What Are You Training For?

Here is an interesting question to start off your morning, "What Are You Training For?"

As most of you may know by now, I just posted (July 8th, 2021 depending on when you are reading this) that I accepted an amazing position with Arete Incident Response as an Incident Response Lead. Which I'm really excited about!

The interesting thing was as I was writing my daily journal yesterday which starts by asking me "I am grateful for...". I was sitting there and I started to recap all the education, jobs I have had, certifications, life lessons...etc To give you an idea of the different careers I worked check out the list below. Now bear with me, this is going somewhere I just need to give you a little bit of the origin story.

1) Restaurant/Fast Food - working at McDonald's when I was a teenager.

2) Warehouse/Supply chain - working as an Assistant Warehouse Manager at 19 years old.

3) Physical Security - Working in Physical Security for private security companies and then the SkyDome.

4) IT - working at the Ontario Government for many years.

5) Holistic Industry - working as a Personal Trainer, Nutrition Coach. Holistic Lifestyle Coach...etc.

6) Marketing - Ran my own marketing company for several years.

7) Cybersecurity - Sales Executive and now Incident Response Lead!

Just a few courses I have taken:

1) Personal Development there are just so many to mention - Tony Robbins, Eban Pagan, Paul Chek, Byron Katie, John Maxwell, Chris Voss... the list goes on and on.

2) Physical Security - Martial Arts, Tactical training from each security company I worked for.

3) College - triOS college for IT

4) Holistic's - Paul Check HLC 1 & 2, as well as other courses he offered, CanFit Pro, Don and Tyler Tolman, Tony Robbins...etc

5) Marketing - Mike Dillard, Eban Pagan, Gary Vaynerchuck, Big Al, and way too many to list...etc

6) Cybersecurity - Vendor/Partner training, training from each employer, and a lot of self-studying ie CompTIA Security+, CISSP, vCISO ...etc

As I went through my recapped and wrote all of these out. I asked myself "Did I realize what I was training for from the start?" Hell no, not even close!

I had no idea I would be working towards the Cybersecurity industry when I was working in a lot of these previous careers and courses I took. The amazing thing is that all of these have helped me to prepare for my new venture. The ones that stand out the most for me today are Physical Security and Holistic Lifestyle Coaching. These two jobs really helped me prepare for the Cybersecurity industry, more than I ever realized.

The Physical Security experience helped me to really see in real-time how criminals think, their methodology, and their process of committing crimes. To either see it in action right in front of me and have to react. To arrive on-site afterward's and have to write up an incident report. Learning how to properly deal with an active incident, interview witnesses, properly incident note-taking, how to chronologically find out exactly what had happened. Then write up a detailed report to submit to my supervisor, the police if need be, present it in court, and provide it to anyone else who was involved in the incident that would be required to receive a copy of the report.

The Holistic Lifestyle Coaching took these skills I had learned to an entirely different level. Now I was working directly with people one on one on a very personal level. Going through a similar process of working through a situation they have, helping them with it in a very personal and empathic way. Interviewing my clients in a compassionate way to find out all factors that would be involved to truly understand their situation. Then document everything, compassionately asking questions to uncover potential obstacles that might be holding them back. Reviewing my notes, do extensive research, come up with a plan of action, and then present it to them. Then discuss what they thought and felt about the program, modifications they would like to make, as well as negotiate areas they need to do but might not like to. All while understanding I am working with a person that this situation is very personal and I need to be compassionate, empathic and support them through the entire process. I had to deal with my own ego, beliefs...etc, and not project them onto them. To truly be present and supportive of what they need.

Very interesting out each position was dealing with people, just in very different ways.

Are you thinking, Brandon how does this relate to Cybersecurity and your new role as an Incident Response Lead?

Great question <enter your name here>!

From my understand and what I have been reading about being an Incident Response Lead. I will be working with people on the worst day in their working career. They potentially will be understandably extremely emotional, they could even be in shock depending on the severity of the incident. All very reasonable feelings for them to be having. They will need me to engage quickly, work with a process that will help them prepare, detect/analyze the situation, then the team will work on containment/eradication as well as recovery. Then we will do a Post-incident activity debriefing with what was found, as well as steps to remediate.

My job will be to use my skills from both of those careers mentioned above to help the people I work with through their situation and support them through the entire process. No matter what they need, if it's someone to vent to, download on, or be their go-to person. I am there to get them through it from start to finish.

Then comes the administrative/managing the incident. Both careers helped me understand the importance of properly managing an incident/situation/client case from start to finish. Taking into consideration the there are many factors to the situation that needs to be considered, no matter what the situation is I am still helping a person first who has their own thoughts, feelings, and emotions about what is going on. Next is the administrative importance to properly document everything this is essential for so many different reasons. Then having technical knowledge of the situation and/or having a team of experts you can work with to help resolve the situation. Then is the plan of action and how to support the person you are working with through the entire process. Then at the end provide a report, consultation...etc.

This is only the beginning and I am already excited to take these skills I was reminded of to the next level working as an Incident Response Lead for Arete Incident Response.

When was the last time you did a recap of what you have learned and ask yourself "What Are You Training for?

Thank you for reading my posts, I would love to hear what your think, comment below.