Skip to main content

Public Safety to Cybersecurity, from a friend of GingerSec

Reasons why Infosec is a good job for prior law enforcement: 

 

1. The ability to articulate 

 

Summarizing your probable cause for 4 felony charges based off of one DUI stop into one sentence is a skill that takes years to master, and can transfer well into other fields. The complex, technical nature of cyber investigations demand this ability, and it is sorely lacking in the technical workers in the industry. 

 

2. Report writing for an investigation 

 

This goes hand-in-hand with the previous point, but reporting your findings in a logical manner is another skill that's highly valued. The first time I documented my findings from a phishing attack our organization had fought, my manager read it while yelling, "THIS IS SECURITY PORN!!!" 

 

No, it's just a report detailing the incident. But that's such a foreign concept that's so highly valued, it's easily worth close to 6 figures, if not more. 

 

3. Slowing your roll 

 

We've all been that rookie who gets way too excited about every toned outcall, but hopefully, we grow out of it. That ability to slow down and get all the facts before rushing to judgment is critical. The first time I saw the Emotet spam campaign hit us with thousands of unique, custom-tailored phishing emails, some of us were convinced this was an advanced nation-state attack. No, it's not. Slowing down and getting all the facts before hitting the big red button is something you learn from experience and feeds your intuition. Again, this is something that comes from your current experience skillset and takes years to develop. 

 

This also feeds into prioritizing. There will always be more issues than resources to fully investigate them. By slowing down and understanding the threats we can make the best decision possible. 

 

4. Risk Management 

 

You've been doing risk management your entire career. Juggling competing priorities of ethics, liability, legal considerations, case law, and the whim of your lieutenant is a balancing act you've managed to figure out. These are all risks, and the ability to find a path forward and make decisions considering the myriad of factors is an example of managing risks. 

 

The cyber-world has the same demands, although the consequences are counted in dollars per minute. I've heard examples from colleagues in the e-commerce world who rate downtime in terms of $100,000 increments per X seconds. Evaluating competing business priorities is a complex thought experiment. Being able to articulate that in a succinct manner requires all of the previous skills. 

 

5. Doing a good, defensible, investigation 

 

You're used to doing an investigation and answering the questions that are bound to come up. You're used to defending your work in an adversarial environment and making your case, so you're accustomed to asking yourself the questions you're bound to encounter that will call into question the thoroughness of your work. 

 

This includes evidence collection. On numerous occasions I asked colleagues about ongoing issues and asked for logs, to which I was told, "Well, we never saved any." This, of course, is unacceptable, and illuminates the underlying issue: they don't understand how to support their statements. 

 

By approaching technology with a mindset that has been through litigation and the courts, you're fundamentally better prepared to defend your work and back up your statements. The first time you present something to HR complete with a synopsis, narrative, screenshots, and timelines, it will blow their minds. 

 

6. Learning deeply nuanced and technical work 

 

One of the biggest excuses I've heard from family and friends is that "they can't do that nerd stuff" and "it's too technical." 

Did you memorize a series of Title 28 and Title 13 statutes? Their underlying elements? The difference between negligent and intentional? 

 

Did you memorize probable cause? 

 

Have you maintained a running list of statutes the county an attorney is issuing felony waivers for this week? 

 

You can memorize some ports, what they do, and the attacks associated with them. Easy. This is just a continuation of the skills you already have. 

 

That skill is the ability to learn and be dynamic in your thinking. 

 

The only constant in law enforcement is changing, and this is just as true in the cyber world. These are all conditions and dynamics you're already accustomed to. 

 

7. There are fridges and bathrooms 

 

At my first cybersecurity job I was shown where the refrigerators were and the bathrooms on the first day. And then it hit me: I can go hit them whenever I want. I could just get up, get a refill of water and go to the bathroom, as soon as the urge hit. It was amazing. 

 

Coupled with today's remote workforce and this is amplified: now you can work from home. The benefits are as good as they sound, if not better. Trust me on this one. 


Comments

Post a Comment

Popular posts from this blog

3 real-life lessons in transforming learning with technology

Student-centered opportunities and experiences help students get in touch with who they want to be and what they want to accomplish in the world. However, these approaches to learning are high in demand, but also low in supply. What's more, school districts today are challenged with accommodating a wide variety of students with different learning abilities. Fortunately, Windows 10 devices help students, of all skill levels, collaborate, communicate, and express their creativity. Use this gated eBook to demonstrate how Windows 10 devices help enhance students' stake in the learning process. Customers will learn about successful, district-wide implementations where schools took a data-driven approach to drive greater learning outcomes. View: 3 real-life lessons in transforming learning with technology
Post a Comment
Read more

Transform your business from local to global with digital collaboration. Get started with Microsoft Teams.

How do you increase the scale of your business without compromising your teams' work structure and methodologies? Truth be told, there is no single answer to this question, but there is one solution that has been proven to yield outstanding results for today's leading enterprises: digital collaboration. However, the real challenge lies in choosing the correct platform on which to build your modern workplace—one that provides the flexibility, efficiency, and customizability that complements your work methodologies and empowers your employees. Thankfully, one such platform exists, and is currently being utilized by today's industry leaders to complete fascinating, intricate projects around the world. Subscribe now to learn how Microsoft Teams can become the best tool for your workforce to reach its full potential, and how your business can go from local to global with Microsoft cloud. View: Transform your business from local to global with digital collaboration. Get star...
Post a Comment
Read more