Security operations · 2 MIN READ · SCOUT SCHOLES · OCT 16, 2024 · TAGS: Managed security / MDR / Planning
Aaron Walton, Threat Intelligence Analyst for Expel, was recently featured in a Guidepoint Security blog for Cybersecurity Awareness Month. You can read the original article here.
TL;DR
- Hear from five Expel Managed Detection and Response (MDR) SOC analysts on what to prioritize in October and beyond
- Get reminders—that you’ve likely heard before—on how to encourage good cybersecurity practices within your organization
- Check out the full article on Guidepoint Security’s blog
It’s October again, which means another Cybersecurity Awareness Month is almost halfway over. It’s the season of mandatory security training, articles about changing your passwords, and—if you’re a security practitioner—doing the same thing you do every other month of the year to keep your business safe.
Expel’s SOC analysts got together to talk about what Cybersecurity Awareness Month looks like as practitioners, and share their thoughts on promoting security stewardship the other 11 months of the year. Here are their key takeaways:
-
- If you aren’t doing everything possible to secure your identities, you’re exposed. “Everyone says identity is the new perimeter,” says Zach Zeid, Principal Detection & Response Engineer at Expel. “But, you know, ever since you had to log into VPNs, identity has always been the perimeter.” He continues, “A practical lesson I’ve learned is how impactful a password manager can be,” explains Zach. “Things like 1Password or Apple’s native password manager can quickly increase personal security posture. And then, you combine that with multi-factor authentication (MFA) and a hardware-based security token like a Yubikey. It’s an incredible combination.”
- Practice your skills and learn lessons now, or learn them the hard way next time there’s an incident. “Security, to me, starts with continuous learning and an open mindset,” says Brandon Overstreet, Senior Detection & Response Analyst at Expel. “I’ve found the most valuable way to learn is being hands-on and collaborative. You can read all the books, do all the trainings, and learn all the theory—but once you’re in the real world, you’re likely to run into things you don’t understand. And, at that point, you lean into your teammates’ knowledge to determine what’s going on.”
- Mistakes will be made because we’re all human, but it’s how you learn from them that counts. Matt Jastram, Senior Managed VM Analyst at Expel, shared a story about a vulnerability scan that was executed without quite enough planning. After knocking down and entire network, he ran into his VP, who laughed about the whole thing (once it was resolved, of course). “It turns out that leaders are also susceptible to mistakes—and in some companies, leadership often earns their high-ranking positions based on how they reacted and learned from these sorts of incidents. So, in learning from your mistakes, you ultimately have the opportunity to become a better leader.”
- Engaging education is necessary to get buy-in—and compliance—from people outside of the security team, which is key to staying protected. “Cybersecurity Awareness Month is only as strong as your security education program,” says Zach. “In a previous role I had, we would do engaging things to educate non-security personnel, like setting up security escape rooms. This way, we’d educate our people while making sure we’re not talking down to them.”
- Good security skills apply to your personal life, too. “The biggest lesson I’ve learned in my career is that security is really about managing risk,” said Zach. “Managing risk is an inherently human instinct. We do it every day in our personal lives, whether we’re deciding to cross the street or not. The same principle applies to cybersecurity.”
Get more SOC wisdom from our analysts in the full article, or by subscribing to our blog to be the first to know when they share new insights.
