Welcome to my website.
This project is something that developed out of my need to organise my resources and have a structure when it comes to providing services as a Cyber Security Analyst.There are frameworks and assessment tools, policies, strategies and a whole list of other things that you need to be aware and know how these work together and the purpose they serve.In the various roles I've worked, I have used playbooks, runbooks, how-to guides and written quite a few of each. It takes times and patience to write something that can be picked up by a new member of the team and run with it.
Cyber Security Incidents
The majority of the incidents I've investigated and participated could be categorised under 3 areas:
- Malicious intent
- Bypass security controls to achieve work task
The realisation most of the times while going through lessons learned exercises, was that this could have been prevented with Security awareness training.
The surprising truth is that regardless of all the frameworks, tools and processes, it always comes down to how well people are trained when it comes to Cyber Security and how engaged are in protecting the company by practising basic security hygiene.