Indianapolis, CircleCityCon ’15 – June 12-14 – J0hnnyXm4s, an InfoSec maven and connector,discusses the specifics behind building up skills and social inventory necessary to effectively get an entry-level InfoSec role even though you may not have all of the requirements. This three part seminar will provide the tools to enable a successful job search.Interested attendees should sign up at: https://circlecitycon.com/tickets Continue reading
Three years ago I performed a penetration test of a transportation company in the Midwest. Save for a few low-severity vulnerabilities, Company X had a well-managed public-facing network infrastructure. Satisfied with the status of their network security, I turned my attention to the human network.
Searching for Company X on sites like Twitter, Facebook, and LinkedIn, I discovered employee names and corporate activities that were not shared on its website. As the search continued, Company X’s culture, processes, and lexicon emerged from the social dialogue.
Within three hours I was able to collect identifying information on key employees including birth dates, employment and educational history, and hobbies. These data points were cross-referenced with other resources on the Internet to profile Company X’s community involvement activities.
Dan Pallotta of Pallota Teamworks authored an interesting HBR blog post outlining five actions that Apple CEO Tim Cook should take following his appearance before Congress. Pallota’s article outlines five actionable steps to achieving something to which Tim Cook, and many information security teams, aspire – connection with their customers. Continue reading