[AusNOG] What Cyber Security Knowledge is best for 2017+

Giles Pollock glp71s at gmail.com
Wed Jan 25 00:21:03 EST 2017 

Key components of IT security... Thats a tough one. You have things like
incident response, forensic investigation, ethical hacking, penetration
testing, auditing... The list is wide and varied and overlaps in many
places.

Probably the key component however is the adaptability, flexibility and the
ability to think, diagnose and investigate things, all while maintaining a
strong professional and ethical standard. It also helps to be able to
recognise patterns in sets of what is often disparate data, and be able to
work through a problem and produce reports useful to non-technical people
too.

So the real question is more what you could bring to an IT security team
utilising your existing knowledge and skills. Anyone can do a course (or
courses), but the thing that really adds value is where past experience can
be drawn on to deal with unusual or unexpected situations quickly and
effectively.

I'd expect having done hosted solutions, you would at times have had to
help users investigate hacks (someone running an out of date wordpress
installation is always a good one), identify what was messed up and get
everything back together again, or deal with DDoS attacks or abuses of
services. Maybe incident response could be a thing to look at? If
investigating what has happened to a system, or what someone has done or
tried to do is more your thing, an IT forensics course may be more
interesting. If you like reading through long checklists and contracts and
producing long and detailed reports while ensuring every t is crossed and
every i is dotted, IT security auditing maybe an area to look at.

One thing is for sure, IT security is not going to disappear any time soon.
Its one thing that many organisations consider to be very delicate (often
discreetness is an important element to them too, we've all seen what
leaked data can do to a business!) Its not something that can be readily
outsourced in its entirety, nor can any random person just pick up and use
tools to do the job without first really understanding the landscape in
which they need to use them.

On Tue, Jan 24, 2017 at 9:42 PM, Roland Dobbins <rdobbins at arbor.net> wrote:

> On 24 Jan 2017, at 15:28, Glenn Hocking wrote:
>
> What do the list think as the key components to Cyber Security for 2017
>> going forward?
>>
>
> Minus the 'cyber' appellation, which is generally frowned upon by seasoned
> security practitioners, DDoS defense is (unfortunately) a booming business,
> and there's a shortage of skilled, experienced engineers who have deep and
> broad knowledge in the availability space:
>
> <https://app.box.com/s/4h2l6f4m8is6jnwk28cg>
>
> -----------------------------------
> Roland Dobbins <rdobbins at arbor.net>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20170125/9947d961/attachment.html>

More information about the AusNOG mailing list