Cyber Work with Infosec: How to become an incident responder


In this episode of Cyber Work with Infosec, Chris Sienko interviewed Keatron Evans, Infosec instructor, managing consultant at KM Cyber Security, LLC and subject-matter expert. 

Keatron discussed a wide range of issues related to becoming an incident responder (IR), including what piqued his interest in security, whether the milestones he faced still exist today, the day-to-day activities of an IR, what projects or activities should an IR be interested in, what certifications an IR should pursue, and more. 

When did you become interested in computer security?

Keatron became interested in computer security through a series of milestones that progressively unfolded over time. Beginning as a PC technician, he eventually broke into networking and earned the Novell Certified Netware Engineer (CNE) certification and worked mainly on the application and infrastructure side of things. 

Later, at a conference, he learned about a compromised MIT lab and was handed a makeshift whitepaper on how the attack happened. This is the point where he was bitten by the information security bug. He started picking networking jobs that had a security aspect to them and eventually got a job in Wheaton, Illinois. During this time, Keatron brushed shoulders with Infosec founder Jack Koziol and the rest is history.

Are your milestones still presently applicable?

Keatron’s milestones are still applicable today, although he did take a slightly unconventional path. He started with foundational knowledge and skills; today, many opt to have less of a foundational mastery but earn high-level professional certifications. This results in a knowledge gap of foundational knowledge that a security expert is expected to have, though this is unspoken. 

Today, you can learn foundational knowledge and skills in parallel to security. The most important thing to remember is the old adage: “Luck is where preparation meets opportunity.” (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Greg Belding. Read the original post at: