Expecting better (from a CISSP)

EANxEANx Member Posts: 1,078 ■■■■■■■■□□
I manage IT operations for a pretty large organization. As it should be, the guy who does oversight on IT security doesn't report to me but we do a lot of collaboration. The guy is also a CISSP.

So he comes up waving a printed email stating that his admin account was going to be disabled and wanted to know what the problem was. I looked at the email and saw the following just in the printout:
  • Address was from "admin.com", not our organization.
  • There was a link to a ".gr" domain (there was no html tagging to obfuscate the link destination in the print out). My organization has a presence in Greece but no IT/web infrastructure.
The guy was going on about "this is what I got when I scanned a document on your digital sender. I think that thing has been compromised."

Asking him when he scanned the document that generated the email he stated "just a few minutes ago". Looking at the printed document, the email he printed was received the week before.

The guy was seriously worked up, he wasn't trying to punk me. It turns out that he had gone into his junk mail to see if he had missed something. He then walked away, came back and forgotten he was there as opposed to his inbox.

My response was that I expected better from someone with a CISSP. Don't be this guy. If you're going to be the security person, be thoroughly engaged in being the IT security person.

Comments

  • Nevshi22Nevshi22 Member Posts: 5 ■□□□□□□□□□
    Always annoying when someone who's supposed to be an expert doesn't know anything. I've worked support for many years and I can't tell you how many times people who were supposed to be skilled in some area came to me with a problem they are supposed to be able to fix. I remember a head programmer who was recently hired came to me because his code wouldn't compile and was blaming the compiler. Not my area of expertise, but the thing could compile all the examples the software provided. About three months later that guy was gone.

    Agree with you completely: If you are a CISSP and are in security role, understand your job and educate yourself constantly.
  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    Lol, yea that is pretty bad... Hopefully he was just having an off day
  • PhalanxPhalanx I have many leatherbound books... United KingdomMember Posts: 331 ■■■□□□□□□□
    Personally in that situation I would expect better from anyone who has been in IT for 6 months or more, never mind CISSP! :)
    Client & Security: Microsoft 365 Modern Desktop Administrator Associate | MCSE: Mobility
    Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
    Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
    Currently Studying: Microsoft 365 Enterprise Administrator Expert
  • SteveLavoieSteveLavoie Member Posts: 859 ■■■■■■■■□□
    Just because I am over my head into my CISSP study... I can tell you there is no material covering phishing except the definition of what is phishing/spearfishing LOL!

    Intelligence and common sense is not granted by certification :)
  • scaredoftestsscaredoftests Security +, ITIL Foundation, MPT, EPO, ACAS, HTL behind youMod Posts: 2,762 Mod
    Perhaps this was before he had his coffee. Wow.
    Never let your fear decide your fate....
  • beadsbeads Senior Member Member Posts: 1,511 ■■■■■■■■■□
    Isn't this merely the norm for many these days? I can safely assure you that I have either meet this person or someone just like this many, many times. Certifications not withstanding.

    Grain of salt.

    -b/eads
  • NuclearBeavisNuclearBeavis Member Posts: 79 ■■□□□□□□□□
    Sounds scatterbrained, which unfortunately can happen to even intelligent people.

    This morning I set my keys next to my phone so I would grab them both on the way out the door. Still left my phone at home and now I'm stuck at work all day with no phone. Not the first time either.
  • gespensterngespenstern Member Posts: 1,243 ■■■■■■■□□□
    A lot of morons in any enterprise on any positions because humans suck at hiring based on merit. CISSP is hard, but doable with any dedication and experience, doesn't ensure that a person isn't a moron, just less likely to be an unbearable moron. In other news the grass is green.
  • PC509PC509 CISSP, CEH, CCNA: Security/CyberOps, Sec+, CHFI, A+, Proj+, Server+, MCITP Win7, Vista, MCP Server 2 Oregon, USMember Posts: 801 ■■■■■■□□□□
    Some times, people screw up. A lot of times, they over think the minor things. It happens. If this was an isolated incident, I'd take it as that. If it happens regularly, I'd be concerned.

    We all screw up, sometimes with a larger audience. As long as we learn from it and don't repeat it, we're good. Even a CISSP screws up from time to time. Only human...
  • E Double UE Double U Member Posts: 1,764 ■■■■■■■■■□
    @ EANx - Please provide his email address. I have a few phishing ideas I want to test. icon_cool.gif
    Alphabet soup: CISSP, CCSP, CISM, CISA, GDSA, GPEN, GCIA, GCIH, GCCC, CEH, Azure Fundamentals, Azure Security Engineer Associate, ITIL 4 Foundation, and more.

    2020 goals: AZ-900, AZ-500, GDSA, ITILv4

    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • ITHokieITHokie GXPN | GPEN | GCIH | GPYC | CISSP | CEH | MCSE | CCNA | Others Member Posts: 158 ■■■■□□□□□□
    EANx wrote: »
    My response was that I expected better from someone with a CISSP.

    But why?
  • cyberguyprcyberguypr Senior Member Mod Posts: 6,909 Mod
    I just literally came from a talk by Chris Hadnagy, well known social engineer and phishing expert. He admitted clicking on an Amazon-themed phishing email. It happens to many at some point, even pros.
  • kabooterkabooter Member Posts: 115
    I do agree with cyberguypr that even pros can slip sometimes. Happens to all of us but obviously taking an email too seriously about your account being locked out w/o doing due diligence is a bit ridiculous for anyone in IT let alone infosec.
    The CISSP exam is still very difficult one to crack but once I joined the bandwagon, I must say, I too am a bit underwhelmed by some of the cert holders expertise. I think that over time, we will see lot more degradation. One possible reason for it is the ubiquitous demand for CISSP by HR for almost every single cyber security job that is being posted out there. There is glut of teaching shops out these promising the moon for $xxx and 3-5 days. By making it an essential barrier that has to be crossed, it has made itself a target of horde of wannabees some of whom are less interested in perfecting than in jumping over the hurdle.
Sign In or Register to comment.