Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Internet Storm Center - Internet Security | DShield Internet Storm Center


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Latest Diaries

Applied Lessons Learned

Published: 2016-05-28
Last Updated: 2016-05-28 12:44:48 UTC
by Russell Eubanks (Version: 1)
0 comment(s)

What were those tough lessons learned that you will never forget and more importantly vowed to never repeat again? Especially those of you who have been in information security for many years and perhaps a member of several different teams. Consider yourself encouraged to remember those "from now on I will Always and I will Never again” lessons that were learned at your $OldJob.  
 
I remember all to well when I decided to perform a network scan from a new laptop. I was so eager to use the new equipment that I failed to record the MAC and IP address of this shiny new device. I tested it out and everything seemed to be great - until the next morning when an enormous amount of scan traffic was detected inside a sensitive network. Our teams went into full incident response mode in an effort to determine what happened. After learning “who did it”, the team was gracious in its response to me and none of us made that mistake again. 
 
To get you motivated for action, the following are a few ideas to consider.
 
1 - Never settle for “we have always done it that way”. Assume nothing by asking lots of questions, such as “When was the last time we compared the GPO to the written security policy”?
 
2 - Share regularly within your trusted communities in a way that does not put your organization at risk, but demonstrates you are still learning and remain willing to contribute. Don’t think that you need to share all of the gory details to make a difference with this approach. In fact, you will be much better off by leaving those out entirely. 
 
3 - Behave like the Fresh New Guy/Gal (FNG) regularly, especially if has been a very long time since you have served in that role.
 
By leaning into this approach, you can not only get wisdom as cheaply as you can but also and also help make our world a better place. What lessons are you actively trying to avoid learning over and over again?
 
Please share them in our comments section below.
 
Russell Eubanks
Keywords: Lessons Learned
0 comment(s)

If you have more information or corrections regarding our diary, please share.

Recent Diaries

Keeping an Eye on Tor Traffic
3 days ago by Xme (3 comments)

VMWare Security Advisories
3 days ago by Rick (0 comments)

Stop Using "internal" Top Level Domain Names
4 days ago by Dr. J. (3 comments)

Technical Report about the RUAG attack
4 days ago by Rick (4 comments)

The strange case of WinZip MRU Registry key
6 days ago by Pasquale Stirparo (2 comments)

View All Diaries →

Latest Discussions

Google serving up malicious websites in Ads
created 4 days ago by Anonymous (0 replies)

HTTP(S) from DMZ to internal network
created 1 week ago by Anonymous (0 replies)

ERP software security issues
created 3 weeks ago by AMAS (1 reply)

infocon.txt issue
created 3 weeks ago by Nelson (2 replies)

Issue wit RSS Feed?
created 1 month ago by Matt M. (1 reply)

View All Forums →

Latest News

View All News →

Top Diaries

Critical Cisco ASA IKEv1/v2 Vulnerability. Active Scanning Detected
3 months ago by Dr. J. (24 comments)

Microsoft Patch Tuesday Summary for May 2016
2 weeks ago by Alex Stanford (5 comments)

CVE-2015-7547: Critical Vulnerability in glibc getaddrinfo
3 months ago by Dr. J. (9 comments)

Neutrino exploit kit sends Cerber ransomware
3 weeks ago by Brad (5 comments)

March 2016 Microsoft Patch Tuesday
2 months ago by Alex Stanford (22 comments)