This is the start of my blogging on Steel-Cyber!
The Cyber space has a lot going on, but from my experience it lacks the “basic” stuff that people are expected to know; but if that’s the case, how are you ever going to learn it? That is what I want to iron out. And so, this site is going to be a collection of stories/articles/blog posts relating to Cyber Security, personal experiences of SOC/Cyber and all from the analyst perspective!
Further info on abbreviations and meanings can be found under my second blog post, Jargon Buster.
Without further ado, welcome to my first blog post. This is my first time blogging so things will not be perfect. As an advocate for puns and joking around, I want to try and adopt a particular naming convention. Stay tuned to see what they are – let’s hope it’s not a flop! Pun fully intended. I also moan and whinge a lot so apologies in advance.
I want to use this space to start sharing my thoughts and experiences with the wider audience, whether this be to give a general insight into Cyber, the various role(s), managerial individuals, non-cyber individuals, recruiters.. You get the idea.
With relation to what is going to be on here, quite simple. I want to produce usable content that helps someone, somewhere. I admit, this may not be for everyone, and that is fine, we all like different things. As such, I want to share content that I feel is relevant to my experience and interests, as well as having a good moan about what I think needs to change.
Following on, I want to discuss things along the lines of current and previous projects that I have worked on within a SOC or Cyber, and the ones that I feel can be utilised across the industry. To blog about the SOC life from the analyst point of view and sharing those thoughts and frustrations – the aim being to address different individuals who are in different stages of their career and to hopefully open this to discussion in order to move forward.
A quote that sits firmly with me, both personal and professional. People are always going to notice the BAU stuff, the status quo – but in order to stand out, one must:
“Do the s*** that people do not see”
I’m sure this is a mutual feeling whereby you feel you are judged immediately in life. Whether it is the first time an employer sees your CV, if you get through to an interview, the first time you meet someone etc. etc., your first impressions count and you only get one chance at a first impression.
Relating to your career or job, and especially in cyber; you will be judged, and it’s a given, but you want to be recognised. Being recognised in Cyber at present can be a big thing as the industry is forever expanding and the networking is just as powerful. Here’s a challenge to prove my point, the next time you go to a conference, get talking to someone and I guarantee you both have a mutual connection somewhere in the industry. I’ve witnessed it first hand numerous times.
Anyway, back to the topic. What makes you recognisable? Do the s*** that people do not see. From experience, the way I have achieved this is to stand out from the crowd. Take the risks, operate outside of your comfort zone, take on extra work, revise in your spare time, but always make sure you do not stray from what is expected otherwise you’re unable to exceed said expectations and you’ll be shooting yourself in the foot. There can be a lot of pressure in the Cyber industry as you can be expected to pick things up quickly so not to fall behind, but to also develop and provide visible results. It’s tricky. Don’t worry though, you’re not expected to know everything instantly, and you will have superiors there for you who are ultimately going to mentor you and help you. It’s a win win. A professional development plan and regular (monthly) 1-2-1’s with your manager can be a good method of staying on track and to dive into new areas.
In addition to the above, another recognisable aspect of the Cyber industry, especially with recruiters are your certifications and qualifications. These could include your University degree, certifications, industry specific certifications, and so on and so forth. From my experience, I started my professional career in a 1st line helpdesk role. I did this both part time and full time while studying Computer Security and Forensics at University, and the experience I gained is unrivalled. I gained exposure to so many aspects of IT and I still use it to this day; and I’m still a firm believer that one of the best Cyber employees you could hire is someone from a helpdesk background because their exposure and knowledge is so diverse and they are so well rounded. Think, they’ve had exposure to networking, security, permissions, sys-admin, databases, dev/apps, troubleshooting, analysis and triage, and sometimes scripting (mainly PowerShell). Why would you not want that in your team? They have the ability to spot things that most wouldn’t purely because of their nature. They spot things that you wouldn’t even think about because they’ve fixed that issue previously. I am forensics by nature so I am analytical, I am thorough, I want to go down that rabbit hole of finding as much as I can; but being able to do that in a timely and effective manner – that is what sets you apart from the rest.
I still find it hard to specialise or focus on one thing, which is my downfall to an extent, because I want to get involved in everything and learn about everything. I like to be hybrid, a repository of knowledge, an escalation point, someone to ask – and I don’t regret any of this. I take pride in this and I have the helpdesk to thank for this. Another credit to the helpdesk and it’s staff is that they can talk. Not literally, they’re a social person. They can communicate technical jargon to non-technical people. They’re calm, they offer assurance and confidence in their ability. Even more reason to hire in Cyber because you need all these aspects.
One piece of advice, more to the previously stated, is to work closely with your peers and assist one another out as much as possible. It may sound silly or cliché, but this can lead to building the morale of the team and also the productivity. It is all a waterfall effect whereby things fall into place from subsequent actions and you will get satisfaction from it. Learn from others, mentor others, show them things and share your knowledge because you’ll learn so much more than you think. Your knowledge retention will rocket, and I am speaking from experience when I say that. Take plenty of notes, write knowledge articles and process runbooks, define actions and have it approved. You will impact the role you’re in far more than you may think. You will start to shape the way your department works without realising.
In summary, as a character in Cyber, the stereotype is typically that nerdy guy that just sits behind the computer coding all day. It couldn’t be any further from the truth. Sure you have the odd one, but it’s honestly not like that. Try and put yourself out there, network and communicate with people, ask those “stupid” questions because the answer you get will stick with you and you’ll learn from it, shadow on projects, offer to help, just put yourself out there. Don’t be a shadow and don’t be a sheep.
All feedback is welcomed and I hope to hear from you. If you have any questions or concerns, please do reach out to me.
Dan.
Steel Cyber Security 