Many of our habits are ingrained and instilled into us from
when we are very young, but keep in mind that habit formation can still
transpire even well into our adult hood.
Anybody or anything can shape our behavior towards certain
things in life, but the common denominator in all of this that while when New
Year’s rolls around, and we promise to break old habits and start new ones, we
always go back to the way we were, no matter how much of a best effort that we take.
Now, I am by no means a psychologist in any way, and I too
have been stuck in my ways for a long time.
I keep thinking to myself I am going to change some old
habits of mine and start new ones. But
more than 90% of the time, I go back to my old ways, something of which I am
not too proud of too say. But one of the
key things that we have to learn in life is how to keep our personal habits
separate from our professional habits.
If you think about this, this is an even harder task to accomplish.
After all, we always want to leave the best impression that
we can not only with our supervisors and coworkers, but we also want to do that
with our customers as well. And this is
even more true in the world of Cybersecurity.
After all, we do not want to blend in our “bad habits” to what we do as
a living every day, as there is too much at stake here.
So, what are some key, good habits that, you the
Cybersecurity professional need to maintain at all times while you are on the
job? Here are some key traits to be on
the conscience look out for, and try to adopt:
*Keep abreast of the latest frameworks:
Now I realize that this is a tough one to be had. For instance, there are tons of them out
there, a lot oof them from NIST as well as others from the more established
Cyber vendors, but you don’t need to stay on top of each and every one of
them. It’s almost impossible unless you
have a photographic memory. So in this
case, you should have a serious talk with your CISO and IT Security team and
try to figure out which framework your company wants to adopt and make use of
going forward. In this regard, one of
the most popular ones to use is that of the MITRE ATT&CK. The link for this is below:
This framework is about as real world as it can get, as the
bulk of this knowledge comes from observations submitted from other Cyber
professionals. So if you choose to use
this framework, make sure that you are reviewing it, at least once a week or so
to keep on top of any updates that are made to it.
*Keep an eye on what is real:
Let’s face it, burnout in the Cyber industry is quite high
right now, and one of the main drivers for this is the jargon which is known as
“Alert Fatigue”. Simply put, this is where
the IT Security team is so inundated with all of the information and data that
they receive, they let the legitimate warnings and alerts to literally fall
through the cracks because they are so exhausted. What can be done about this? It is simple, make use of both AI and SIEM
tools. With the former, it can
automatically filter out for only the real threats, and with the latter, they
are all presented to you in one harmonious dashboard so you do not have to comb
through hundreds of screen. If you don’t
have this in place, talk to your CISO about it ASAP, and get it implemented
quickly. This is now a must have given
the heightened level of Ransomware attacks that we are seeing these days.
*Maintain a proactive stance:
This is one of those good habits, that unfortunately takes a
long time to build, and usually has to come straight from the top, especially
from your CISO. Not only that, but this
takes an enormous conscience effort as well.
But it is important to keep here that you do not have to do this all
overnight. Creating a good habit takes a
lot of time to accomplish. Instead,
break it down into bits. For example, as
it relates to Cyber, perhaps engage first in preemptive actions, like
conducting a Threat Hunting exercise each week for a certain part of your
IT/Network Infrastructure, to make sure that there are no malicious actors
lurking around in there, that are moving in a lateral fashion.
*Keep up with the triaging:
This goes back up the second point that I just talked
about. Now that you have the tools (AI
and SIEM) to help weed out for the false positives, the next mission for the IT
Security team is to triage them into the proper, escalating fashion so that it
can be acted upon. True, you could also
automate this process as well, but IMHO, this takes a human eye to do. Keep in mind that you have to plug in certain
rules and permutations into the AI system of what to look out for. It is not
yet a perfect science. So in this
instance, these tools may not be able to the proper sort of escalation
(meaning, something that is urgent may be marked merely as “important”), thus
still requiring human intervention.
My Thoughts On This:
Well there you have it, some key behavioral traits that only
you, but the rest of your IT Security team and even CISO have to instill into
themselves. This is an area of human
behavior that cannot be pushed off, especially given the Cyber Threat Landscape
that we are faced with today. But as I
have mentioned before, starting up a good habit not only takes a lot of time,
but a lot of hard work as well.
But don’t take things in one huge gulp, as you will face an
even more severe layer of burnout.
Instead, try to adopt these good characteristics a bit at a time, until
they become fully ingrained into your and your team.
No comments:
Post a Comment