Working from home? Use the spare time for professional development

April 28, 2020 | Robert Fitzgerald

This blog was written by an independent guest blogger.

It’s 2020 and our world is rapidly evolving.  Many conferences and training programs have been cancelled, most of us are working from home, and it may seem like learning opportunities are scarce.  If you are locked in your house due to COVID-19, what could you be doing to improve your cybersecurity & information security skills?  Let me share a few ideas.

Let’s start with the most straightforward suggestion I give every person who wants to jump into infosec.  In my opinion, it is the fundamental skillset that will lift you above any and all of your peers and most seasoned professionals. It is considered by many in the industry to be beneath them and boring work that it is often overlooked, but is so essential to almost all organizations that people who have this skillset within an organization become critical to infosec operations and can easily flip between blue team and red team operations.  So what is my first recommendation? Learn Microsoft Active Directory.

Microsoft Active Directory (AD) is the heart and brains of most organizations today.  AD controls who and what is part of the corporate network, access and permissions rights, visibility, logging and reporting, and more.  When malicious actors want to “stop by for a visit”, their initial goal is to gain access to AD so that they can accomplish their larger objectives.  Think about this for a second, you wifi Access Point is nice, your endpoint is nice… but Admin privileges on the Domain Controller?!?  With those, they can go anywhere and take anything on the network.

Here’s a bigger secret: Most AD environments are a mess.  Total disaster that is being held together by hopes and prayers… and it is only getting worse.  Organizations buy products  to enhance their security because they don’t know how to use Active Directory! 

If you learn how to build trust relationships, user permissions and shares, roles, a GPO set that actually works the way it is supposed to, PKI management, proper logging and reporting and apply that knowledge to your environment, you will have  a very clear understanding of how malicious actors will attack you and how to identify and stop them.

My second recommendation, if you are able to, is to learn how to use the security tools your organization owns. In my experience, many organizations purchase tools for a specific purpose rarely implementing all of the tools features.  People that have a deep understanding of each of the tools become invaluable when something goes wrong. 

My secret? Start with the tools that the team takes for granted, the tools others don’t find interesting.  Some examples I’ve seen throughout my career include Antivirus, endpoint encryption, multi-factor authentication, but sometimes it can be firewalls, EDR or other tools.  Often it is the tools that team members have the least experience with or know the least about.  Regardless, all of these provide an opportunity to learn more, enhance your skills, and become more valuable to the security organization.

My third recommendation is to build your professional network.  Now is a perfect time to join LinkedIn and Twitter.  Now is a perfect time to join virtual meetups, free training sessions, and chat groups.  It doesn’t matter how much you know, if this is day 1 or day 10,000 in cybersec, engaging (professionally and politely) with others is a great way to widen your perspective, learn new things, and develop professional skills.  Added Bonus: developing and maintaining professional relationships now will help your career trajectory over time significantly.

My fourth and final recommendation is to focus on learning more about your industry and business in general.  If possible, subscribe to and read The Wall street Journal, The Economist, and other business-centric news outlets and journals.  Read the industry magazines that you used to see sitting in your lobby.  Set up Google Alerts for news notifications of your competitors.  The more you know about happenings in your industry and the world economy, the more prepared for protecting your environment you will be.

TLDR:

Now is a perfect time to improve your security skills.  The four skills I would focus on are:

  • Microsoft Active Directory knowledge
  • Existing tools in your environment capabilities
  • Professional networking
  • Business acumen

Here's a list of resources I use:

Robert Fitzgerald

About the Author: Robert Fitzgerald

Robert Fitzgerald is the founder of Arcas Risk Management ([url=http://www.arcasrisk.com]http://www.arcasrisk.com[/url]), a business advisory firm that specializes in aligning business objectives with technology initiatives, providing clients with technology leadership and guidance; Security, Risk, & Compliance assessments, support, and remediation; and Application Security management. Prior to launching Arcas Risk Management, Robert built and led the Security Risk & Compliance Practice for GreenPages Technology Solutions, a national IT Service Provider, MSP, and Consulting firm. Additionally, Rob worked at the start-up Secure Code Warrior, a secure coding training platform, as the Head of Customer Success; helped lead FireEye’s Mandiant Consulting building the Strategic Advisory Practice in the Northeast; worked in the Cybersecurity Advisory Practice at PwC’s Financial Services vertical; was the CISO for Hittite Semiconductor Corporation. Early in his career, Rob founded The Lorenzi Group, a nationally recognized consulting firm that specialized in incident response, digital forensics, user-based analytics, and expert witness testimony, and launched one of the first commercially available Security SaaS platforms before selling the company. Rob and his wife, Sarah, live in Massachusetts where they have 3 children and a dog.

Read more posts from Robert Fitzgerald ›

‹ BACK TO ALL BLOGS