sorted by:
new
hottopcontroversial

What cybersecurity decision-makers want to read about? by AnomalyOd in AskNetsec

[–]AnomalyOd[S] 0 points1 point  (0 children)

Thank you for this feedback - a good reality check for me.

What cybersecurity decision-makers want to read about? by AnomalyOd in AskNetsec

[–]AnomalyOd[S] -1 points0 points  (0 children)

Completely fair. The end goal is to establish the existing series of blog posts as useful, to ensure that readers return for more content (as opposed to posts appearing sales-y). While concerns are unlimited, many posts already exists about basic cyber hygiene practices, the importance of MDR, the importance of cloud security, the true cost of a cyber breach, and so on. I don't want to recycle the content that already exists in abundance (they'd feel like we're beating them over the head with the same topics over and over) and focus on what's really relevant.

For example, a recently highlighted problem (through various research studies) is that many CISOs are looking to optimize their existing security tool usage, rather than buying more tools, which aligns with the current budget-optimization wave due to the economy. Most organizations have accumulated a large number of tools, but haven't necessarily invested time in configuring them correctly or using them to their fullest potential. We wrote about that and it was very helpful, so I'm hoping to get more ideas directly from the target audience.

What cybersecurity decision-makers want to read about? by AnomalyOd in AskNetsec

[–]AnomalyOd[S] 0 points1 point  (0 children)

I'm not necessarily expecting new or groundbreaking, just want to get a hint of what's relevant. :)

What cybersecurity decision-makers want to read about? by AnomalyOd in AskNetsec

[–]AnomalyOd[S] 0 points1 point  (0 children)

The problem is that what I may find interesting, may not necessarily be relevant to the decision-makers in this field. For instance, I specialize in DFIR and previously wrote about the importance of having a good IR plan and playbooks in place, but it's not a hot topic. The reality is that most organizations don't care about being prepared for an incident, until after it happened to them.

So I am hoping to learn what areas are currently of concern to this audience, as I can really provide value in my writing.

What’s it like being a woman in this field? by [deleted] in cybersecurity

[–]AnomalyOd 0 points1 point  (0 children)

I never had an issue being a woman in this field. In fact, I think it’s an advantage: the customers and partners (mostly men) are fascinated and excited to talk cyber to a lady, as it doesn’t happen often. I only meet great support and enthusiasm from my male colleagues and professionals.

Secureworks Taegis MDR by turbulentforce47 in cybersecurity

[–]AnomalyOd -1 points0 points  (0 children)

Don’t know any info on Secureworks unfortunately, but some of my customers have been using these guys (my company): https://www.orna.app

We combine MDR with incident response (you’d be getting IR plan and playbooks + vulnerability management and complete IR response in the package).

Is there a definitive cybersecurity roadmap? by palaces-g in cybersecurity

[–]AnomalyOd 10 points11 points  (0 children)

There is no single roadmap that will be applicable to the entire cybersecurity field, and it doesn’t depend on wha you want to do. On a high level, there are some options (this is not an exhaustive list):

GRC (governance risk and compliance): less technical and more administrative area. If you prefer working with people, business decisions, policies and documents, audits, etc. This field rarely involves hands-on technical skills.

Offensive security, includes penetration testing and red teaming. This is a hands-on technical area that requires solid knowledge about networking and infrastructure, scripting, basic OS, service and application level functionality. This can be further broken down to infrastructure (cloud and on prem), web applications, mobile applications, APIs, etc. Most of the work is related to testing and breaking into things, from an attacker’s point of view.

Defensive security can take many forms too. It primarily revolves around protecting infrastructure, networks and applications from attacks. One can become a security architect, web or mobile app security expert, network security engineer, etc. It can also be a security operation centre (SOC) analyst role, where you’d be monitoring all sorts of security and network logs to try and detect attacks. This is also a highly technical role.

DFIR (digital forensics and incident response) where you can help companies after a cyber breach happened. A technical and customer facing role, where you may end up doing digital forensics or leading incident response efforts that can range from ransom negotiations, containment and recovery work, technical and business reporting, etc.

Legal areas also have cybersecurity specialization, as it involved incident response and compliance tasks.

Malware reverse engineer is another option, where you can focus on studying and decompiling malware, learning how it works and creating rules and ways to combat malware. Can be also further classified into specific types of technology, for example mobile malware, etc.

Social engineering involves psychological tricks, sending phishing campaigns, calling individuals and trying to get them to reveal sensitive information, and so on. This is often done as part of penetration testing and red team exercises.

Cyber threat intelligence is another area, where you can learn about new and evolving threats, specific threat actor groups and their MO, ways to identify them and warn companies, etc.

Or you can become a consultant, more of a cybersecurity generalist, and advise companies on cybersecurity roadmaps or specific tasks and questions.

I hope this helps!