CyberWire Daily - Superhero origin stories and lessons that last. [Career Notes]
Episode Date: June 21, 2020Dean of Research, Johannes Ullrich, relays his experiences from studying the hard sciences to his career shift to cybersecurity. Basic principles, superhero origin stories, physics labs and radiation ...all figure in. And there’s a lot in common with network security best practices. Have a listen to what Johannes has learned and what he hopes to impart on his students. Our thanks to Johannes for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K. and VPNs, yet breaches continue to rise by an 18% year-over-year increase in ransomware attacks
and a $75 million record payout in 2024. These traditional security tools expand your attack
surface with public-facing IPs that are exploited by bad actors more easily than ever with AI tools.
It's time to rethink your security. Thank you. Hi, my name is Johannes Ulrich, and I'm the Dean of Research at the SANS Technology Institute.
My first sort of exposure to ideas of security and networking, that was really in the old bulletin board times. And back then I was actually still living in Germany, going to college.
There was a video tech system I was playing around with.
My main job or college major at the time was still physics.
main job or college major at the time was still physics and I really sort of didn't decide to sort of make this my main profession until well after I graduated from graduate school.
After I finished college, I first started to work for a while as a physicist. Now, again, still sort of being
involved with computers on the sidelines. And I was jokingly sort of described my transition
to cybersecurity as sort of the typical superhero origin story. And like all origin stories,
there has to be a physics lab and radiation involved with that.
The reason I liked physics in the first place is that I have an awful memory.
And I was always bad in chemistry, remembering all these formulas and such.
In physics, what I liked is you have these very basic principles.
You don't have to remember a lot.
It's really more about how do you derive the actual observation
from these first principles.
And I think good network security goes a long way along the same route.
I think the wrong, the opposite approach is to essentially learn tools.
Tools change. Every year someone comes out with another
new and shiny tools or learn about specific attacks.
Over the years in information security, I've seen the same attacks
being discovered over and over again, but it's really still the same thing.
And it's a lot easier to do information security
if you stick with these first principles.
I think one great thing about information security is that you get involved in all kinds of different industries.
in all kinds of different industries.
And when you start to learn what these systems need,
what these industries need,
what their specific vulnerabilities are,
and really helping people understand how to secure their business from illegitimate access.
If you're thinking about switching careers, I would suggest really get
started with the basics. Have a good understanding of computers, software, and networks, how they
work. Don't specialize too early. Yes, there's a lot of fancy pen testing that you can do,
and people seem to really like that. But understand that doing the same pen test over and over and finding the same vulnerabilities
over and over may not really be all that interesting in the long run.
So really stay flexible and try not to specialize too early.
My main job these days is teaching, teaching people how to secure their systems and at the same time also learning what they need to know to secure their systems.
My favorite part of my job right now is really sort of finding
out how what I'm teaching people helps them in their day job and how they are able to apply it.
So, for example, last year I was teaching a class and in our network security class, we are going
back to the nitty-gritty bits and bytes, like as the first principles, really,
how do networks work? And one student in class really didn't understand that and pushed back a
lot. No, why do I have to learn all this math? Why do I have to learn hex? And a couple months later,
he sort of sent me the email back and saying, hey, I'm sorry, I just dealt with an incident,
and every single thing you were teaching me in the class, I actually got to apply.
So really seeing how what you're teaching impacts students.
That's always very rewarding.
Well, I hope people will remember the things I taught them and they will find it helpful.
And I think that's particularly difficult in this industry that changes so fast.
So I really hope that things I'm teaching people today will last.
These lessons will last and will not just help them to get their job done like this week and tomorrow,
but really that years from now they say, hey, you know that class I took way back then?
Yes, he exactly told me about this problem and see, it still applies. Thank you. a cybersecurity solution trusted by businesses worldwide. ThreatLocker is a full suite of solutions designed to give you total control,
stopping unauthorized applications, securing sensitive data,
and ensuring your organization runs smoothly and securely.
Visit ThreatLocker.com today to see how a default-deny approach
can keep your company safe and compliant.