Published with Permission by:
Lint, James R., “First Day at BSidesLV Information Security Conference Offers Insightful Lessons”, In Cyber Defense, 26 July 2017, Web, http://incyberdefense.com/james-lint/first-day-bsideslv-information-security-conference-offers-insightful-lessons/
The BSidesLV Information Security Conference was filled to capacity on the first day of the show. This free conference has grown in popularity over the years, generating lots of interest because of its excellent speakers and topics.
Both the speakers’ pool and the various interest tracks enlighten experienced professionals as well as young people looking to break into the information security field.
Security Innovator Urges Business to Involve CSOs in Their Operations
Allison Miller delivered one of the opening addresses. Miller has worked at the intersection of cybersecurity, human behavior and predictive analytics for almost two decades.
She is an innovator in the security industry’s data-driven detection technology, specifically within security, anti-fraud/anti-abuse and payments/commerce systems. In her talk, “Something Wicked: Defensible Social Architecture in the context of Big Data, Behavioral Exon, Bot Hives and Bad Actors,” Miller urged companies to integrate their chief security officers (CSO) into their business operations.
A CSO pushed to the side or not in the boardroom often does not have the full picture of the organization, she said. That results in the CSO not having enough knowledge to protect all organizational assets or to understand what targets would attract hackers.
Miller noted that with so much new and expensive technology on the market, CSOs must understand that their purchasing decisions have a cost. Miller said CSOs must know how to communicate new technologies’ return on investment (ROI) to the board members.
Today’s cyber defenders must design architectural systems that operate in real time at Internet speeds, while also protecting millions of customers, transactions, end points and actions on any given day. As scale and complexity grow exponentially, manual intervention must be the exception and not the expectation, Miller noted. The future is new design-driven approaches infused with data and artificial intelligence to bolster cyber defenses.
Penetration Tester Recounts How He Accidentally Got a Job in Information Security
Johnny Xmas is a penetration tester for Chicago-based MMS and security assessment firm Redlegg International. Xmas shared his story of weaving through many career beginnings, but never gaining traction on a career path.
His passion for computers and technology led to many short-term contract jobs. Xmas became the man people called to solve computer problems, but no one ever wanted him for a full-time job.
His career path changed one evening while he and his roommates were having their weekly board game night. One of the new players, who turned out to be a senior information security professional at Office Max, said he was looking for someone to hire who was well versed in information security. Xmas spoke up and got the job.
Xmas told the audience to take advantage of social events because you never know who is attending. You won’t get a job if you don’t network and let people know you are interested in working for them, he added.
Security Mentor Explains What a Career in Public Service Is All About
Bobbie Stempfley has been a mentor to many aspiring security professionals. She reviewed her career in the Hire Ground Track of BSidesLV. Hire Ground gives job seekers resume reviews and interview practice.
Stempfley said her engineering degree wasn’t much use when she started her career as an intern shredding documents for the Army. However, she gained skills and a good deal of knowledge by observing how information security professionals went about their jobs.
That internship launched her decades-long career in public service with the Army, Department of Energy and the Department of Homeland Security. In 2015, Stempfley resigned as DHS Deputy Assistant Secretary of the Office of Cybersecurity and Communication to take a position with The MITRE Corporation.
About the Author
James R. Lint recently retired as the (GG-15) civilian director for intelligence and security, G2, U.S. Army Communications Electronics Command. He is an adjunct professor at AMU. James has been involved in cyberespionage events from just after the turn of the century in Korea supporting 1st Signal Brigade to the DHS Office of Intelligence and Analysis as the first government cyber intelligence analyst. He has 38 years of experience in military intelligence with the U.S. Marine Corps, U.S. Army, government contracting and civil service.
Additionally, James started the Lint Center for National Security Studies, a nonprofit charity that recently awarded its 45th scholarship for national security students and professionals. James was also elected as the 2015 national vice president for the Military Intelligence Corps Association. He has also served in the Department of Energy’s S&S Security Office after his active military career in the Marine Corps for seven years and 14 years in the Army. His military assignments include South Korea, Germany and Cuba, in addition to numerous CONUS locations. In 2017, he was appointed to the position of Adjutant for The American Legion, China Post 1. James has authored a book published in 2013, “Leadership and Management Lessons Learned,” a book published in 2016 “8 Eyes on Korea, A Travel Perspective of Seoul, Korea,” and a new book in 2017 “Secrets to Getting a Federal Government Job.”