SlideShare una empresa de Scribd logo

Spy vs Spy: Protecting Secrets

Descargar como PPTX, PDF
Michael Scheidell
Michael Scheidell

Presented to NAF Students, May 14th, 2014. Outline career path in Information Security

EmpleoTecnologíaEmpresariales
1 de 20
Spy vs Spy: Protecting Secrets A Career in Information Security is a Career in Protecting Secrets Michael Scheidell, CCISO, Security Privateers http://slidesha.re/T00Kq7
Information Techology: Road to the Future Hardware Management . Software • Computer Research • Info Systems Managers • Hardware Engineers • Computer Programmers • Support Specialists • Systems Analysts • Data Base Administrator • Web Developers • Network Architechs World Wide Jobs Example text
Chief Information Security Officer • MIS Degree • Internship • ISACA CSX Cert • Security Engineer • CISSP, CRISK • Sr. Security Architech • MBA Degree • VP/Dir of IT Security • CCISO Cert Like Working with People? Look into Management
 Started doing database programming  Moved into Real time/Control Systems  1994, helped Government adjust to ‘the net’  Invented and Patented Security Appliance  Traveled to Costa Rica, Panama, Jamaica, Canada  Got to play with Trains (Risk Assessment, DHS contract)  Invited to speak at security conferences, including Cairo  Trained FBI agents, worked with Secret Service  On TV and quoted by Sun Sentinel  Get paid to break into banks! Michael Scheidell Chief Information Security Officer
Programming • Web Applications • E-Commerce Systems • Mobile Applications Hardware Engineer • Computer Science • Firewalls • IDS/IPS/Patents Security Architect • Design company’s network • Security is top priority • Privacy matters Your own footer Your Logo Bits and Bytes Your thing?
Top 10 jobs in Information Security 1. Information Security Crime / Forensics Expert 2. Web Application/ Penetration Testing 3. Forensic Analyst 4. Incident Responder 5. Security Architect 6. Malware Analyst 7. Network Security Engineer 8. Security Analyst 9. Computer Crime Investigator 10. Chief Information Security Officer/CISO/ISO/VP
Information Security Crime Investigator  Investigation of computer crimes  Driven by Curiosity  Expert witness testimony in court  Consulting firms, PwC, IBM  Private Eye, Law Enforcement: FBI, Secret Service  Knowledge of Pen Testing, Computer Forensics, Reverse Engineering  BS:CS, MS:LE, 3+ years, CEH, CPT  22% Growth, $50K to 100K (gvmt or private)
Web Application / Penetration Testing  Computer Games: Red Team, Black Team  Get paid to break into Banks  Part of an IT Audit or Assessment Team  Opportunity for Travel  Consulting firms, PwC, IBM  Direct Hire for Business or Government  Stepping stone to IT Auditor  BS/4+ years experience, CEH, CISSP  Growth 15%, $55-88K a year
Forensic Analyst  Information Systems Analyst  Network Security Engineer  Computer Forensics Consultant/Engineer  Programming, Reverse Engineering  Experience in Malware, APT, Windows, Linux  Works with Law Enforcement  MS/6+ years experience, CEH, CISSP  $50K to 100K, Mgmt $200K
Incident Responder  Prep for Forensic Analyst/ Investigator/ Manager  On the Firing line  Work in real time to stop and document attacks  Knowledge of Networking, Firewalls  Experience in Malware, APT, Windows, Linux  BS/3+  $65k to 83K
Security Architect  Prep for Forensic Analyst/ Investigator/ Manager  On the Firing line  Work in real time to stop and document attacks  Knowledge of Networking, Firewalls  Experience in Malware, APT, Windows, Linux  BS/3+, Certs: CEH, CompTia Network, CPT, CISSP  $55K to 90K
Malware Analyst  Examine, identify, and understand viruses, worms, Trojans, bots, rootkits  Knowledge of reverse engineering and software development  Programming, C, Perl, PHP, assembler.  Experience in Malware, APT, Windows, Linux  Government, Business, AV companies  BS/3+, Certs: CEH, CPT, CISSP  $50 to 100K
Network Security Engineer  Work with Security Architect  Build, monitor and maintain secure network  Knowledge of TCP/IP  Understand IDS/Firewalls/DMZ/VPN’s  Understand test and analysis tools (sniffers, snort)  Some Programming or scripting (C, Perl, Java)  BS/3+, Certs: CISSP, CCNA/CCIE  $DOE: $70K to 130K (Sr, 5+years, MS Degree)
Security Analyst  Planning and implementing security measures  Stay up to date with latest intelligence  Anticipate Security Breaches  Prevent loss and service interruptions  Perform Risk Assessments  Install Firewalls, Data Encryption  Security Awareness Training  MS/5+, CISSP, CISM, CISA, CRISK  $80K Average to $125K, 22% Job Growth
Computer Crime Investigator  Recovery of hidden, encrypted or deleted files  Investigates computer crime, fraud and hacking  Gather evidence  Reconstruct damaged computer systems  Testify in court  Train Law enforcement on computer related issues  MS/4+, CISSP, CEH, CPT  $50K to $100K (or more for consultants)  22% Growth
Chief Information Security Officer/CISO  Top Dog in Information Security  Knows Everything  forensics, pen testing, auditing, incident response, web app testing, programming, accounting, business  Speaking, Training, Mentoring  Works with CEO/CIO/CTO/CFO/COO  Only works half days (7am to 7pm)  <10ys $125 to 150K, > 10yrs $180K to 225K  Fortune 100 companies, could be in millions  MIS degree, MBA Degree  Certs: CISSP, CCISO, CISM, CISA, CRISK
Education:  NAF: Academy of Information Technology (AOIT)  Nova Southeast University  Florida International University  Florida Atlantic University  Master of Science in Management Information Systems (MMIS)  Master of Science in Information Systems (MSIS) with security focus  Master of Business Administration (MBA)  CISO: Chief Information Security Officer
Certifications:  ISACA: Cybersecurity Fundamentals  Students and Interns  EC-Council: Certified Ethical Hacker (CEH)  (ISC)2: Certified Information Systems Security Professional (CISSP)  4 years professional experience + degree or 5 years  Associate for Students without the required experience  ISACA: Certified Information Security Manager (CISM)  EC-Council: Certified Chief Information Security Officer (CCISO)
Self Study  Free Trials, Amazon/Microsoft Azure  Boot and Install Linux/FreeBSD  Put a server together with VMWare/Zen  Install and Learn Nessus, Snort, Wireshark  Practice penetration testing, detection, patching  Attend local meetings  Information Systems Security Association (ISSA)  Information Systems Audit and Control Association (ISACA)  International Information System Security Certification Consortium(ISC)2

Recomendados

Slides to the online event "Creating an effective cybersecurity strategy" by ...
Slides to the online event "Creating an effective cybersecurity strategy" by ...Slides to the online event "Creating an effective cybersecurity strategy" by ...
Slides to the online event "Creating an effective cybersecurity strategy" by ...
Berezha Security Group
 
Cyber security training course ppt
Cyber security training course pptCyber security training course ppt
Cyber security training course ppt
RajshekarShivanagutt
 
A Career in Cybersecurity
A Career in CybersecurityA Career in Cybersecurity
A Career in Cybersecurity
lfh663
 
Wapt course detail
Wapt course detailWapt course detail
Wapt course detail
hackersguru
 
How to become a Cybersecurity Engineer? | Cybersecurity Salary | Cybersecurit...
How to become a Cybersecurity Engineer? | Cybersecurity Salary | Cybersecurit...How to become a Cybersecurity Engineer? | Cybersecurity Salary | Cybersecurit...
How to become a Cybersecurity Engineer? | Cybersecurity Salary | Cybersecurit...
Edureka!
 
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
Edureka!
 
Skills For Career In Security
Skills For Career In SecuritySkills For Career In Security
Skills For Career In Security
Prasanna V
 
Learn intrusion detection: Using Zeek and Elastic for incident response
Learn intrusion detection: Using Zeek and Elastic for incident responseLearn intrusion detection: Using Zeek and Elastic for incident response
Learn intrusion detection: Using Zeek and Elastic for incident response
Infosec
 

Recomendados

Slides to the online event "Creating an effective cybersecurity strategy" by ...
Slides to the online event "Creating an effective cybersecurity strategy" by ...Slides to the online event "Creating an effective cybersecurity strategy" by ...
Slides to the online event "Creating an effective cybersecurity strategy" by ...
Berezha Security Group
 
Cyber security training course ppt
Cyber security training course pptCyber security training course ppt
Cyber security training course ppt
RajshekarShivanagutt
 
A Career in Cybersecurity
A Career in CybersecurityA Career in Cybersecurity
A Career in Cybersecurity
lfh663
 
Wapt course detail
Wapt course detailWapt course detail
Wapt course detail
hackersguru
 
How to become a Cybersecurity Engineer? | Cybersecurity Salary | Cybersecurit...
How to become a Cybersecurity Engineer? | Cybersecurity Salary | Cybersecurit...How to become a Cybersecurity Engineer? | Cybersecurity Salary | Cybersecurit...
How to become a Cybersecurity Engineer? | Cybersecurity Salary | Cybersecurit...
Edureka!
 
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
Edureka!
 
Skills For Career In Security
Skills For Career In SecuritySkills For Career In Security
Skills For Career In Security
Prasanna V
 
Learn intrusion detection: Using Zeek and Elastic for incident response
Learn intrusion detection: Using Zeek and Elastic for incident responseLearn intrusion detection: Using Zeek and Elastic for incident response
Learn intrusion detection: Using Zeek and Elastic for incident response
Infosec
 
The importance of Cybersecurity
The importance of CybersecurityThe importance of Cybersecurity
The importance of Cybersecurity
Benoit Callebaut
 
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
Shawn Tuma
 
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptxNtxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
North Texas Chapter of the ISSA
 
Top 10 Reasons to Learn Cybersecurity | Why Cybersecurity is Important | Edureka
Top 10 Reasons to Learn Cybersecurity | Why Cybersecurity is Important | EdurekaTop 10 Reasons to Learn Cybersecurity | Why Cybersecurity is Important | Edureka
Top 10 Reasons to Learn Cybersecurity | Why Cybersecurity is Important | Edureka
Edureka!
 
Cybersecurity Career Information by Next Gen Cyber
Cybersecurity Career Information by Next Gen CyberCybersecurity Career Information by Next Gen Cyber
Cybersecurity Career Information by Next Gen Cyber
William McBorrough
 
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaComputer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
Edureka!
 
Cyber Ethics: Cyber Security Services | VAPT and WAPT
Cyber Ethics: Cyber Security Services | VAPT and WAPT Cyber Ethics: Cyber Security Services | VAPT and WAPT
Cyber Ethics: Cyber Security Services | VAPT and WAPT
SaeelRelekar
 
Deception Technology: Use Cases & Implementation Approaches
Deception Technology: Use Cases & Implementation Approaches Deception Technology: Use Cases & Implementation Approaches
Deception Technology: Use Cases & Implementation Approaches
Priyanka Aash
 
Proven cybersecurity tips to protect your business
Proven cybersecurity tips to protect your businessProven cybersecurity tips to protect your business
Proven cybersecurity tips to protect your business
AnkitaKale12
 
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Edureka!
 
CISSO Certification| CISSO Training | CISSO
CISSO Certification| CISSO Training | CISSOCISSO Certification| CISSO Training | CISSO
CISSO Certification| CISSO Training | CISSO
SagarNegi10
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
Krutarth Vasavada
 
Malcolm Boston Resume
Malcolm Boston ResumeMalcolm Boston Resume
Malcolm Boston Resume
Malcolm Boston
 
CHFI Certification
CHFI CertificationCHFI Certification
CHFI Certification
SagarNegi10
 
How to ethical hacking? The complete ethical hacking certification course beg...
How to ethical hacking? The complete ethical hacking certification course beg...How to ethical hacking? The complete ethical hacking certification course beg...
How to ethical hacking? The complete ethical hacking certification course beg...
Firojali Laskar
 
Cyber Security Best Practices
Cyber Security Best PracticesCyber Security Best Practices
Cyber Security Best Practices
Evolve IP
 
CompTIA Security+ Certification | Sec+
CompTIA Security+ Certification | Sec+ CompTIA Security+ Certification | Sec+
CompTIA Security+ Certification | Sec+
SagarNegi10
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
Jen Ruhman
 
Mobile security services 2012
Mobile security services 2012Mobile security services 2012
Mobile security services 2012
Tjylen Veselyj
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your Company
Veriato
 
Proprietary Information
Proprietary InformationProprietary Information
Proprietary Information
hypknight
 
Spec Ops Service Overview
Spec Ops Service OverviewSpec Ops Service Overview
Spec Ops Service Overview
Spec Ops Service
 

Más contenido relacionado

La actualidad más candente

Mobile security services 2012
Mobile security services 2012Mobile security services 2012
Mobile security services 2012
Tjylen Veselyj
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your Company
Veriato
 

La actualidad más candente (20)

The importance of Cybersecurity
The importance of CybersecurityThe importance of Cybersecurity
The importance of Cybersecurity
 
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
 
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptxNtxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
 
Top 10 Reasons to Learn Cybersecurity | Why Cybersecurity is Important | Edureka
Top 10 Reasons to Learn Cybersecurity | Why Cybersecurity is Important | EdurekaTop 10 Reasons to Learn Cybersecurity | Why Cybersecurity is Important | Edureka
Top 10 Reasons to Learn Cybersecurity | Why Cybersecurity is Important | Edureka
 
Cybersecurity Career Information by Next Gen Cyber
Cybersecurity Career Information by Next Gen CyberCybersecurity Career Information by Next Gen Cyber
Cybersecurity Career Information by Next Gen Cyber
 
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaComputer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
 
Cyber Ethics: Cyber Security Services | VAPT and WAPT
Cyber Ethics: Cyber Security Services | VAPT and WAPT Cyber Ethics: Cyber Security Services | VAPT and WAPT
Cyber Ethics: Cyber Security Services | VAPT and WAPT
 
Deception Technology: Use Cases & Implementation Approaches
Deception Technology: Use Cases & Implementation Approaches Deception Technology: Use Cases & Implementation Approaches
Deception Technology: Use Cases & Implementation Approaches
 
Proven cybersecurity tips to protect your business
Proven cybersecurity tips to protect your businessProven cybersecurity tips to protect your business
Proven cybersecurity tips to protect your business
 
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
 
CISSO Certification| CISSO Training | CISSO
CISSO Certification| CISSO Training | CISSOCISSO Certification| CISSO Training | CISSO
CISSO Certification| CISSO Training | CISSO
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 
Malcolm Boston Resume
Malcolm Boston ResumeMalcolm Boston Resume
Malcolm Boston Resume
 
CHFI Certification
CHFI CertificationCHFI Certification
CHFI Certification
 
How to ethical hacking? The complete ethical hacking certification course beg...
How to ethical hacking? The complete ethical hacking certification course beg...How to ethical hacking? The complete ethical hacking certification course beg...
How to ethical hacking? The complete ethical hacking certification course beg...
 
Cyber Security Best Practices
Cyber Security Best PracticesCyber Security Best Practices
Cyber Security Best Practices
 
CompTIA Security+ Certification | Sec+
CompTIA Security+ Certification | Sec+ CompTIA Security+ Certification | Sec+
CompTIA Security+ Certification | Sec+
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
 
Mobile security services 2012
Mobile security services 2012Mobile security services 2012
Mobile security services 2012
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your Company
 

Destacado

Proprietary Information
Proprietary InformationProprietary Information
Proprietary Information
hypknight
 
Spec Ops Service Overview
Spec Ops Service OverviewSpec Ops Service Overview
Spec Ops Service Overview
Spec Ops Service
 
Executive Protection Focus - D&O and EPLI - Private Company
Executive Protection Focus - D&O and EPLI - Private CompanyExecutive Protection Focus - D&O and EPLI - Private Company
Executive Protection Focus - D&O and EPLI - Private Company
Chris Moody
 
Open Options Evolutionary Trends
Open Options Evolutionary TrendsOpen Options Evolutionary Trends
Open Options Evolutionary Trends
hypknight
 
AOC Threat Assessment
AOC Threat Assessment AOC Threat Assessment
AOC Threat Assessment
Fabian Zhilla
 
God's Bride
God's BrideGod's Bride
God's Bride
Bee Ling
 

Destacado (16)

Proprietary Information
Proprietary InformationProprietary Information
Proprietary Information
 
Spec Ops Service Overview
Spec Ops Service OverviewSpec Ops Service Overview
Spec Ops Service Overview
 
Executive Protection Focus - D&O and EPLI - Private Company
Executive Protection Focus - D&O and EPLI - Private CompanyExecutive Protection Focus - D&O and EPLI - Private Company
Executive Protection Focus - D&O and EPLI - Private Company
 
Open Options Evolutionary Trends
Open Options Evolutionary TrendsOpen Options Evolutionary Trends
Open Options Evolutionary Trends
 
THREAT ASSESSMENT IN SCHOOLS
THREAT ASSESSMENT IN SCHOOLSTHREAT ASSESSMENT IN SCHOOLS
THREAT ASSESSMENT IN SCHOOLS
 
AOC Threat Assessment
AOC Threat Assessment AOC Threat Assessment
AOC Threat Assessment
 
God's Bride
God's BrideGod's Bride
God's Bride
 
Study security-abroad
Study security-abroadStudy security-abroad
Study security-abroad
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligence
 
Pacific Bulletproof Threat Assessment Powerpoint
Pacific Bulletproof Threat Assessment PowerpointPacific Bulletproof Threat Assessment Powerpoint
Pacific Bulletproof Threat Assessment Powerpoint
 
AS Solution Capabilities Brief 2017
AS Solution Capabilities Brief 2017AS Solution Capabilities Brief 2017
AS Solution Capabilities Brief 2017
 
OPSEC / PERSEC
OPSEC / PERSECOPSEC / PERSEC
OPSEC / PERSEC
 
Threat Assessment: The New Normal
Threat Assessment: The New NormalThreat Assessment: The New Normal
Threat Assessment: The New Normal
 
International Executive Protection Services | Protective Security
International Executive Protection Services | Protective SecurityInternational Executive Protection Services | Protective Security
International Executive Protection Services | Protective Security
 
Disaster Planning Local state-federal roles and responsibilities
Disaster Planning Local state-federal roles and responsibilities Disaster Planning Local state-federal roles and responsibilities
Disaster Planning Local state-federal roles and responsibilities
 
Security of important peoples
Security of important peoplesSecurity of important peoples
Security of important peoples
 

Similar a Spy vs Spy: Protecting Secrets

Dhishant -Latest Resume
Dhishant -Latest ResumeDhishant -Latest Resume
Dhishant -Latest Resume
Dhishant Abrol
 
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
James Perry, Jr.
 
How to Become a Cyber Security Analyst in 2021..
How to Become a Cyber Security Analyst in 2021..How to Become a Cyber Security Analyst in 2021..
How to Become a Cyber Security Analyst in 2021..
Sprintzeal
 

Similar a Spy vs Spy: Protecting Secrets (20)

Sherry d bailey resume
Sherry d bailey resumeSherry d bailey resume
Sherry d bailey resume
 
S bailey resume
S bailey resumeS bailey resume
S bailey resume
 
CEH
CEHCEH
CEH
 
B Hkorba
B HkorbaB Hkorba
B Hkorba
 
Information Security Career Day Presentation
Information Security Career Day PresentationInformation Security Career Day Presentation
Information Security Career Day Presentation
 
APT &amp; What we can do TODAY
APT &amp; What we can do TODAYAPT &amp; What we can do TODAY
APT &amp; What we can do TODAY
 
Mohammed Alghenaim CV
Mohammed Alghenaim CVMohammed Alghenaim CV
Mohammed Alghenaim CV
 
Strengthening Caribbean Business against Cyber Attacks May 18.pdf
Strengthening Caribbean Business against Cyber Attacks May 18.pdfStrengthening Caribbean Business against Cyber Attacks May 18.pdf
Strengthening Caribbean Business against Cyber Attacks May 18.pdf
 
Dhishant -Latest Resume
Dhishant -Latest ResumeDhishant -Latest Resume
Dhishant -Latest Resume
 
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
 
Cybersecurity - Jim Butterworth
Cybersecurity - Jim ButterworthCybersecurity - Jim Butterworth
Cybersecurity - Jim Butterworth
 
Integrating Physical And Logical Security
Integrating Physical And Logical SecurityIntegrating Physical And Logical Security
Integrating Physical And Logical Security
 
Brian m cv
Brian m cvBrian m cv
Brian m cv
 
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
 
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENTUNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
 
Cisco Managed Security
Cisco Managed SecurityCisco Managed Security
Cisco Managed Security
 
Main Menu
Main MenuMain Menu
Main Menu
 
Cobit 2
Cobit 2Cobit 2
Cobit 2
 
Brochure of ICSS
Brochure of ICSS Brochure of ICSS
Brochure of ICSS
 
How to Become a Cyber Security Analyst in 2021..
How to Become a Cyber Security Analyst in 2021..How to Become a Cyber Security Analyst in 2021..
How to Become a Cyber Security Analyst in 2021..
 

Más de Michael Scheidell

Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...
Michael Scheidell
 

Más de Michael Scheidell (6)

Not IF, but WHEN
Not IF, but WHENNot IF, but WHEN
Not IF, but WHEN
 
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...
 
Risky Business
Risky BusinessRisky Business
Risky Business
 
Running with Scissors: Balance between business and InfoSec needs
Running with Scissors: Balance between business and InfoSec needsRunning with Scissors: Balance between business and InfoSec needs
Running with Scissors: Balance between business and InfoSec needs
 
Bring Your Own Policy: Internet Use/BYOD Policy by consensus
Bring Your Own Policy: Internet Use/BYOD Policy by consensus Bring Your Own Policy: Internet Use/BYOD Policy by consensus
Bring Your Own Policy: Internet Use/BYOD Policy by consensus
 
Governance and Security in Cloud and Mobile Apps
Governance and Security in Cloud and Mobile AppsGovernance and Security in Cloud and Mobile Apps
Governance and Security in Cloud and Mobile Apps
 

Último

Top profile Call Girls In Hubli [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Hubli [ 7014168258 ] Call Me For Genuine Models We ...Top profile Call Girls In Hubli [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Hubli [ 7014168258 ] Call Me For Genuine Models We ...
gajnagarg
 
Top profile Call Girls In Varanasi [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Varanasi [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Varanasi [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Varanasi [ 7014168258 ] Call Me For Genuine Models ...
gajnagarg
 
<DUBAI>Abortion pills IN UAE {{+971561686603*^Mifepristone & Misoprostol in D...
<DUBAI>Abortion pills IN UAE {{+971561686603*^Mifepristone & Misoprostol in D...<DUBAI>Abortion pills IN UAE {{+971561686603*^Mifepristone & Misoprostol in D...
<DUBAI>Abortion pills IN UAE {{+971561686603*^Mifepristone & Misoprostol in D...
gynedubai
 
Top profile Call Girls In daman [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In daman [ 7014168258 ] Call Me For Genuine Models We ...Top profile Call Girls In daman [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In daman [ 7014168258 ] Call Me For Genuine Models We ...
gajnagarg
 
Maninagar ^ best call girls in Ahmedabad ₹7.5k Pick Up & Drop With Cash Payme...
Maninagar ^ best call girls in Ahmedabad ₹7.5k Pick Up & Drop With Cash Payme...Maninagar ^ best call girls in Ahmedabad ₹7.5k Pick Up & Drop With Cash Payme...
Maninagar ^ best call girls in Ahmedabad ₹7.5k Pick Up & Drop With Cash Payme...
gragchanchal546
 
Top profile Call Girls In Shillong [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Shillong [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Shillong [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Shillong [ 7014168258 ] Call Me For Genuine Models ...
gajnagarg
 
Girls in Aiims Metro (delhi) call me [🔝9953056974🔝] escort service 24X7
Girls in Aiims Metro (delhi) call me [🔝9953056974🔝] escort service 24X7Girls in Aiims Metro (delhi) call me [🔝9953056974🔝] escort service 24X7
Girls in Aiims Metro (delhi) call me [🔝9953056974🔝] escort service 24X7
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Top profile Call Girls In godhra [ 7014168258 ] Call Me For Genuine Models We...
Top profile Call Girls In godhra [ 7014168258 ] Call Me For Genuine Models We...Top profile Call Girls In godhra [ 7014168258 ] Call Me For Genuine Models We...
Top profile Call Girls In godhra [ 7014168258 ] Call Me For Genuine Models We...
gajnagarg
 
怎样办理哥伦比亚大学毕业证(Columbia毕业证书)成绩单学校原版复制
怎样办理哥伦比亚大学毕业证(Columbia毕业证书)成绩单学校原版复制怎样办理哥伦比亚大学毕业证(Columbia毕业证书)成绩单学校原版复制
怎样办理哥伦比亚大学毕业证(Columbia毕业证书)成绩单学校原版复制
yynod
 
Call Girl In Gwalior Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top Class C...
Call Girl In Gwalior Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top Class C...Call Girl In Gwalior Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top Class C...
Call Girl In Gwalior Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top Class C...
vershagrag
 
Low Cost Coimbatore Call Girls Service 👉📞 6378878445 👉📞 Just📲 Call Ruhi Call ...
Low Cost Coimbatore Call Girls Service 👉📞 6378878445 👉📞 Just📲 Call Ruhi Call ...Low Cost Coimbatore Call Girls Service 👉📞 6378878445 👉📞 Just📲 Call Ruhi Call ...
Low Cost Coimbatore Call Girls Service 👉📞 6378878445 👉📞 Just📲 Call Ruhi Call ...
vershagrag
 
obat aborsi pacitan wa 081336238223 jual obat aborsi cytotec asli di pacitan0...
obat aborsi pacitan wa 081336238223 jual obat aborsi cytotec asli di pacitan0...obat aborsi pacitan wa 081336238223 jual obat aborsi cytotec asli di pacitan0...
obat aborsi pacitan wa 081336238223 jual obat aborsi cytotec asli di pacitan0...
yulianti213969
 
Dating Call Girls inTiruvallur { 9332606886 } VVIP NISHA Call Girls Near 5 St...
Dating Call Girls inTiruvallur { 9332606886 } VVIP NISHA Call Girls Near 5 St...Dating Call Girls inTiruvallur { 9332606886 } VVIP NISHA Call Girls Near 5 St...
Dating Call Girls inTiruvallur { 9332606886 } VVIP NISHA Call Girls Near 5 St...
ruksarkahn825
 
Top profile Call Girls In bhubaneswar [ 7014168258 ] Call Me For Genuine Mode...
Top profile Call Girls In bhubaneswar [ 7014168258 ] Call Me For Genuine Mode...Top profile Call Girls In bhubaneswar [ 7014168258 ] Call Me For Genuine Mode...
Top profile Call Girls In bhubaneswar [ 7014168258 ] Call Me For Genuine Mode...
gajnagarg
 
Gabriel_Carter_EXPOLRATIONpp.pptx........
Gabriel_Carter_EXPOLRATIONpp.pptx........Gabriel_Carter_EXPOLRATIONpp.pptx........
Gabriel_Carter_EXPOLRATIONpp.pptx........
deejay178
 

Último (20)

Top profile Call Girls In Hubli [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Hubli [ 7014168258 ] Call Me For Genuine Models We ...Top profile Call Girls In Hubli [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Hubli [ 7014168258 ] Call Me For Genuine Models We ...
 
Top profile Call Girls In Varanasi [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Varanasi [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Varanasi [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Varanasi [ 7014168258 ] Call Me For Genuine Models ...
 
Personal Brand Exploration ppt.- Ronnie Jones
Personal Brand Exploration ppt.- Ronnie JonesPersonal Brand Exploration ppt.- Ronnie Jones
Personal Brand Exploration ppt.- Ronnie Jones
 
B.tech Civil Engineering Major Project by Deepak Kumar ppt.pdf
B.tech Civil Engineering Major Project by Deepak Kumar ppt.pdfB.tech Civil Engineering Major Project by Deepak Kumar ppt.pdf
B.tech Civil Engineering Major Project by Deepak Kumar ppt.pdf
 
<DUBAI>Abortion pills IN UAE {{+971561686603*^Mifepristone & Misoprostol in D...
<DUBAI>Abortion pills IN UAE {{+971561686603*^Mifepristone & Misoprostol in D...<DUBAI>Abortion pills IN UAE {{+971561686603*^Mifepristone & Misoprostol in D...
<DUBAI>Abortion pills IN UAE {{+971561686603*^Mifepristone & Misoprostol in D...
 
Top profile Call Girls In daman [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In daman [ 7014168258 ] Call Me For Genuine Models We ...Top profile Call Girls In daman [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In daman [ 7014168258 ] Call Me For Genuine Models We ...
 
Guide to a Winning Interview May 2024 for MCWN
Guide to a Winning Interview May 2024 for MCWNGuide to a Winning Interview May 2024 for MCWN
Guide to a Winning Interview May 2024 for MCWN
 
Maninagar ^ best call girls in Ahmedabad ₹7.5k Pick Up & Drop With Cash Payme...
Maninagar ^ best call girls in Ahmedabad ₹7.5k Pick Up & Drop With Cash Payme...Maninagar ^ best call girls in Ahmedabad ₹7.5k Pick Up & Drop With Cash Payme...
Maninagar ^ best call girls in Ahmedabad ₹7.5k Pick Up & Drop With Cash Payme...
 
Top profile Call Girls In Shillong [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Shillong [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Shillong [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Shillong [ 7014168258 ] Call Me For Genuine Models ...
 
Girls in Aiims Metro (delhi) call me [🔝9953056974🔝] escort service 24X7
Girls in Aiims Metro (delhi) call me [🔝9953056974🔝] escort service 24X7Girls in Aiims Metro (delhi) call me [🔝9953056974🔝] escort service 24X7
Girls in Aiims Metro (delhi) call me [🔝9953056974🔝] escort service 24X7
 
Top profile Call Girls In godhra [ 7014168258 ] Call Me For Genuine Models We...
Top profile Call Girls In godhra [ 7014168258 ] Call Me For Genuine Models We...Top profile Call Girls In godhra [ 7014168258 ] Call Me For Genuine Models We...
Top profile Call Girls In godhra [ 7014168258 ] Call Me For Genuine Models We...
 
怎样办理哥伦比亚大学毕业证(Columbia毕业证书)成绩单学校原版复制
怎样办理哥伦比亚大学毕业证(Columbia毕业证书)成绩单学校原版复制怎样办理哥伦比亚大学毕业证(Columbia毕业证书)成绩单学校原版复制
怎样办理哥伦比亚大学毕业证(Columbia毕业证书)成绩单学校原版复制
 
Call Girl In Gwalior Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top Class C...
Call Girl In Gwalior Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top Class C...Call Girl In Gwalior Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top Class C...
Call Girl In Gwalior Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top Class C...
 
Low Cost Coimbatore Call Girls Service 👉📞 6378878445 👉📞 Just📲 Call Ruhi Call ...
Low Cost Coimbatore Call Girls Service 👉📞 6378878445 👉📞 Just📲 Call Ruhi Call ...Low Cost Coimbatore Call Girls Service 👉📞 6378878445 👉📞 Just📲 Call Ruhi Call ...
Low Cost Coimbatore Call Girls Service 👉📞 6378878445 👉📞 Just📲 Call Ruhi Call ...
 
DMER-AYUSH-MIMS-Staff-Nurse-_Selection-List-04-05-2024.pdf
DMER-AYUSH-MIMS-Staff-Nurse-_Selection-List-04-05-2024.pdfDMER-AYUSH-MIMS-Staff-Nurse-_Selection-List-04-05-2024.pdf
DMER-AYUSH-MIMS-Staff-Nurse-_Selection-List-04-05-2024.pdf
 
obat aborsi pacitan wa 081336238223 jual obat aborsi cytotec asli di pacitan0...
obat aborsi pacitan wa 081336238223 jual obat aborsi cytotec asli di pacitan0...obat aborsi pacitan wa 081336238223 jual obat aborsi cytotec asli di pacitan0...
obat aborsi pacitan wa 081336238223 jual obat aborsi cytotec asli di pacitan0...
 
Vip Malegaon Escorts Service Girl ^ 9332606886, WhatsApp Anytime Malegaon
Vip Malegaon Escorts Service Girl ^ 9332606886, WhatsApp Anytime MalegaonVip Malegaon Escorts Service Girl ^ 9332606886, WhatsApp Anytime Malegaon
Vip Malegaon Escorts Service Girl ^ 9332606886, WhatsApp Anytime Malegaon
 
Dating Call Girls inTiruvallur { 9332606886 } VVIP NISHA Call Girls Near 5 St...
Dating Call Girls inTiruvallur { 9332606886 } VVIP NISHA Call Girls Near 5 St...Dating Call Girls inTiruvallur { 9332606886 } VVIP NISHA Call Girls Near 5 St...
Dating Call Girls inTiruvallur { 9332606886 } VVIP NISHA Call Girls Near 5 St...
 
Top profile Call Girls In bhubaneswar [ 7014168258 ] Call Me For Genuine Mode...
Top profile Call Girls In bhubaneswar [ 7014168258 ] Call Me For Genuine Mode...Top profile Call Girls In bhubaneswar [ 7014168258 ] Call Me For Genuine Mode...
Top profile Call Girls In bhubaneswar [ 7014168258 ] Call Me For Genuine Mode...
 
Gabriel_Carter_EXPOLRATIONpp.pptx........
Gabriel_Carter_EXPOLRATIONpp.pptx........Gabriel_Carter_EXPOLRATIONpp.pptx........
Gabriel_Carter_EXPOLRATIONpp.pptx........
 

Spy vs Spy: Protecting Secrets

  • 1. Spy vs Spy: Protecting Secrets A Career in Information Security is a Career in Protecting Secrets Michael Scheidell, CCISO, Security Privateers http://slidesha.re/T00Kq7
  • 2. Information Techology: Road to the Future Hardware Management . Software • Computer Research • Info Systems Managers • Hardware Engineers • Computer Programmers • Support Specialists • Systems Analysts • Data Base Administrator • Web Developers • Network Architechs World Wide Jobs Example text
  • 3.
  • 4. Chief Information Security Officer • MIS Degree • Internship • ISACA CSX Cert • Security Engineer • CISSP, CRISK • Sr. Security Architech • MBA Degree • VP/Dir of IT Security • CCISO Cert Like Working with People? Look into Management
  • 5.  Started doing database programming  Moved into Real time/Control Systems  1994, helped Government adjust to ‘the net’  Invented and Patented Security Appliance  Traveled to Costa Rica, Panama, Jamaica, Canada  Got to play with Trains (Risk Assessment, DHS contract)  Invited to speak at security conferences, including Cairo  Trained FBI agents, worked with Secret Service  On TV and quoted by Sun Sentinel  Get paid to break into banks! Michael Scheidell Chief Information Security Officer
  • 6. Programming • Web Applications • E-Commerce Systems • Mobile Applications Hardware Engineer • Computer Science • Firewalls • IDS/IPS/Patents Security Architect • Design company’s network • Security is top priority • Privacy matters Your own footer Your Logo Bits and Bytes Your thing?
  • 7. Top 10 jobs in Information Security 1. Information Security Crime / Forensics Expert 2. Web Application/ Penetration Testing 3. Forensic Analyst 4. Incident Responder 5. Security Architect 6. Malware Analyst 7. Network Security Engineer 8. Security Analyst 9. Computer Crime Investigator 10. Chief Information Security Officer/CISO/ISO/VP
  • 8. Information Security Crime Investigator  Investigation of computer crimes  Driven by Curiosity  Expert witness testimony in court  Consulting firms, PwC, IBM  Private Eye, Law Enforcement: FBI, Secret Service  Knowledge of Pen Testing, Computer Forensics, Reverse Engineering  BS:CS, MS:LE, 3+ years, CEH, CPT  22% Growth, $50K to 100K (gvmt or private)
  • 9. Web Application / Penetration Testing  Computer Games: Red Team, Black Team  Get paid to break into Banks  Part of an IT Audit or Assessment Team  Opportunity for Travel  Consulting firms, PwC, IBM  Direct Hire for Business or Government  Stepping stone to IT Auditor  BS/4+ years experience, CEH, CISSP  Growth 15%, $55-88K a year
  • 10. Forensic Analyst  Information Systems Analyst  Network Security Engineer  Computer Forensics Consultant/Engineer  Programming, Reverse Engineering  Experience in Malware, APT, Windows, Linux  Works with Law Enforcement  MS/6+ years experience, CEH, CISSP  $50K to 100K, Mgmt $200K
  • 11. Incident Responder  Prep for Forensic Analyst/ Investigator/ Manager  On the Firing line  Work in real time to stop and document attacks  Knowledge of Networking, Firewalls  Experience in Malware, APT, Windows, Linux  BS/3+  $65k to 83K
  • 12. Security Architect  Prep for Forensic Analyst/ Investigator/ Manager  On the Firing line  Work in real time to stop and document attacks  Knowledge of Networking, Firewalls  Experience in Malware, APT, Windows, Linux  BS/3+, Certs: CEH, CompTia Network, CPT, CISSP  $55K to 90K
  • 13. Malware Analyst  Examine, identify, and understand viruses, worms, Trojans, bots, rootkits  Knowledge of reverse engineering and software development  Programming, C, Perl, PHP, assembler.  Experience in Malware, APT, Windows, Linux  Government, Business, AV companies  BS/3+, Certs: CEH, CPT, CISSP  $50 to 100K
  • 14. Network Security Engineer  Work with Security Architect  Build, monitor and maintain secure network  Knowledge of TCP/IP  Understand IDS/Firewalls/DMZ/VPN’s  Understand test and analysis tools (sniffers, snort)  Some Programming or scripting (C, Perl, Java)  BS/3+, Certs: CISSP, CCNA/CCIE  $DOE: $70K to 130K (Sr, 5+years, MS Degree)
  • 15. Security Analyst  Planning and implementing security measures  Stay up to date with latest intelligence  Anticipate Security Breaches  Prevent loss and service interruptions  Perform Risk Assessments  Install Firewalls, Data Encryption  Security Awareness Training  MS/5+, CISSP, CISM, CISA, CRISK  $80K Average to $125K, 22% Job Growth
  • 16. Computer Crime Investigator  Recovery of hidden, encrypted or deleted files  Investigates computer crime, fraud and hacking  Gather evidence  Reconstruct damaged computer systems  Testify in court  Train Law enforcement on computer related issues  MS/4+, CISSP, CEH, CPT  $50K to $100K (or more for consultants)  22% Growth
  • 17. Chief Information Security Officer/CISO  Top Dog in Information Security  Knows Everything  forensics, pen testing, auditing, incident response, web app testing, programming, accounting, business  Speaking, Training, Mentoring  Works with CEO/CIO/CTO/CFO/COO  Only works half days (7am to 7pm)  <10ys $125 to 150K, > 10yrs $180K to 225K  Fortune 100 companies, could be in millions  MIS degree, MBA Degree  Certs: CISSP, CCISO, CISM, CISA, CRISK
  • 18. Education:  NAF: Academy of Information Technology (AOIT)  Nova Southeast University  Florida International University  Florida Atlantic University  Master of Science in Management Information Systems (MMIS)  Master of Science in Information Systems (MSIS) with security focus  Master of Business Administration (MBA)  CISO: Chief Information Security Officer
  • 19. Certifications:  ISACA: Cybersecurity Fundamentals  Students and Interns  EC-Council: Certified Ethical Hacker (CEH)  (ISC)2: Certified Information Systems Security Professional (CISSP)  4 years professional experience + degree or 5 years  Associate for Students without the required experience  ISACA: Certified Information Security Manager (CISM)  EC-Council: Certified Chief Information Security Officer (CCISO)
  • 20. Self Study  Free Trials, Amazon/Microsoft Azure  Boot and Install Linux/FreeBSD  Put a server together with VMWare/Zen  Install and Learn Nessus, Snort, Wireshark  Practice penetration testing, detection, patching  Attend local meetings  Information Systems Security Association (ISSA)  Information Systems Audit and Control Association (ISACA)  International Information System Security Certification Consortium(ISC)2