Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
carbonblackLeslie MarcotteCARBONBLACK:8177F77FC4118DC24EF2A5EBEBDAF108
HistoryMar 14, 2019 - 12:00 p.m.

RSA Wrap Up: It’s All About The People

2019-03-1412:00:30
Leslie Marcotte
www.carbonblack.com
50
JSON

RSA 2019 just finished and – as always – what a week it was. This year was a personal milestone for me, with the week culminating in my presentation with Gary Hayslip, CISO at WebRoot, titled: “Why the Role of the CISO Sucks and What We Should Do about It.” But, before we get to Friday morning I want to talk about my other takeaways. For me this year represents the Year of the People. Far too often talks and presentations are focused on solving the technical problems behind infosec. Those are needed too, but over the last year I felt as though we (the infosec community) have finally added a focus to the people.

This blog will largely talk about people in the industry and what’s happening as a community to make us a better, healthier group of professionals. My biggest takeaway this year was to remember “It’s all about the people”.

Chronicle

The week started with an amazing announcement from Chronicle, followed by Carbon Black’s integration announcement. According to Dark Reading, “Chronicle uses the data to analyze months to years of attack information, as well as determine patterns across time. The desired result is simpler, faster and more cost-effective security analytics.”

MONTHS AND YEARS!!! This is just awesome and hasn’t really existed for the broad security market (it was too pricey to do it). As a Defender this is awesome. I think this is primed to disrupt a couple of markets, including SEIM and Threat Intel. This is what happens when the industry puts down the brands we wear and gets together to solve a problem. Together we can drive meaningful change in the industry and tip the scales back to defenders.

Solving the Cybersecurity Talent Shortage

On Wednesday, I got to spend time with the W Risk Group to talk about “Solving the Cybersecurity Talent Shortage.” This culminated in a very wet (thanks San Francisco rain) and amazing SF Bay cruise, where I met and spoke with people from very large banks, chip manufacturers, recruiting agencies and even my good friends at ITSP Magazine onboard. When we boarded we were given a #BeAnAlly ribbon for our RSA badges. For more information: http://www.beanally.today/.

This is just part of the massive banner that greeted us. People were allowed to express their opinions through markers and art. How fun is that?

The spirit of the group and conversations was something desperately needed. I had the pleasure of sitting with a former Brigade Commander for the Army, who was pretty much the person responsible for all logistics as the US forces rolled in to Iraq. She was amazing and we were able to talk about transitioning into civilian work that is meaningful, including helping other vets and being a voice for more woman in the industry. She shared her unique challenges leading in the Army and she left me with lots of areas to think about when it comes to moving the security industry forward. As I said in a blog from last year, my wife went to see me do a keynote and said after, “Everyone in the room looks just like you…that’s not good”. I wholeheartedly agree.

Along the way I was also able to meet the absolutely fabulous Deidre Diamond founder of CyberSN. I love meeting people who I should have probably known ten years ago, but for whatever reason we hadn’t actually met face to face before. She knows a lot of my infosec friends and family and I felt re-energized after meeting with her. Her stand for a better recruiting model and for diversity in the industry make her someone to admire. I was truly left better after a conversation with her. She also had a session following Gary and I’s on Friday, “Acquiring and Retaining Cybersecurity Talent, A Proven Model" that was super well-received. I am all for any information that helps all of us recruit and retain at a higher rate. Certainly someone to follow on Twitter (**@**DeidreDiamond ).

So what can we do? Literally we can be an ally, we can speak up and we can take a stand to be more inclusive as an industry, which we desperately need to be.

Gray Day: My Undercover Mission to Expose America’s First Cyber Spy by Eric O’Neill

I was able to snag one of the hottest books not yet on the market, Gray Day, which was being signed at RSA by our very own National Security Strategist, Eric O’Neill (**@**eoneill). I am almost finished and am so impressed. Eric’s writing about himself and personal struggles in a covert career showed vulnerability and a lot of the same human struggles we all feel. He is also able to deftly weave his story about how he helped the FBI catch the worst spy in US history with today’s reality of how the Spy game morphed to a Cyber game (while we were all off building websites!).

If you don’t know his story it is most commonly portrayed in the movie Breach - watch it and read the book.You will learn so much about Russian spy tactics that evolved after the cold war, and how this is still impacting us today. This should be on your 2019 reading list. Super relevant to where we are as a nation and our cyber posture today.

Threat Hunting at Scale

I also hosted a “Birds of a Feather” session on “Threat Hunting at Scale”. I was so happy to see how many teams are actually hunting now. THIS IS AWESOME. That being said we now need to educate each other on the challenges of doing Hunting at scale. This session had participation from all attendees and frankly speaking, I had to talk very little. Our table was the most packed (we had to add chairs) which shows how much value teams are getting out of the hunt. I won’t put the various attendees on blast in a blog but there was representation from all sectors including the public sector. I once again consider it an honor to be part of these conversations and hearing about how Hunting is putting the power back into defenders hands. The long and short of it is Hunting is yielding all kinds of fruit. Consider building a hunt team. If you have any questions there is a whole community waiting to help you out on your journey.

My favorite piece of swag this year was given to me by some new friends over at the Early Stage Expo which I highly encourage everyone who attends to at least walk around it. Cool new innovation going on over there. My own personal BlockChain…I am such a geek. One thing I hope we never do as an industry is to lose our sense of humor.

Why the Role of the CISO Sucks and What We Should Do about It

Which brings me to Gary and I’s session this year. I am so grateful Gary asked me to co-present this with him. It was truly an honor and I am very humbled by the reception to the talk. It is a very personal topic for Gary and I, and I thought it would be tougher to stand in front of a group of defenders to get “touchy feely” than it actually was. However, we felt as though we were the lucky ones chosen to represent all of us and I am grateful to help in anyway I can.

What an amazing reception. People were in the room early. We had friends move their flights. We had new people we just met join us in the room for what I dare say was not only a very cathartic session, but one that called our community into action. While we covered everything from the challenges of being a CISO to how we as a group can impact the next generation of defenders. I think the following tweets help sum the session up.

We were greeted after the event by many new friends and peers we hadn’t met. Each expressed a thanks and everyone was asking what they can do to contribute back. This culminated with a first time Blog from Tom Jun who I hadn’t met but now consider a friend. I think he did an excellent job of internalizing the talk and advocating for change. He said he would do it and he actually did!!!

We will for sure continue to beat the drum for happier, healthier infosec pros. I look forward to continuing this conversation. For anyone that missed our talk we will be rerunning it on a webinar (https://secure.carbonblack.com/why-the-role-of-the-ciso-sucks.html?)

My final thoughts are this: What a great time to be a defender. Sure, as always we have work to do, but I have personally never felt as tooled up and connected as we are as a group of defenders. Whether it is embracing MITRE ATT&CK and pushing us all forward to be better or just actually caring about each other as humans…there is no better time to be doing what we are doing then right here, right now. It’s weeks like this that make me think to one of my favorite groups and lyrics from Rage Against the Machine, “Guerilla Radio”:

“What better place than here? What better time than now?”

Followed by:_ “Can’t stop us now.”_

Happy Hunting and remember, please take care of each other.

The post RSA Wrap Up: It’s All About The People appeared first on Carbon Black.

JSON