Live Cyber Attack Lab 🎯 Watch our IR team detect & respond to a rogue insider trying to steal data! Choose a Session

X

Five Brain Hacks for Sysadmins and Infosec Pros

IT Pros

Automation has always been a good friend to IT. It’s helped us get our work done faster on projects that involved lots of tedium but required little technical skills. Automation allows us to focus our time on more rewarding projects that require years of experience and special tech wisdom.

You know, like redesigning a Hadoop cluster or taming the company’s cable infrastructure so that it’s a thing of beauty.

Get the Free Pen Testing Active Directory Environments EBook

“This really opened my eyes to AD security in a way defensive work never did.”

Of course, if only everything in IT were as simple as a script or point and click!  But that’s not the way of IT.

We’re often tasked with finding creative solutions with fewer resources, reaching our next milestones faster, or moving past internal resistance in order to experiment with new ideas.

Can we rewire ourselves so that we’re better able to handle the hard challenges of IT? What might help are brain hacks – ways to think about  IT differently.

Andy and I came up with some ideas for upgrading your firmware and boosting your own creativity.

Design Thinking

Big data challenges require big thinking, or more specifically, design thinking. It is a methodology to solve your data challenges and to generate innovative solutions, based on a user-centered approach with a multi-disciplinary team.

Click here to learn about the 9 step process and how to incorporate it in your data strategy. It helped the guy who created the iPhone and it can help you too.

 

Leave a review for our podcast & we'll send you a pack of infosec cards.


Pen Testing

One area where cogitating in alternative modes really pays off is in penetration testing. The best testers really go into character, viewing themselves as hackers and everything they touch as hackware. Or as we like to say, pen testing is what you get when you red-team data security.

In our posts on pen testing, we­­’ve written about how testers use standard IT tools—for example, arp, netcat, ssh, psexec—to find vulnerabilities and then hop around the victim’s system.

These links below will expand your pen testing consciousness:

 

Leave a review for our podcast & we'll send you a pack of infosec cards.


Diversity & Inclusion

“When surrounded by people “like ourselves,” we are easily influenced, more likely to fall for wrong ideas,” writes Columbia sociologist David Stark and organizational researcher Dr. Sheen Levine, “Diversity prompts better, critical thinking. It contributes to error detection.”

Not only is diversity good for preventing miscalculation, research from Center of Talent Innovation says that companies with a diverse management and workforce are 45 percent more likely to report growing market share, and 70 percent likelier to report that their companies captured a new market.

Convinced that you need a Diversity & Inclusion program? Click here to learn how to create one.

 

Leave a review for our podcast & we'll send you a pack of infosec cards.


Privacy by Design

In this past year, we’ve written tons about data security compliance and regulations. If you don’t believe me, check out our C&R topic. But is there a way to think differently about this area? Of course! There’s a meta view of data security that’s nicely contained in Privacy by Design (PbD).

Developed by Ann Cavoukian, former Ontario Information and Privacy Commissioner, PbD take a different view on privacy. Essentially it says that privacy (and security) are something you do at the start—it’s baked into every IT decision.

For example, in looking at the data you’re protecting, you’ll want to question whether you really need it in the first place! Minimizing data collected from consumers and only retaining personal data for a given period of time is an important part of PbD.

Learn more about viewing data security the PbD way in this post, the Privacy by Design Cheat Sheet

 

Leave a review for our podcast & we'll send you a pack of infosec cards.


User Behavior Analytics

An important exercise in thinking in new ways about data security is to drop basic assumption. One assumption that many in IT still have is that perimeter defense –firewalls, intrusion detection, etc.—will prevent hackers from getting in.

We know from most of the major breaches in the last few years that hacker have come in through the back door, using phishing or injection techniques.

Think differently by dropping the assumption that there’s such a thing as air-tight security.

That’s where User Behavior Analytics (UBA) come into play. This technique takes the view that attackers will get into your system in spite of high cyber defense walls, so your goal should be speedy detection of the intruder.

UBA works by focusing on user activities and then deciding whether they vary enough from a pre-calculated average. So Jane in legal who is all of a sudden copying massive amounts of files from the customer services group may very well be the hacker known as De3thSlasher.

 

Leave a review for our podcast & we'll send you a pack of infosec cards.


Cindy Ng

Cindy Ng

Cindy is the host of the Inside Out Security podcast.

Andy Green

Andy Green

Andy blogs about data privacy and security regulations. He also loves writing about malware threats and what it means for IT security.

 

Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.