Last week, I organized Peerlyst SF Bay Area Cybersecurity Meetup. It was an interesting event for many reasons. Here are my top 5 takeaways from the event.
1. Good guys are really passionate about fighting the bad guys.
Good and bad has probably been part of life from the beginning of time. We have all heard stories about how cybercriminals have started collaborating and sharing infrastructure to take advantage of vulnerabilities. Although it should be easier for the good guys (and I use the term “guys” loosely here because I know that there are a lot of gals who want to fight the battle – Peerlyst founder Limor being one example) to collaborate it doesn’t really happen as much as it should. We probably expect other good people to come to us rather than trying to make the first move.
When I attend these cybersecurity Meetups, I sense that lot of good guys are really passionate about protecting our digital way of life. What we need more is, for us to come together and make it difficult for the bad guys.
2. Community-based cybersecurity approach needs more community support.
During the session, Ray Anderson passionately described how his open source Real-Time Integrated Defense Network (RIDEN) will help fight cybersecurity attacks. In my previous experience, I have also seen other open source initiatives such as NMAP, Wireshark, Google GRR, SNORT etc. to take on the challenge. These are really good community-based initiatives and it’s in our interest to grow them to protect our digital way of life.
The broken windows theory explains that (https://en.wikipedia.org/wiki/Broken_windows_theory) when good citizens don’t come together it encourages bad behavior. Conversely, an ordered and clean environment, one that is maintained, sends the signal that the area is monitored and that criminal behavior is not tolerated. We need to send clear signals that unruly behavior isn’t tolerated. Are we ready for that?
3. Threat intelligence is plenty, need ways to apply it across organization’s security infrastructure.
The second speaker for the Meetup, Mr. Shimon Modi talked about how the threat intelligence is everywhere but why that can be problematic to organizations. The intelligence feeds on their own are useless, unless organizations can make things happen (read prevent cybersecurity attacks) using them.
His key points were
1. Use cyber threat intelligence to support all cybersecurity and risk management processes
2. Start by operationalizing internally and then expand into external exchange
3. Join a sharing community and start connecting with peers
You can view his entire presentation at How to use CTI effectively.
4. Cybersecurity user community needs to share more with each other.
I participate in various cybersecurity Meetups or forums. But considering how cybersecurity is affecting our digital lives I feel more needs to happen on the community front. Here is a link to the presentation we had about RIDEN at our Peerlyst SF Bay Area Cybersecurity Meetup. RIDEN can help you protect your web servers FREE of cost. You can learn how it does that by going through the presentation at R&B – RIDEN presentation to Peerlyst Meetup.
5. Not everyone who registers for the Meetup will turn up.
Now this one is on the lighter note. Earlier I have organized other volunteer events but this was my first Meetup as an organizer in the Bay Area. Approximately 35 attendees registered but about 18-20 turned up. I have observed similar attendance patterns in other Meetups as well. If you an organizer then don’t worry too much about it. Try to have a more meaningful information exchange rather than trying to have the biggest Meetup. Bigger is not necessarily better. If you are an attendee don’t bother about the size of the Meetup. Attend whatever you can as per your convenience and try to make most of it by having more meaningful conversations and networking.
Peerlyst is trying to build a community where information security professionals can team up for protecting our digital way of life. It’s writ large that Meetups like these only help us understand the domain and how we can get better together.
So, if you are a cybersecurity professional here is my request, get off the couch and go attend some Meetup as per your convenience. The cybersecurity world needs more collaboration.