27th November 2024

How Did I Get Here?

No idea. Today I took notes on, and made recommendations from, a cyber incident exercise my boss and I were facilitating for a fairly large financial services company. What do they actually do? No idea. I’m not a finance guy. They faciliate or manage or approve or something, financial payments for people, maybe other businesses? Dunno.

image.png

Would it have been good if I actually knew what they did? Probably. But at the end of the day all I actually needed to do was follow what they did throughout this fictional cyber incident (that I came up with), makes notes of who did what and when, and help identify areas for improvement in their incident management process.

Basically, did they have methods of identifying and recognising dodgy activity, what kinda response and containment actions did they do, what methods did they use to try and recover, and whats the craic with identifying lessons learnt and doing a ‘post-mortem’ (don’t really like that terminology, makes it sound like everything dies no matter what the security incident was).

Anyway my question to myself was:

“How did I get here?”

army joke.jpg

I spent 5-and-a-bit years in the Army - Royal Corps of Signals. Sounds fancy. Bits of it were. Most of it was boring.

We were promised international travel, Gucci equipment, amazing civvie qualifications. . . .

We got to sweep garages. We got to sit in a freezing field in Otterburn at 3am waiting for a fake enemy that doesn’t show up because the people bods ‘playing’ the enemy fell asleep instead of starting the attack (they got beasted by the Officer in Command) . . . you get the idea.

HOWEVER. I did learn quite a bit about sysadmin stuff, a bit of VM deployment, a bit of networking, a bit of project management and leadership, and a fair bit of standing up for myself. (I’m an introvert by nature, so this was tough).

Most importantly, I learned tekkie vocaulary.

This is how I got a job as an ISO27001 certification auditor. . . . by reading a really boring ISO standard over and over and over and bullshitting my way through an interview.