how to be employed at the soc of tomorrow... today
TRANSCRIPT
Ryan Kovar – Staff Security Strategist
Splunk
How to be employed at the SOC of tomorrow… today.
How to be employed in the SOC of tomorrow… Today
• 17 years of cyber security experience
• Worked in US/UK Public Sector and DOD most recently in nation state hunting roles
• Enjoys clicking too fast, long walks in the woods, and data visualization
• Current role on Security Practice team focuses on incident/breach response, threat intelligence, and research
• Currently interested in automating methods to triage data collection for IR analyst review.
• Also investigating why printers are so insubordinate ಠ_ಠ
2
Staff Security Strategist
Minster of the OODAloopers
@meansec
Ryan Kovar: CISSP, MSc(Dist)
How to be employed in the SOC of tomorrow… Today
- Where we come from
- Where are we today
- Changes
- Tomorrow
- Conclusion
Agenda
How to be employed in the SOC of tomorrow… Today
How did we I get here…
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
- 5000+ users
- 20+ servers
- 5732 feet of cat 5
- Way too many printer repairs
System Administrator
How to be employed in the SOC of tomorrow… Today
- Contractor with NCIS/SOCA
- Unix SysAdmin
- Database security
- Baby’s first development
Systems Engineer
How to be employed in the SOC of tomorrow… Today
- Created a SOC/NOC
- Moved into fulltime Security
- Dealt with incident handling and compliance
- So many audits… so many.
- SOX SOX SOX SOX SOX SOX PCI
Security Engineer
How to be employed in the SOC of tomorrow… Today
- 100% nationstate hunting focus
- 2/3 R&D 1/3 analysis
- Much fun.
“Senior Principal” Security Engineer
How to be employed in the SOC of tomorrow… Today
- Research
- Development
- Hunting with customers
- Building things
Staff Security Strategist
How to be employed in the SOC of tomorrow… Today
Where can we go today?
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
But times they are a changing
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
I’m not hear to spread FUD, but…
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
- High Cost of Labor- Small Pool of Workers- Great Need
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
Hypothesis: Cyber Security roles will
greatly shrink in the next 10 years
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How can you prepare for tomorrow… today
How to be employed in the SOC of tomorrow… Today
Learn basic development skills
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
Learn Statistics
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
Learn to communicate
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
Learn to be curious
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
How to be employed in the SOC of tomorrow… Today
Conclusions
How to be employed in the SOC of tomorrow… Today
- Our field is not a special snowflake
- The need for cybersecurity analysts and engineers greatly outstrips available pool of qualified personnel
- Businesses will figure out a way to fill the skill gap… with robots.
Historically good times turn to bad times
How to be employed in the SOC of tomorrow… Today
- You can’t expect to work in this world and not learn how to deal with overwhelming amounts of data
- There is a plethora of free or cheap learning tools
- Volunteering is good for the community and your CV
Professional Development is gooooood
How to be employed in the SOC of tomorrow… Today
Speak better. Write more gooder.