Tank: ??
“WOMEN ARE NOT INTERESTED IN TECH” - I have thought long and hard about this blanket statement that I have been reading on LinkedIn for some time now. Not because I wasn’t sure whether I agree with it or not but because what does this blanket statement really mean? Are you only interested in tech if you are interested and skilled in coding/scripting/hacking? What justifies that someone is “interested” in tech?
________________
Infosec Think Tank: ??
As much as I've enjoyed posting old sexist tech adverts this past week, it can't last forever. Except it could, that many exist.
So for all of you that enjoyed them this week, here's a collection. Along with a few thoughts on why it's important that we look at them.
?????????
Cybersecurity Heroes Podcast: ???
14:02 - Skill shortage is holding companies back
Many companies are now using EDR to block, but there is a shortage of staff to fully respond to events.
“I'm seeing more organizations starting to look and embrace the defense response of EDR, that can actually make things respond quicker. So I think there are people, that there are organizations that are following the landscape and are properly addressed, but a lot aren't because they're still stuck in this mindset of needing to do things the old way. Even in our industry, the old way is five years ago. But we are seeing more people that are actively blocking, but they're still running into this problem of staff. I think that seems to be the biggest issue is there's this huge skill shortage. That even if a company wants to be progressive and wants to be leading edge on their security, they need the right people in place to be able to run it. And unfortunately this is not available out there right now.”
Bruce Snell, security strategy and transformation at NTT, explains that this shift means that the scale of cyberattacks has exponentially grown in recent years. Ten crime organizations now fuel hundreds of thousands of attacks.
In this episode, Bruce discusses how doing the bare minimum to protect your business is no longer enough and outlines the steps you need to take to boost your defenses.
Catch the full episode on #cybersecurityheroes podcast below ????
How To Adapt To The Current Threat Landscape
Cyber Security Heroes is brought to you by IRONSCALES.
An email security platform powered by AI, enhanced by thousands of customer security teams and built around detecting and removing threats in the inbox.
?
p.s
If you enjoy the show, we would love a rating or a review so more people like you can find it!
?-----------------
?????????
Meme of The Week ??
When The IT and Infosec/Cyber Team Are in Sync
--------------------
That's a wrap for this week's Infosec Archives, see you again next week. ??
Brendon
p.s
If you prefer to get this via email on Substack, you can subscribe here ????>>https://infosecarchives.substack.com/
vCISO | Senior Cyber Security Consultant | Over 25+ Experience in Tech and Cyber Security | Teaching People how to Grow their Personal Brand to Unlock Opportunities that are Falling through the Cracks
3 年??Brendon Rod?? thanks so much for including me!!!! I appreciate your interactions!
IAM Resilience Evangelist ?? | Startup Afficionado ?? | Go-to-market Architect ??
3 年If you prefer this via email or substack, you can subscribe here >> https://infosecarchives.substack.com/
Transforming cyber crisis management into organizational strength | Advocate for CISOs | Speaker | Powerlifting??? | ??| ??
3 年Thank you. AGAIN ??. Looking forward to learning something new.
I'm The Human Catalyst - creating spaces to Ignite Introspection, Transform Bonding & Amplify Connections. Inside Organizations. And Outside. Revealing The Real You. On StandOutIn90Sec!
3 年Thanks ??Brendon for being the awesome human being and #cybersecurity leader that you are! And thanks for the mention
Incident Response | Security Operations | Threat Hunting | Information Security
3 年Solid read and thanks for highlighting my post!