The Biggest Cybersecurity Crises of 2019 So Far

tedjamestedjames Scruffy-looking nerfherdrPosts: 982Member ■■■■■■□□□□

Comments

  • UnixGuyUnixGuy SABSA, GCFA, GPEN, CISM, RHCE, Security+, Server+, CCNA Posts: 3,958Mod Mod
    Interesting article thanks for sharing.

    I thought of sharing it on my LinkedIn and internally at work but then I changed my mind. On one hand, it shows how important cybersecurity is, but on the other hand, I feel like people are getting used to seeing compromises. It's becoming normal I guess.

    Also, since I moved to consulting, one of the lessons I learned (by myself..) is that telling people about the risks of something might not always be the best approach..I try to frame it positively...


    What do you think? curious to hear your thoughts on this.

    I guess I want to know how you guys and girls share those breach stories and how can we make use of them?


    Goal: MBA, March 2021
  • UnixGuyUnixGuy SABSA, GCFA, GPEN, CISM, RHCE, Security+, Server+, CCNA Posts: 3,958Mod Mod
  • cyberguyprcyberguypr Senior Member Posts: 6,751Mod Mod
    edited July 8
    Agree with @UnixGuy on resetting the baseline. My first thought when I saw the threads title was "business as usual". We are not seeing anything new. It's the exact same stuff over and over. 
  • tedjamestedjames Scruffy-looking nerfherdr Posts: 982Member ■■■■■■□□□□
    In my agency, if we find something that may benefit our general staff, we turn it into a lesson that can be disseminated as a note of caution. Tell them what happened, tell them how it could affect them (Make it hit home by showing them how it could cost them money, reputation, etc.), and then show them how they can try to avoid it. We call it Cyber Threat Intelligence. It's part of our security awareness program. A little education goes a long way.
  • ansionnachclisteansionnachcliste Posts: 70Member ■■■□□□□□□□
    UnixGuy said:
    I'm very nosy and interested in finding out who is managing the security within organizations that fall victim to a breach :D, especially after the Equifax breach and the whole "Music Major" story. :D
    It helps me choose my career path and with such decisions.

    Incident began: June 2018
    First disclosed: September 2018
    Security and Compliance Manager leaves position: December 2018 after being there for nearly 12 years

    I see a lot of experienced and older generation security leads not being able to take the heat or perhaps resigning at a convenient time.
    I often wonder how I would react in such a situation.

    Perhaps this isn't a resignation but a mutual agreement between both parties?
  • cyberguyprcyberguypr Senior Member Posts: 6,751Mod Mod
    22k user enterprise here. For us the most effective way is showing the actual repercussions. The positive vibe absolutely does not work here. It's only when people see how bad it can go that they have the "dang, I better don't be that guy" moment.
  • NetworkNewbNetworkNewb They are watching you Posts: 3,234Member ■■■■■■■■■□
    edited July 8
    Just secretly plant a virus or malware on a random user's machine once or twice a year. Tell the user they clicked on something they obviously shouldn't have... And then fire that person. Let everyone know about this and make sure to make it clear this is what happens for those that aren't careful! :wink:  

    (doesn't have to be a real virus/malware of course...)
    GCIH | CCNA:Sec | Net+/Sec+/A+ | CCSK
    Goals in progress: MSc in Computer Science (specializing in Cyber Ops) , CISSP
  • tedjamestedjames Scruffy-looking nerfherdr Posts: 982Member ■■■■■■□□□□
    edited July 9
    ansionnachcliste said:
    I see a lot of experienced and older generation security leads not being able to take the heat or perhaps resigning at a convenient time.
    I often wonder how I would react in such a situation.

    Perhaps this isn't a resignation but a mutual agreement between both parties?
    I've known people that were asked to resign. Essentially, you're fired without having to use the F word. I've known others that were given a month to find another job...or else.
  • LonerVampLonerVamp OSCP, GCFA, GWAPT, CISSP, OSWP, CCNA Cyber Ops, Sec+ Posts: 314Member ■■■■□□□□□□
    UnixGuy said:
    I'm very nosy and interested in finding out who is managing the security within organizations that fall victim to a breach :D, especially after the Equifax breach and the whole "Music Major" story. :D
    It helps me choose my career path and with such decisions.

    Incident began: June 2018
    First disclosed: September 2018
    Security and Compliance Manager leaves position: December 2018 after being there for nearly 12 years

    I see a lot of experienced and older generation security leads not being able to take the heat or perhaps resigning at a convenient time.
    I often wonder how I would react in such a situation.

    Perhaps this isn't a resignation but a mutual agreement between both parties?
    Just curious what "older generation" has to do with this? I mean, if you are any age and manage the security of an enterprise that gets so thoroughly owned that "jail time" is regularly brought up for your executives...yeah, it's not about being able to "take the heat," it's "you failed at your job, get the hell out."

    *Anyone* can fall victim to a major breach. It's simple economics, regardless your perceived skill or experience. Hopefully, good managers will manage and reduce risk and impact enough to stay successful.

    I'll also not deride anyone for their past career choices if they've made a change into cyber security. And at management levels, things do change somewhat (and yet don't, but that's a different discussion) and it's often about how business-wise you are rather than how well you can write firewall rules or tune EDR or test controls or read splunk logs...  I'm also curious how this helps you make decisions with your career path?

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, CCNA Cyber Ops, Sec+
    2019 goals: GWAPT, Linux+, SLAE (possible: SEC573, CCSP, Splunk F&PU)
  • jeremy_dfirjeremy_dfir CISSP, eCDFP, eCTHP GreecePosts: 16Member ■■■□□□□□□□
    edited July 9
    I would start stressing the need for technical/hands-on CISO, but you will all get bored by the lecture :smiley:

    That being said, i would start by extending visibility as much as possible (perimeter and endpoint).

    And as @cyberguypr said. Same stuff over and over again.....
  • UnixGuyUnixGuy SABSA, GCFA, GPEN, CISM, RHCE, Security+, Server+, CCNA Posts: 3,958Mod Mod
    I would start stressing the need for technical/hands-on CISO, but you will all get bored by the lecture :smiley:

    That being said, i would start by extending visibility as much as possible (perimeter and endpoint).

    And as @cyberguypr said. Same stuff over and over again.....
    you have a valid point. While a CISO is a business role, I believe CIO/CTO/CISO need a minimum level of technical knowledge (I'd say 10+ yrs of technical, 10+ business...or something close to that..)
    Goal: MBA, March 2021
Sign In or Register to comment.