You Can't Lift-And-Shift Humans To The Cloud | A Training And Staffing Conversation With Niles Pyelshak, Ryen Macababbad, And Kacy Zurkus | RSAC 365
11/16/20 • 33 min
Get ready for another journey! This time we're going into The Cloud; pack some open mind and perspective, as the environment is busy, constantly changing, and diverse skills, backgrounds, and culture are needed.
Presumably, many folks—when they think of "the cloud"—immediately think about technology; something along the lines of "my computer is somebody else's computer." We often forget that humans are building the cloud, running in the cloud, using and supporting it. Each cloud is a bit—or a lot—different. It is—or should be—built to operate in support of its specific business, bringing with it everything it needs to allow it to run and be successful. It must be usable by the teams that run it and secure it. But that’s not always the case.
With a widening gap for skilled cybersecurity talent—that now must also operate in the cloud environment—what we're really missing in the industry is the means to look at non-traditional talent. We must get creative in picking the pools where to find this talent and get creative with looking for sources of people that can fill the roles we have open.
We must remove the blinders that the InfoSec industry has been wearing for far too long. By doing so, we will open up to opportunities for the many talented, passionate, technology-loving, and continuously-learning, to join the industry. These are the kind of people we want in our organizations because they're always going to go after learning something new—and that's what we need most in this fast-paced cloud environment.
When you listen to this episode, you'll quickly realize that you may be able to lift-and-shift some of you on-premises technologies to the cloud—but that this model doesn't suit the humans making it all work.
A few things need to change as fast as the cloud. The way in which we educate, train, and prepare the existing and future workforce is possibly one of the most important to address.
Listen up as we present to you the upcoming RSA Conference 365 Virtual Series.
The first one of many.
Guest(s)
Niles Pyelshak, Service Delivery Manager, Cisco
Ryen Macababbad, Senior Security Architect Manager, Microsoft (@Ryen_Mac on Twitter)
Kacy Zurkus, Content Strategist at RSA Conference (@KSZ714 on Twitter)
Resources
Learn more and register for the RSAC 365 November Seminar: https://itspm.ag/35rZGSe
Microsoft Software and Systems Academy: https://military.microsoft.com/programs/microsoft-software-systems-academy/
DoD Skillsbridge: https://dodskillbridge.usalearning.gov/
Empow(H)er Cybersecurity: https://www.empowhercybersecurity.org/
This Episode’s Sponsors:
ReversingLabs: itspm.ag/itsprvslweb
To see and hear more event coverage content on ITSPmagazine, visit:
https://www.itspmagazine.com/itspmagazine-event-coverage
Are you interested in sponsoring our event coverage or another ITSPmagazine Channel?
https://www.itspmagazine.com/podcast-series-sponsorships
Get ready for another journey! This time we're going into The Cloud; pack some open mind and perspective, as the environment is busy, constantly changing, and diverse skills, backgrounds, and culture are needed.
Presumably, many folks—when they think of "the cloud"—immediately think about technology; something along the lines of "my computer is somebody else's computer." We often forget that humans are building the cloud, running in the cloud, using and supporting it. Each cloud is a bit—or a lot—different. It is—or should be—built to operate in support of its specific business, bringing with it everything it needs to allow it to run and be successful. It must be usable by the teams that run it and secure it. But that’s not always the case.
With a widening gap for skilled cybersecurity talent—that now must also operate in the cloud environment—what we're really missing in the industry is the means to look at non-traditional talent. We must get creative in picking the pools where to find this talent and get creative with looking for sources of people that can fill the roles we have open.
We must remove the blinders that the InfoSec industry has been wearing for far too long. By doing so, we will open up to opportunities for the many talented, passionate, technology-loving, and continuously-learning, to join the industry. These are the kind of people we want in our organizations because they're always going to go after learning something new—and that's what we need most in this fast-paced cloud environment.
When you listen to this episode, you'll quickly realize that you may be able to lift-and-shift some of you on-premises technologies to the cloud—but that this model doesn't suit the humans making it all work.
A few things need to change as fast as the cloud. The way in which we educate, train, and prepare the existing and future workforce is possibly one of the most important to address.
Listen up as we present to you the upcoming RSA Conference 365 Virtual Series.
The first one of many.
Guest(s)
Niles Pyelshak, Service Delivery Manager, Cisco
Ryen Macababbad, Senior Security Architect Manager, Microsoft (@Ryen_Mac on Twitter)
Kacy Zurkus, Content Strategist at RSA Conference (@KSZ714 on Twitter)
Resources
Learn more and register for the RSAC 365 November Seminar: https://itspm.ag/35rZGSe
Microsoft Software and Systems Academy: https://military.microsoft.com/programs/microsoft-software-systems-academy/
DoD Skillsbridge: https://dodskillbridge.usalearning.gov/
Empow(H)er Cybersecurity: https://www.empowhercybersecurity.org/
This Episode’s Sponsors:
ReversingLabs: itspm.ag/itsprvslweb
To see and hear more event coverage content on ITSPmagazine, visit:
https://www.itspmagazine.com/itspmagazine-event-coverage
Are you interested in sponsoring our event coverage or another ITSPmagazine Channel?
https://www.itspmagazine.com/podcast-series-sponsorships
Previous Episode
Day In The Life Of A Cyber Threat Intelligence Analyst | A Conversation With Remi Cohen, Charity Wright, And Jason Passwaters
If you wish to learn about The Cyber Threat Intelligence (CTI) Analyst role, you should join us on this podcast. CTI is a fascinating profession that requires knowledge of technology, psychology, and methodology—and a lot of curiosity.
Learn more about this role, how to become one—if you wish—and what's involved to succeed.
A big part of the role of cyber threat intelligence analyst is to know the adversary well enough to look ahead and try to predict what actions they might take; this includes knowing the threat actors' history and their habits and tendencies are. Depending on the type of organization you are working with and the sector in which they operate, you're going to have different threat profiles to deal with.
To make the challenges even more interesting, as with most things connected to technology, very little stays the same for long; our society is not static, and our cyber society, even less.
Of course, with that, threats, their actors, and the technology they use for nefarious intents mutate and evolve rapidly. The only way to have a winning chance is to do just the same. Think like the adversary and try to be, always, a few steps ahead.
While the methodology hasn't really changed much—we are dealing with humans after all—early on, the CTI had very few professional tools available for threat analysis. That has changed significantly. Now we have some fantastic technology—including machine learning and artificial intelligence—all of which help analysts do a much better job.
The problem is that the kind of threats nowadays are not only evolving but also presenting themselves in entirely new shapes, and CTI analysts are now forced to deal with things they've never covered before; for example, disinformation campaigns and influence operations.
The Cyber Threat Intelligence Analyst is a fascinating and exciting profession that requires knowledge of technology, psychology, and methodology—and a lot of curiosity and problem-solving attitude to go with it.
Take a listen to this episode to take a deeper dive with us to learn more about this role, how to become one—if you wish—and what's involved to succeed.
Guest(s)
Remi Cohen, Senior Threat Intelligence Engineer, F5 (@S0meGirlR3m on Twitter)
Charity Wright, Expert Cyber Threat Intelligence Analyst, Insikt Group, Recorded Future (@CharityW4CTI on Twitter)
Jason Passwaters, Co-founder / COO, Intel 471 (@jase_passwaters on Twitter)
This Episode’s Sponsors:
Bugcrowd: https://itspm.ag/itspbgcweb
Devo: https://itspm.ag/itspdvweb
To see and hear more The Academy content on ITSPmagazine, visit:
https://www.itspmagazine.com/the-academy
Are you interested in sponsoring an ITSPmagazine Channel?
https://www.itspmagazine.com/podcast-series-sponsorships
Next Episode
No Hollywood Ending Here | A Doomsday Cybersecurity Conversation With Marcus J. Ranum
We've had enough conversations about the relationship between technology, cybersecurity, and technology to know that people have different expectations, hopes, and visions. Some utopian, some dystopian, and some are Marcus J. Ranum.
We met Marcus J. Ranum a few years ago during an ISSA Los Angeles Summit, where we had an inspiring and thought-provoking conversation about the idea of needing the equivalent of a Geneva Convention for cybersecurity. Given the many twists and turns the conversation had, it was at that point that we knew Marcus had a different perspective on cyber life, as many other professionals do.
Jump ahead a few years to our partnership with ISSA International to bring to life the Official ISSA International Podcast to ITSPmagazine, and we find ourselves with the opportunity to have an extended Luminaries Series chat with Marcus—this time looking at things through the lens of our Redefining Security channel. We take a look at the past, where Marcus was instrumental in bringing to life the first information security firewalls, and from there, we leaped into the present and the future. Buckle up, because it is not a pleasant stroll in the park, and it got pretty dark, very quickly.
In 1976, when Marcus "got into computing," the deployment of systems involved running a wire to a terminal, plugging it in, and enabling the operating system. And, when we say "enabling the operating system" we mean actually building a kernel for your system that you were going to run it on, configuring the hardware, and configuring the device drivers that you needed in the operating system for the hardware that you were going to run everything on.
"We didn't have all these gigantic driver frameworks as we do nowadays. Everything was kind of low and slow, and lean and mean… it had to be because there wasn't infinite amounts of memory nor infinite amounts of processing power. And that had a direct effect on the way security evolved." —Marcus J. Ranum
Fast forward 40+ years—where have we landed—where are we headed?
As you will hear, Marcus has a very dark view of the future of security; a future that involves software engineers, hardware engineers, increased complexity, ongoing abstraction, and an overall lack of comprehension of how things work. This story may be ripe for the picking for a Hollywood flick to hit your favorite streaming service. However, it may not be the traditional Hollywood ending that you might expect.
Come on, join us for this journey. It's one you won't want to miss being part of.
Is there hope for the future of technology and humanity?
Maybe. Maybe not.
Guest(s)
Marcus J. Ranum
Resources
Book: The Myth of Homeland Security by Marcus Ranum: https://www.amazon.com/Myth-Homeland-Security-Marcus-Ranum/dp/0471458791
Book: Huawei and Snowden Questions: https://openlibra.com/en/book/the-huawei-and-snowden-questions
This Episode’s Sponsors:
Nintex: https://itspm.ag/itspntweb
Imperva: https://itspm.ag/imperva277117988
To see and hear more Redefining Security content on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-security
Are you interested in sponsoring an ITSPmagazine Channel?
https://www.itspmagazine.com/podcast-series-sponsorships
If you like this episode you’ll love
Episode Comments
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/itspmagazine-podcasts-3754/you-cant-lift-and-shift-humans-to-the-cloud-a-training-and-staffing-co-9891138"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to you can't lift-and-shift humans to the cloud | a training and staffing conversation with niles pyelshak, ryen macababbad, and kacy zurkus | rsac 365 on goodpods" style="width: 225px" /> </a>
Copy