Skip to content
Musa's Musings
Musa's Musings

Prevention is better than cure. Balancing powerful technologies with educated users

  • Home
    • #CyberAware
    • #CybersecurityRoadtrip
  • Musa CyberCafe Podcast
  • TBSP of Healing
  • Musa’s Musings
  • Reference Link Library
  • My account
    • Shop
    • Cart
    • Checkout
  • No Access
0
Musa's Musings

Prevention is better than cure. Balancing powerful technologies with educated users

#CybersecurityRoadtrip Day 10

MansiMusa, December 7, 2016December 7, 2016

Tuesday 12/06: Day 10

czcao0bwgaiobe0

img_4174

img_4168Our first and last day in New Orleans counted as a success as not only did we attend a conference, interview two leaders, but also had time to sightsee (had a tarot reading done, went to a voodoo shop) and try the local cuisine!

Pictured is the group having begneit, coffee and hot cocoa.

Notes from the conference: We attended Threat Intelligence Summit in #NOLA. Vendors such as DomainTools, Malwarebytes, NSS LAbs, ThreatConnect, Recorded Future and ThreatQuotient were all there. Below are my notes from the speakers we heard, I will be sure to add the presentation slides as and when they become available.

The keynote was delivered by Dr.Neil Jenkins from Department of Homeland Security (DHS). He shed light on the five routes DHS is currently taking to tackle the field of cybersecurity. 1) Information Sharing – this is between the private and public sector. Items like IP addresses can be shared to build an ecosystem of threat indicators. 2) Risk Assessment – DHS also provies risk and vulnerability assessments. This is to build an ecosystem of new tools, techniques and work of the next generation network protection. 3) Cyber Ecosystem – a cohesive resource for all 4) Federal Common Cybersecurity Baseline 5) Incident Response. Cyber incidents have evolved from being an attack on just one email to now having entire databases breached. Thus a more cohesive response is required from federal and private sectors. One such example is: Presidential Policy Directive 41 which was signed in July 2016. It essentially institutionalizes our cyber incidents coordination. The main themes are 1) Shared Responsibility – everyone needs to take accountability. 2) Risk-based Response – they are more likely to help a larger organization than a local pizza shop. 3) Respecting affected entities – essentially they will not reveal your company’s name or other sensitive information after a breach. 4)Unity of effort – the federal government will work together. DHS + FBI + Intelligence partners will all work together towards a common gaol. 5) Enabling restoration & recovery. Jenkins continued to speak about the three lines of effort namely asset respnose (DHS)- working with the affected network and systems, threat response (FBI) – focused on the actors/bad guys, and intelligence support – help understand the bigger picture. Just like the others from these past 10 days, Jenkins also emphaized the importance of communication. All these different groups and agencies have to collaborate together in order to produce an effective response.

Check Yo Self Before You Wreck Yo Self: The New Wave of Account Checkers And Underground Rewards Frauds by Ben Brown of Akamai Technologies was the next speaker. Topics such as incident response, tools, darknet makets, and laundering were covered. Brown had a natural talent to keep enough technical jargon to interest the audience and yet not overwhelm them! We had a chance to interact over lunch before heading onto interviewing him. One key aspect to note about Brown was that he was comfortable with himself, whether it be when it came to sharing his passion for rock climbing, rockhounding, reverse engineering or his active role in the LGBT community. That level of comfort filled the three of us with warmth despite being on an open terrace for the interview! His undergraduate degrees included anthropolgy and instead of disgarding it to enter the IT field, Brown decided to use it as he scopes out various cyber crime groups and their motives etc. It made me connect to what Christina Morillo had said in our first interview – technology is just a layer, you can add the layer to anything.

I had the chance to ask him few of the questions from what had come up in my Day 8 thoughts. The gap in Cybersecurity according to Brown is on financial and digital literacy. He termed education or lack thereof as being one of the most imporatant factors in the gap. When it came to small businesses, he suggested that they read up on the latest, implement network segmentation, and have appropriate (aka: not the same) login credentials for everything. For students & newcomers, he advised to gain experience by joining local capture the flag tournaments and do some research to what path interests you about the field. When asked about what centers him when the times get tough, he used his wife’s line, “I’m not laying a brick, I’m building a cathedral.” Such a handy line to help keep the bigger perspective in mind.

Our next interview was with Adam Kujawa from MalwareBytes. After hearing his talk on randsomware, I was even more excited to gain some industry insights and perhaps outline even the next few steps in terms of what a student in the field should do. Kujawa did not disappoint! Coated with quirky statements, contagious laugh, and a deep passion for security, Kujawa shed light on the non-traditional paths into the security realm. He, too, focused on the importance of gaining experience whether it’s small or big. The key, he noted, was to do something! Create a niche, get experience, don’t give up.

Today was perhaps the start of a new chapter in our trip – we have reached the “middle” of the journey. From the deeper questions we ask, to the increase in level of camaraderie between the team, to getting used to the RV living – a new leaf is surely turning over. The RV is filled with snores right now as everyone is getting their beauty sleep before the trek to Austin tomorrow!

For more updates, be sure to check Twitter, Instagram, and Facebook with #CybersecurityRoadtrip. Here are our individual twitter handles: Antwan, Emily, Mansi. HERE is an overview of the team, the route, current updates from RoadtripNation

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to email a link to a friend (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
#CybersecurityRoadtrip Musa's Musings

Post navigation

Previous post
Next post

Related Posts

#CybersecurityRoadtrip Day 12

December 9, 2016

Thursday 12/08: Day 12  Today was definitely a major day for the books. We were re-united with our beloved Director, Alex Gomez and enjoyed some some comfortingly scrumptious food from Magnolia Cafe! The morning of our first official day in Austin was spent at the IBM Corporate Campus. The opportunity…

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to email a link to a friend (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
Read More
#CybersecurityRoadtrip

#CybersecurityRoadtrip Day 22

December 19, 2016November 3, 2017

Sunday 12/18: Day 22 Today went by in a state of haze. It seems that the clock wants to speed up more, the more I want it to slow down and soak in these last few days of the entire journey. Antwan & Emily went in for another addition to…

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to email a link to a friend (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
Read More

#CybersecurityRoadtrip Day 8

December 5, 2016

Sunday 12/04: Day 8 10hours and 526miles later, we have made our way down to Greenville, South Carolina. Thanks to the support of the team, it was my first major solo trek. Drove through sunshine, rain, and dense fog…all that was missing was snow! All that driving gave a lot…

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to email a link to a friend (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
Read More

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Let's Connect!

LinkedIn
Twitter
©2023 Musa's Musings | WordPress Theme by SuperbThemes
 

Loading Comments...