“Dear Lesley, I’ve been in a MSSP Security Operations Center (SOC) for a few months as my first cybersecurity job. The work is monotonous, I have access to only a few SIEM tools, and most of what I do is handle repetitive tickets for a ton of customers all by myself on awkward shifts. I… Read More Ask Lesley: How Much Should SOC Work Suck?
Be sure and check out (and subscribe to) all of the episodes of the excellent Brakeing Down Security podcasts! Thank you for having me as a guest, Brian and Michael!
Topic of the Day:
The Incident Response Process, – Program, Plan, Policy, Process, Playbooks, and roles.… Read More Lesley on Brakeing Down Incident Response Podcast – All About Playbooks
Our personal financial identities are exposed, and we’re mad. A sick, visceral, exhausted anger that hits us in the pit of our stomachs and makes us feel powerless. People are understandably furious about the Equifax breach- to a degree that makes it tough to have a rational discussion about what happened. Unfortunately for information security… Read More Whose Fault Is It? (A brief discussion on misconceptions about Equifax)
Much like open offices and outsourcing in business, information security is subject to trends. One you probably saw in your vendor spam folder over the past couple of years is phishing awareness exercises. The premise sounds simple – phish your employees before the bad guys do, monitor how they respond, and react accordingly. In reality,… Read More Phishing Exercises, without the “Ish”
. I tweeted these out of frustration quite some time ago and I’ve since been repeatedly asked for a blog post condensing and elaborating on them. So, without further ado, here are Lesley’s Rules of SOC, in their unabridged form.… Read More Lesley’s Rules of SOC