INFORMATION SECURITY WARRIORMike Spaulding

@fatherofmaddog

Opinions and Legal Stuff

• The opinions that I express in this presentation are my own and do not represent my employer(s) opinions.

• Also, any advice given during this presentation is given without any legal regard. If you have questions that you are doing something illegal or doing something that you think can get you sued, please consult an attorney - do not call me!

InfoSec Warrior

This talk really started out as a spoof. I was talking about team challenges and using the Hasbro GI Joes to make talking points.

Everything referred to ‘Yo Joe’ and ‘name dropped Duke, Scarlet, and SnakeEyes.

Everyone on our team loved it, I hope that you do too!

Special Operations Forces

What we imagine …

What is reality …

Special Operations Forces

• Physically Special Operations forces are well conditioned. There are no lazy SF team members.

• Mentally the belief within this community is that you either have it or you don’t.

• There is no ‘luck’ to selection.• What happens when we apply this to the

InfoSec Community?

Recruiting

• As Information Security Professionals we are highly sought after.

• You must always be of the mindset that you are always recruiting.

Recruiting

• The ideal candidate does not need to be university trained, but … they need to bring depth to the team.• What talent do they have that I don’t already have on my

team?

• “You must always be of the mindset that you are always recruiting.”

Recruiting

• Recruiting takes real effort! You must anticipate your needs. A good architect should help with this.

• Recruiting requires understanding people; motives, wants, desires, and identifying character flaws.

Team Building

• Getting the right team; We all want to be on a ‘Dream Team’, but people get in the way.

• Strong Leadership is required at all levels of the security team. Leadership at the smallest items really matter.

Team Building

• Define the Roles• Eliminate Overlap• Require Transparency• Improve Processes• Fill the Gap• Remove Obstacles• Think outside of the Box• Accept the Adaptability Requirement

Training

• IT IS THIS SIMPLE: You fight like you train!

• Those who ‘wing-it’ will repeat the same task several times; hopefully they will get it right eventually.

Training

• Take Training Seriously• If your organization does

not want to fund/train security staff expect poor results and continued poor behavior.

Crisis Management

• You Fight Like You Train!• When things go to hell in a

hand basket, how will your team respond?

• Do you actually expect your team to pass with flying colors? Are you being realistic with your expectations?

Crisis Management

• Mr Murphy will allows appear when he is least expected.

• Your success at Crisis Management is dependent on on your recruiting, team building, and training.

• Were you prepared?

Sheepdogging (Mentoring)

• People are classified as two groups, even within a pack:• Sheepdogs; those who

watch over those who may run into trouble

• Sheep; everyone else• Let’s face it, if you work in

InfoSec you run a high risk of getting fired.

Sheepdogging (Mentoring)

• As a professional, you have a responsibility to mentor.

• Ideally, your ‘mentee’ should be better than you in every respect. If you hoard knowledge, if your ‘mentee’ cannot surpass your technical skills, if your ‘mentee’ cannot out perform you .. then you have failed.

Winning

• Winning is a state of mind!

• Winners will always find a way to achieve success, regardless of the situation.

• Honorable winners can do this with class.

Winning

• Not all wins are pretty, wins can be ugly

• Winning may very well be just surviving. • ie. Changing business landscapes may make your

business attractive for merger & acquisition.

Future Talk?

• If you liked this talk, let me know.

• I am considering talking about operationalizing F3AD for InfoSec needs. Possibly adding in “Cyber-Kill Chain” to the presentation. Purple Teaming would also be addressed.

Contact & Shameless Plug

•@fatherofmaddog •@bsidescolumbus

Columbus BSides Conference

Monday, January 19th, 2015

~150 people showed up this year

expecting ~180 in 2015