This session will outline common roles for cyber defenders, including areas like Security Operations, Engineering and Consultancy. It will focus on the fundamental competencies (skills/behaviours) expected of entry level applicants getting into cybersecurity and how to build yourself into a confident professional working to defend your employer and their customers.
2. • Product Lead at Adarma for Detection & Response
• Alumnus ofEdinburgh Napier University
• Co-Founder of Cyber Scotland Connect
• Member ofSplunkTrust(MVP)
• @cyberharibu
Harry McLaren
CISM,CISSP, CCSP,C|EH,MBCS
Previous Roles
SecurityEngineer,SOCConsultant, ManagingConsultant| 2016-2019
SOCAnalyst & Incident Investigator| 2013-2015
ComputerTechnician& DesksideSupport| 2006-2012
3. Agenda
- Importance of Defensive Cybersecurity
- SOC Purpose & Components
- Becoming a Defender (Careers in SOCs)
- Key Competencies for Defenders
- Resources
~40mins
4. Importance of Cybersecurity Professionals
Business Email
Compromise
Includes invoice scams and spear
phishing spoof attacks which are
designed to gather data for other
criminal activities.
$1.7B
● Security Awareness Training
● Simulated Phising
● Password Reuse Policies
● Multi Factor Authentication
● Phishing Protection
● Incident Planning
Ransomware
Threatens to publish the victim's data
or perpetually block access to it unless
a ransom is paid.
$7.3B
● Security Awareness Training
● Simulated Phising
● Anti Malware Software
● Backups (Off-site / Disconnected)
● Business Continuity Planning
● Incident Planning
5. Importance of Cybersecurity Professionals
Source: World Economic Forum Global Risks Perception Survey 2019–2020
6. Importance of Cybersecurity Professionals
Source: World Economic Forum Global Risks Perception Survey 2019–2020
8. Topreparefor,detect,andrespondtocybersecuritythreats.
Purpose of a SOC
• Ensure you have the people, processes, and technology to support thedetectionand response to attacks
to your organisation.
Prepare
• Proactively monitor your environment for evidence of threat actor’s activities.
Detect
• Reactively respond to detectedthreats to your organisation, including coordination andsupport of
incident investigations.
Respond
15. Behavioural Competencies
Understands how the company operates and the impact of decisions and actions
on its growth.Business Insight
Delivers timely performance with energy and pace, taking responsibility and
accountability.Performance Driven
Places customers at the centre of our activities, listening to them, understanding
their needs.Customer Passion
Identifies opportunities to improve current work practices with a willingness to
take risks.Innovative Thinker
Maximises impact by confidently communicating ideas and information
effectively.
Engaging
Communication
Passionately believes that continuous learning is critical for success.Learning Mindset
Is open and approachable and works effectively and cooperatively with others.Collaborative Partner
Positively demonstrates an ability to take responsibility for one’s actions and
decisions while operating with honesty, integrity and respect.
Personal
Responsibility
16. Emotional Intelligence (EI)
Self-Awareness
• The ability to recognize and understandone'smoods, motivations,and abilities.
Self-Regulation
• The abilityto controlone'simpulses, the abilityto thinkbeforeyou speak/react,and theability toexpress yourself appropriately.
Motivation
• Havinganinterestin learningand self-improvement.
Empathy
• The ability to understandotherpeople’s emotionsand reactions.
Social Skills
• The ability to pick up on jokes, sarcasm, customerservice, maintainingfriendships andrelationships,and findingcommon groundwith others.
Source: http://theimportanceofemotionalintelligence.weebly.com/the-5-components.html