Enjoy this blog from our Find Yourself in the Future guest speaker, Rachael Alagna. Rachael is a Leader of Information Security at Cisco. You can join as Rachael presents on our “Find yourself in the future of cybersecurity” webinar on November 21. Read on for a sneak peek of the day in the life of a Cybersecurity Incident Responder!
Cybersecurity is ever-present in our lives these days; from the minor inconvenience of the service outages they cause, to the never-ending data breaches that result in our personally identifiable information (PII) being stolen from various companies we entrust it to, over and over … and over again.
A few years back, someone even took it upon themselves to file my household’s taxes for us because of some key PII of ours that had been taken in a breach not long before. I can’t even remember which breach it was anymore, I just know that filing our taxes was quite painful that year.
These impacts on our lives and our businesses are why careers in Cybersecurity are growing in popularity and becoming potentially more lucrative, depending on how far you advance in your career.
Is cybersecurity a field for you?
But is cybersecurity a field you’d want to get into?
And what are your interests and skillsets that might be a good fit for Cybersecurity roles?
Let me give you a sneak peek into a day in the life of a cybersecurity incident responder, to give you a feel for what it’s like. Oh, and we’ll throw in some threat-hunting and detection engineering for good measure (our team tends to perform all three roles).
Cyber-life is like a box of chocolates
Like that famous saying from Forrest Gump, the Incident Responder (or IR) “life is like a box of chocolates – you never know what you’re gonna get”, or how your day is going to go. Sometimes you wake up to a dumpster fire and you have to immediately grab a bucket of water. Sometimes, it’s all quiet on the western front. And at other times, it’s minor-to-medium incidents all day long. I was watching a documentary about 911 responders recently, and they talked about how they never ever speak the “q word” out loud – “quiet”. This is exactly how we live in the Cybersecurity IR world as well, we are extremely paranoid about saying anything that might jinx our day.
But wait! We don’t want it to be too quiet, or we’ll get bored. While we love to play the tiny violins for ourselves when things get too crazy, it’s also these times that provide us with a metric ton of invaluable experience. These moments help us to grow our skills, our technical knowledge and improve processes, bringing us closer as a team. Each incident we handle puts us in better shape for the next one that comes around.
Next time, we’ll know which Splunk index and what queries to use quicker than we did previously, when we see that one weird thing. We’ll learn which alerts are super serious and which experts to chase down for each scenario, getting quicker and more organized each time when we jump into action. And most importantly, our “lessons learned” phase of the incident lifecycle then informs us how to implement fixes to any security weaknesses taken advantage of by the attackers to begin with. That way they’ll hit a big wall when they try to get in that way next time.
What personality traits are good in cybersecurity?
Now that you’ve had a sneak peek into the day in the life of a cybersecurity incident responder, you might imagine that this job tends to attract people who love the adrenaline rush of jumping into firefighter mode. While this is definitely true, I must admit that this is the exact opposite of my own personality type. I am a planner. I absolutely despise surprises. I’m not spontaneous. I like to wake up with a plan for my day and then execute on my plan. And yet, somehow I’ve found myself in a career that throws curveballs at me constantly.
So why would someone like me want to do this job? Well, there are plenty of other aspects of the job:
- I really love digging into and analyzing data, and much of this job involves digging deep into logs, events, alerts, etc. to build a timeline of an incident.
- I love the detective work it takes to get to the root of a problem. Troubleshooting was my favorite thing to do before I started working in cybersecurity, and I’ve simply adapted that love to playing detective to figure out how an incident or attack occurred.
- And I’m a major fan of the human aspect of a security incident. For instance, how did this person think they would get away with this without getting caught? How did they get away with it as long as they did without getting caught? What was it that caused this person to fall for this social engineering attack? And as much as I love for my day to go according to plan, even I find the job very interesting when it doesn’t. I even enjoy telling cyber stories to my family and friends, and this job sure gives you some entertaining stories to tell!
Cybersecurity is not all about curveballs and chaos
Now, don’t worry! there are downtimes from the chaos as well. When someone is working on the threat hunting and/or detection engineering side of things, you can really dig into the best ways to separate the true attacks from the daily benign activity, and try to figure out how the bad actors might be trying to get in. Our team tends to switch around between these two roles and incident response. We believe that this approach gives us broader experience and helps build greater perspective for each of these roles.
Try out cybersecurity
Whether it’s for the thrill of the chase, the fascinating detective work, the deep data/event analysis, or the noble cause of trying to make the cyber world a safer place, Cybersecurity Incident Response (and detection and threat hunting!) is worth trying out. And if you’re not a computer genius right now, don’t be intimidated; I’ve worked with people who majored in business (me included), English, Library Science, and those who skipped college altogether and learned the craft in other ways. It took me about 15 years of my career before I dipped my toes into Cybersecurity, and I haven’t looked back since.
Register for this Find Yourself in the Future event
Incident Response of the Network – Navigating Cyber Crises
Thursday | November 21, 2024 | 9:30 am New Delhi
Meet our speaker
Rachael Alagna is now a Leader of Information Security at Cisco. But she reflects that she spent most of her youth in San Jose, California thinking she would become a veterinarian when she grew up. A family doctor threw her off this goal, telling Rachael that vet school is harder than med school and the career more challenging. Rachael decided to attend De Anza College (a community college) for two years to figure out “what now?”. Having always excelled at math and science, Rachael soon decided that a career working in technology would be a good path for her. The dot-com boom was happening and Rachael had found her happy place.
Rachael transferred to UC Riverside and majored in Business Administration with a focus in Management Information Systems. Rachael found Cisco a year later, after working a few contracting jobs. She explains that she had a very winding career path to Cybersecurity and is now a leader in the Cisco Computer Security Incident Response Team. “It was not until this moment that I finally felt like I had really found my path and my people.”
Find yourself in the future
The Find yourself in the future program is your compass to navigating a career path that resonates with your passions. Through our quarterly virtual broadcasts, immerse yourself in the latest technology trends presented by Cisco experts. Discover the industry that ignites your enthusiasm. Join our events, learn the technology, and take the leap towards landing your dream job.
Sign up for Cisco U. | Join the Cisco Learning Network.
Follow Cisco Learning & Certifications
X | Threads | Facebook | LinkedIn | Instagram | YouTube
Use #CiscoU and #CiscoCert to join the conversation.