cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ericgeater
Community Champion

Grokking it... versus "fake it 'till you make it"

I guess most of my posts apply to the philosophy of IT.  Maybe I'm just climbing up mountains, looking for the gurus who can explain the best ways to mountain-climb.

 

First, some introductory questions: Are you surrounded by teams with ample work history and expertise, or do you work alone and google everything that crosses your desk?  Do you have good partnerships with vendors?  Are you surrounded by professional associations?  Or are you simply godlike in your phenomenal IT powers?

 

Next: Sometimes I feel that I treat my IT discipline like when I look for my car keys.  The moment they're found (or the current problem is solved), the pursuit ends.  There are times when I think more looking should be done, but how do you assign time to that with an already-burgeoning workload?  How do you tackle issues which require more articulation than you're trained to convey?

 

Thanks!

--
"A claim is as good as its veracity."
7 Replies
rslade
Influencer II

> ericgeater (Contributor I) posted a new topic in Tech Talk on 11-11-2019 11:24

>   First, some introductory questions: Are you surrounded by
> teams with ample work history and expertise, or do you work alone and google
> everything that crosses your desk?

OK, first off, I remember an article from some year back, where someone noted
that *everyone* these days thinks they work in high tech. We can't all be in high
tech, of course, so he proposed a distinction mechanism. If your mother
understands what you do, you *don't* work in high tech. Not only has my mother
*never* understood what I do, but most of my bosses haven't either. So, no, I
don't work surrounded by teams: *they* don't understand what I do, either, fairly
often.

As for Google, I mostly used it to check spelling. Generally Google doesn't
provide the depth that I need, either.

>  Do you have good partnerships with vendors? 

Bwahahahahahahahahahahahahahahahahaha!!!!!

Thanks. I needed a good laugh.

Vendors usually get *very* nervous if they know I'm around.

> Are you surrounded by professional associations?

No. I have *tried* to help ISC2. I've tried for many years to help ISC2, but they
seem to ... well, less said the better, about that.

I was president of our local group for far too long during the worst time in its
history, and still help out with a variety of things.

>  Or are you simply godlike in
> your phenomenal IT powers?

Hmmmm.

>   Next: Sometimes I feel that I treat my IT
> discipline like when I look for my car keys.  The moment they're found (or the
> current problem is solved), the pursuit ends.  There are times when I think more
> looking should be done, but how do you assign time to that with an
> already-burgeoning workload?  How do you tackle issues which require more
> articulation than you're trained to convey?

Life-long learning. Constantly. About everything. Security is the field where
pretty much everything you learn, about anything, can be useful ...

======================
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
"If you do buy a computer, don't turn it on." - Richards' 2nd Law
"Robert Slade's Guide to Computer Viruses" 0-387-94663-2
"Viruses Revealed" 0-07-213090-3
"Software Forensics" 0-07-142804-6
"Dictionary of Information Security" Syngress 1-59749-115-2
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs: [Base URL]mnbksccd.htm
PC Security: [Base URL]mnvrrvsc.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
http://en.wikipedia.org/wiki/Robert_Slade
https://is.gd/RotlWB http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
dcontesti
Community Champion


@ericgeater wrote:

I guess most of my posts apply to the philosophy of IT.  Maybe I'm just climbing up mountains, looking for the gurus who can explain the best ways to mountain-climb.

 

First, some introductory questions: Are you surrounded by teams with ample work history and expertise, or do you work alone and google everything that crosses your desk?  Do you have good partnerships with vendors?  Are you surrounded by professional associations?  Or are you simply godlike in your phenomenal IT powers?

 

Next: Sometimes I feel that I treat my IT discipline like when I look for my car keys.  The moment they're found (or the current problem is solved), the pursuit ends.  There are times when I think more looking should be done, but how do you assign time to that with an already-burgeoning workload?  How do you tackle issues which require more articulation than you're trained to convey?

 

Thanks!


Eric,

 

I would like to think I am godlike with phenomenal IT powers, but we both know that is not realistic.

 

I personally like to surround myself with people who are smarter than me (the folks that can make firewalls, IPS's, etc stand on their ears and do magical things), but I have others that google everything (and happily say "google is my friend".

 

Having good relationships with vendors is also a healthy thing but then this too can come back and bite one as vendors sometimes think you are locked in to them and you won't look at other products, so I recommend a healthy relationship but at arms length.

 

As to professional organizations, I recommend that folks become members of various organizations (not just Security related, but also organizations that may support their industry).  This allows you to build an external network that you can leverage and look for answers to issues/problems you may encounter (for Security, i recommend ISSA, (ISC)2, CIPS (I am canadian)).  I personally also follow AISI and AIS Tech.

 

As to items that need more eyeballing, I tend to go with my gut feeling on these and in the pass have set aside time for staff to follow up on things (it is a learning experience for them and sometimes, you uncover nuggets of wisdom).

 

To answer your last question, fill your circle (internal or external) with people with similar but different experience and knowledge.  You can always learn from these people and they from you.

 

Regards

 

d

 

Steve-Wilme
Advocate II

I'd suggest it's more about having a community of practice that extends beyond the organisation you're working in.  This could include user groups, vendor personnel, consultants at other organisations, people you've met at conferences, member of professional bodies or their special interest groups and so forth.  So if you build that network of connections, essentially you don't have to fake it, you just use your contacts to get the answer or at least something that leads to an answer.  

 

But of course given OEM manuals are on line these days using a search engine to find information is valid.

 

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
CISOScott
Community Champion


@ericgeater wrote:

I guess most of my posts apply to the philosophy of IT.  Maybe I'm just climbing up mountains, looking for the gurus who can explain the best ways to mountain-climb.

   

 

Next: Sometimes I feel that I treat my IT discipline like when I look for my car keys.  The moment they're found (or the current problem is solved), the pursuit ends.  There are times when I think more looking should be done, but how do you assign time to that with an already-burgeoning workload?  How do you tackle issues which require more articulation than you're trained to convey?

 

Thanks!


The mountain climbing guru, sitting high atop his mountain perch, was asked by the intrepid young learner "Guru, How do I get better at mountain climbing?". The guru replied "Come back and see me tomorrow." Each day the intrepid young learner climbed the mountain, asked the same question and received the same response. After the 365th day in a row the young learner, exasperated by now, finally said: "Some guru you are! You just keep telling me to come back tomorrow, but then you never give me the secrets to becoming a better mountain climber. Today is the last day I will ask you the question!" To which the guru replied "Come back and see me tomorrow." This infuriated the young man and he replied " Come back and see you tomorrow? I've been coming to see you for a year and the only thing that has happened is I've gotten faster at getting up here to you and then you tell me the same thing!  I've even found 2 new ways up the mountain that you probably don't even know about. I've asked YOU, the GURU, how to get better at mountain climbing and you provided me nothing! I can even get down the mountain faster now that I have been doing it for over a year. Thanks for nothing!"  The old guru smiled and said "Since you have mastered this mountain then you should be good to go to climb whatever mountain you wish to climb. If you still feel you are not ready, then come see me tomorrow."

 

1) First, some introductory questions: Are you surrounded by teams with ample work history and expertise, or do you work alone and google everything that crosses your desk?  No. I had to beg, borrow, and steal to build my team up from zero employees to the current level of 3. I have Googled but I have also self taught a lot of the stuff I know. Then I taught it to others.

 

2) Do you have good partnerships with vendors? I cultivate good relationships with vendors. Since I have worked mainly in governmental settings I am limited by the yearly budget dance. If the vendors understand that, then we have good relationships, if they don't then we don't have a relationship.

 

3) Are you surrounded by professional associations? Not surrounded by them. I have kids so a lot of my social time outside of work is taken up so I do not have a lot of time to devote to them so I help out when and where I can. This board being one avenue.

 

4) Or are you simply godlike in your phenomenal IT powers? Well some have definitely accused me of this. I am constantly learning. Taking a Master's degree program has given me some key insights in how to become a better leader, instead of just a manager. I do know a lot because I LOVE I.T. (information technology). As a kid I immersed myself in to it and was "godlike" in my school. I had teachers asking me how to do things they were teaching. I was deterred in my journey for awhile and then got back into it and don't feel like I have worked a day since I returned to the profession. While I am very good, I still don't know it all and have to Google from time to time, but I know how to piece what I know with new research to find a solution to a problems.

 

5)  but how do you assign time to that with an already-burgeoning workload? If you do not carve out time, it does not get done. See if you can delegate some duties out, automate some duties, reprioritize them, or get some staff to help temporarily ease the burden. Can you get an intern to come get experience? Do you have anyone that shows interest in learning security? Can you find any underutilized staff?

 

6) How do you tackle issues which require more articulation than you're trained to convey? Admit that you need to bring in the right person OR go find the right person and learn as much as you can and do the best you can at it. Also it is a good sign if you know when you need to stop and bring in the experts. If you have never done forensics and you have an incident that requires it be done right, now is not the time to be Abby on NCIS:Miami (or one of those TV shows) and go poking around and ruining the evidence. The key thing would be to stress that in order to be able to perform the task correctly you need someone specially trained in X (whether that be forensics, incident triage, malware eradication, ransomeware, etc.) in order to be able to perform the duty without spoiling the desired results.

ericgeater
Community Champion

I think this is what I'm missing.  A community.  The town I'm in doesn't have a group of IS/IT professionals which gather at the water cooler.  And I only have a senior analyst who doesn't like to mire himself in hardware or policy to bounce ideas off of.

 

Maybe I need to form a local ISC2 or ISSA chapter.

--
"A claim is as good as its veracity."
mgorman
Contributor II

Thanx for asking the questions.  I think in today's day and age, a lot of Googling goes on.  That said, there is always time for deeper learning, you just have to be selective about what you want or need to learn, and when. An important part about the Googling is to understand why you are doing it.  If you are doing it on a completely new topic, that is probably an issue.  If you are looking to find the real definition of today's buzzword from Sales, and can quickly place into the existing structure of your knowledge and experience, it isn't.

 

I moved into this field a few years ago full time.  I worked in related fields, planning, architecture, etc. but nothing with the full breadth of security, privacy, and compliance for a tech startup.  I set aside time to learn whatever the topic I am interested in.  There is a huge amount of computer based training available for free or cheap, and those courses can give you a good look around the subject, to help you determine if you want or need to go deeper.  I am surrounded by excellent people, though not in the security domain.  I work to help them be more secure, and they help me to understand new and better ways of doing it.  I often put things on a shelf after I find the keys, but I place a marker somewhere.  If in 3 weeks, or 3 months, it seems important for me to know more, I take that learning seriously.  So many things pass by so quickly, I don't have time to deep learn them all.

rslade
Influencer II

> ericgeater (Contributor I) posted a new reply in Tech Talk on 11-13-2019 09:28

> I think this is what I'm missing.  A community.

It takes a village to raise a security maven ...

>   Maybe I need to form a local ISC2 or ISSA chapter.

Go for it ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
If the number 666 is evil, is 25.8069758 the root of all evil?
- https://twitter.com/#!/dragosr/status/168270085159534592
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468