In almost all professions, report writing is a requirement. Typically,
reports document the success and failures of a particular action. While it
may not be your favorite part of the job, report writing does validate your
work to the customer. In our profession, Cyber Security, we have the unique
challenge of communicating highly technical information in a non-technical
format, so that the impact of our efforts can be understood.
Early in my career I hated writing reports. Back then, I had a hard time
understanding why reports were so important. Little did I know that the
countless hours I spent converting technical details into a "human readable"
format would payoff in the future.
In the world of Cyber Security, writing is part of the job, so embrace it.
Consider that good report writing can pay dividends in terms of real value
for your customer. ... (more)
When I was working on a network assessment team for one of my customers, I
would routinely hear upset voices when we would present our findings. The
most common thing that the executives would say was, “Wait a minute,
aren’t we current on our updates? I saw the compliance report, and we were
all green right?”
“All green right?”
What that Information Security Officer was referring to was a slide that was
presented to him showing the level of compliance that the hosts on his
network were currently reporting. To him, this meant secure. It meant that
all of his systems were patche... (more)
As a Security Analyst, I witness very sophisticated Advanced Persistent
Threat (APT) attacks as well as low level cyber criminals attempting to steal
bank information, credit card data and website login credentials. One
commonality that the cyber criminals and the APT share is the method for
gaining access to information, which typically occurs through an end users
email. When it comes to the criminal element of cyber attacks, I am often
amazed at the lack of sophistication and effort that is asserted against
their victims. It leads me to ask the question, "How on earth are these... (more)
Malware analysis can be a time consuming process, especially when dealing
with a sample from skilled attackers with time and money on their side .
There is no doubt that fully reversing malware and finding out how it works
is the most effective way to learn how to defend against it, but most
businesses don't have the time or the professional resources to do it.
There are ways in which you, a Computer Network Defender, can glean enough
information from malware to be used in IDS and AV signature creation, DNS
poisoning and blocking as well as sharing with the CND community. This can... (more)
Ok, ok, I know the title is a tad dramatic but hear me out on this one.
A well-known computer security professional and former NSA research scientist
wrote an editorial back in July 2012 stating, "Money spent on security
awareness training, is money wasted." Dave Aitel , a respected individual in
the world of Computer Security and current CTO of Immunity, made this
statement in light of the fact that several high profile intrusions had
occurred at the hands of employees who were targeted in spearphishing
attacks, some of which lacking in sophistication. I disagree with the above ... (more)