Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security ……PLOTTING YOUR PATH

Published byMerry Hubbard Modified over 5 years ago

Similar presentations

Presentation on theme: "Information Security ……PLOTTING YOUR PATH"— Presentation transcript:

1 Information Security ……PLOTTING YOUR PATH
March 10th , 2017

2 Presenter Eric Yancy, CISSP, CCSK, CISM, CISA, NSA-IEM
Director, Information Security, Onyx SecureCenter March, 10, 2017

3

4 Information Security - Technology
Operating Systems (Linux / Windows / Mobile) Programming languages (Python, Java) Intrusion Detection Firewalls Behavioral Analytics (East / West) Big Data analytics File Integrity Monitors (FIM) – TripWire Security Event Incident Management (SEIM) – Secure Works / Splunk Cloud (Microsoft Azure, Amazon AWS) Security Operations Centers (SOC)

5

6 Threat Actors Internet Of Things (IoT)
Nation States – Cold War (45% embargo on China) Hacktivists (Anonymous) Cold War – German Power Plant, Iran Nuclear Centrifuge Improved Tools (next, next, finish) – Metasploit, Kali Bot Net Terrorists Organized Crime Ransomware, Phishing, Whaling, Malware, etc.

7 Innovations – Future State
Wearable's (contact lenses) IoT (home automation, shopping, entertainment) Drones User Interfaces - Flexible screens, voice, augmented reality Robotics (Biometrics, Medical Devices) Autonomous Cars (Ethics issues) Embedded Devices (SCADA) – InfraGard Virtual Reality 3D Printing

8 Your Career Huge Delta / Deficiency Salary
Huge Diversity (mile wide, inch thick) Seek an Internship Get Certified (CISSP, CISM, CISA) IoT and Cloud Create Your Brand Get a Mentor or Coach

9 Learn the basics: Learn Linux:  Most security takes place at the scripting level, therefore, you need to become extremely familiar with the Linux operating environment. Scripting Skills:  Build on basic coding skills (Python, ruby etc) to build tools etc.  Learn penetration testing: . Focus on one area first:   Networking Database Application development (SDLC) Build your own lab (virtual machine / KALI)

10 Early Career Paths Become a QSA or work for a company performing gap analysis.  Work as a system administrator or network engineer.   Learn penetration testing as many companies accept newbies in this field. Start out as an analyst in a SOC or Incident Response area. Focus on AppDev and WebApps Get a degree is from a US University that has a Cyber Security or Information Security program. You may also want to explore working directly with the US government (FBI, CIA, NSA), specifically if you have language skills other than English. Networking:  Never underestimate the power of networking. If there are local ISC2, ISSA, or ISACA chapters, attend a meeting and network.

11 Certifications: You may want to start off getting some basic certifications which don’t require experience such as: Network+ CompTIA Sec+ OSCP – Offensive Security Certified Professional Once you are experienced, you could further your career by getting these certifications: ISACA, ISC2, GIAC CISA – Certified Information Systems Auditor CISM – Certified Information Security Manager – Requires more proof of experience than CISSP CCSK / CCSP Certified Cloud Security Knowledge / Professional CEH – Certified Ethical Hacker CISSP – Broad certification, best recognized, Highest Level.

12

13 Appendix and Useful Links
The Dark Side of Wearables ( security-and-privacy/) IoT – Why security is critical ( Latest DDOS using IoT ( botnet) Car Hacking ( Cars Programmed to Kill ( Big Data, Big Problems ( German Nuclear Plant Attacked ( Hack causes massive damage at steel plant ( Water Treatment Plant Hacked ( Cyber Warfare – Office of Personal Management ( The Future of War ( Microchips and Devices ( technology/news-story/536a08003cb07cba23336f83278a5003) Hacked Medical Devices ( va/128608/)

14 Questions?

Download ppt "Information Security ……PLOTTING YOUR PATH"

Similar presentations

ETHICAL HACKING A LICENCE TO HACK

ETHICAL HACKING A LICENCE TO HACK
Vision and Platform: Cloud First-Mobile First Eduardo Mangarelli Sr. Director of Technology, Microsoft

Vision and Platform: Cloud First-Mobile First Eduardo Mangarelli Sr. Director of Technology, Microsoft
PENETRATION TESTING Presenters:Chakrit Sanbuapoh Sr. Information Security MFEC.

PENETRATION TESTING Presenters:Chakrit Sanbuapoh Sr. Information Security MFEC.
The development of Internet A cow was lost in Jan 14th 2003. If you know where it is, please contact with me. My QQ number is 87881405. QQ is one of the.

The development of Internet A cow was lost in Jan 14th If you know where it is, please contact with me. My QQ number is QQ is one of the.
The Technology Tool Kit version 2.0 August 2014 Presenter: Deborah Watson InfraGard Houston Chapter - SIG Security Guide & Tool Development Manager.

The Technology Tool Kit version 2.0 August 2014 Presenter: Deborah Watson InfraGard Houston Chapter - SIG Security Guide & Tool Development Manager.
Oklahoma Chapter Information Systems Security Association Oklahoma Chapter, Tulsa Oklahoma City Chapter, OKC Student Chapter, Okmulgee Oklahoma Chapter,

Oklahoma Chapter Information Systems Security Association Oklahoma Chapter, Tulsa Oklahoma City Chapter, OKC Student Chapter, Okmulgee Oklahoma Chapter,
Certification and Training Presented by Sam Jeyandran.

Certification and Training Presented by Sam Jeyandran.
Computer Science and Engineering 1 Cyber Security University of South Carolina Columbia Center for Information Assurance Engineering (CIAE)

Computer Science and Engineering 1 Cyber Security University of South Carolina Columbia Center for Information Assurance Engineering (CIAE)
Nata Raju Gurrapu Agenda What is Information and Security. Industry Standards Job Profiles Certifications Tips.

Nata Raju Gurrapu Agenda What is Information and Security. Industry Standards Job Profiles Certifications Tips.
IoT, Big Data and Emerging Technologies

IoT, Big Data and Emerging Technologies
Ethical Hacking and Network Defense NCTT Winter Workshop January 11, 2006.

Ethical Hacking and Network Defense NCTT Winter Workshop January 11, 2006.
Copyright Prentice Hall, Inc. 1 Computers: Information Technology in Perspective, 11e Larry Long and Nancy Long Chapter 12 Technology and Society.

Copyright Prentice Hall, Inc. 1 Computers: Information Technology in Perspective, 11e Larry Long and Nancy Long Chapter 12 Technology and Society.
Alert Logic Provides a Fully Managed Security and Compliance Solution Based in the Cloud, Powered by the Robust Microsoft Azure Platform MICROSOFT AZURE.

Alert Logic Provides a Fully Managed Security and Compliance Solution Based in the Cloud, Powered by the Robust Microsoft Azure Platform MICROSOFT AZURE.
Center for Cybersecurity Research and Education (CCRE)

Center for Cybersecurity Research and Education (CCRE)
MVHS Career Night 2015 Information Security. Agenda What is Information and Security. Industry Standards Job Profiles Certifications Tips.

MVHS Career Night 2015 Information Security. Agenda What is Information and Security. Industry Standards Job Profiles Certifications Tips.
Chapter 9 The People in Information Systems. Learning Objectives Upon successful completion of this chapter, you will be able to: Describe each of the.

Chapter 9 The People in Information Systems. Learning Objectives Upon successful completion of this chapter, you will be able to: Describe each of the.
CHAPTER 18 TECHNOLOGY ADVANCEMENTS IN THE WORKPLACE.

CHAPTER 18 TECHNOLOGY ADVANCEMENTS IN THE WORKPLACE.
Ethical Hacking and Network Defense. Contact Information Sam Bowne Sam Bowne Website: samsclass.info Website:

Ethical Hacking and Network Defense. Contact Information Sam Bowne Sam Bowne Website: samsclass.info Website:
Cyber Security – The Changing Landscape Erick Weber Department of Public Works Khaled Tawfik Cyber Security.

Cyber Security – The Changing Landscape Erick Weber Department of Public Works Khaled Tawfik Cyber Security.
Information Security and Technology Overview Presented By: Enterprise Risk Management (ERM) Division Jill Martucci, CISA, SSCP, Senior Allison Hall, Experienced.

Information Security and Technology Overview Presented By: Enterprise Risk Management (ERM) Division Jill Martucci, CISA, SSCP, Senior Allison Hall, Experienced.

Similar presentations

Ads by Google