Byte-Size Beginner

As we near the end of term, which feels surreal…. Where did the past 10 weeks go? It’s time to reflect on it all. I really enjoyed the blogging aspect of this course and with some of my previous classes. While it’s informal, it’s a good tool to reflect and discuss some of the topics for each week, while adding in your own personal flare. While I enjoyed the blogging aspect, my favorite part of it was coming up with fun/catchy titles to fit with each topic I chose. Even though this was not helpful for my current job, it’s nice to have the experience in the event that it could benefit a future job. In my previous wrap up blogs, I mentioned that I’m not sure if I will continue blogging, but now I think I will. While it probably won't be tech related, I can see how it can help build on your current skillset while also helping to connect with others in a relatable way. In turn, it could potentially translate into being more desirable. In a way that you are able to build connections an...

 Privacy and security are an interesting topic… why you ask? Because these are extremely important in today’s world! But did you know that they aren’t one in the same? But they do go hand in hand. Privacy is the act of keeping information private. It dictates the type of information that can be shared versus what can’t be shared. For instance, if you share your personal information with a company, they often times have a privacy policy that covers what information of yours they can share (legally), and what they can’t share with others. On the flip side, security is keeping that information safe. While they serve 2 different purposes, they essentially interconnect with each other. How you ask? Think of privacy as a house, all your stuff inside and it’s protected by the lock on your front door and only certain people can get inside. Without that lock on your door you no longer have the security needed to maintain your privacy and anyone can walk in at any time. Now, you can still ...

  The incident response lifecycle is more than just following a list, it helps to reduce impacts on organizations via attacks/threats. While it may seem like another box to check off as you run through the motions, it helps by minimizing damage that was caused or could be caused by threats or attacks, which can also directly impact the financial cost. Not only that, but if a company deals with high-risk data, the incident response lifecycle can help by protecting it, while also allowing an organization to learn from it and do things better in the future. A simplified overview of what the process entails is: prepare, detect, contain the threat, post incident activity. Essentially, an organization needs to be prepared to handle a threat. This means creating a plan, outlining everyone’s roles in the event a threat happens, ensure security measures are in place, and practically practice your plan. Once a threat has been detected, it’s time to move into containment; stopping the sprea...

  Automation can be extremely helpful when you need to simplify daily or mundane tasks. It’s no surprise that automation is a big part of the tech industry, specifically cybersecurity. Not only can it help with repetitive tasks but also streamlining and efficiency. A good example of this is SOAR, which stands for Security Orchestration, Automation, and Response. Simply put, SOAR connects various security tools in one place and essentially allows them to work together. Bringing everything together allows the automation to handle the repetitive tasks, such as checking alerts, going through data, and generating a record of any security issues found. Not only that, it can also assist in containing or potentially stopping threats, blocking access, or sending an alert to the team. This type of automation process is helpful in terms of staying consistent and being able to respond quickly if the need arises.

  Threat Hunting is an interesting concept… and it means exactly what it says. Hunting down threats before they find you, in a sense. While there still may be signs that a threat is there, it’s the act of finding and catching it before you know it’s a confirmed problem. In short, it works by coming up with a hypothesis, whether it’s based on something that seems off, or a potential gut feeling. The goal is to prove whether or not the hypothesis is correct or failed. Depending on what you’re looking for specifically it may involve looking through various data, like logs, network, activity, protocol analyzers, or comparing past activity to present activity. If the hypothesis doesn’t stand up, nothing happens. On the other hand, if it does, you move to incident response in order to fix, mitigate or manage the issue. While the process sounds simple when you put it into words, but in a real-life scenario it can be a little more complicated than it seems, and sometimes it may not get...