James Lyne’s 4 Career Mistakes We Can Learn From
We have moved to https://cyberstart.com/blog/. Head there to read our latest blog posts and play some free cyber security challenges!
In almost every industry or career, you never stop learning. Every day is a new opportunity to discover something you didn’t know before. We, at Cyber Discovery, believe reflecting and learning from others and their mistakes is a great skill that will help you become an accomplished cyber security practitioner.
James Lyne has over 15 years’ experience in the cyber security industry and within that time has faced a few obstacles that have challenged his knowledge and skills in the area. We spoke to him about what he would consider as his biggest lessons learned to date. From these, we hope to learn something ourselves and evaluate what we can do differently when we face similar challenges.
“Early in my career, I would be working on a programme or script, in which I would have to solve a security issue. There was one time I was working on a script to reverse a complex bit of malware. I had spent in excess of over 70 hours working on this one project. I was doing something that over-confident people can sometimes end up doing which was over writing and saving my script as I was editing. I ended up writing over the script with the very file the script was generating. I destroyed all of my work and had no ability to recover it. Even as a security professional there was absolutely no way of getting it back. It took me twice as long to redo the project. I ended up taking just under a week to do a job which really shouldn’t have taken that long. Security professionals constantly tell people to store and save files properly. I leaned that it is so important we follow our own advice and practice exactly what we preach.”
Simple processes may not seem important when you are working on a problem, however, in the long-run, they may prove to be extremely cost-effective. It is as important to learn effective ways of working as it is learning the core skills needed to be a security professional.
“I recall one time I was working on a penetration test, I had a very clear scope of the systems I was allowed to target and the ones I was not. I was working very carefully on the systems that I was allowed, it was going fine. I was working on one tool in particular, then I started to notice some addresses were showing up outside the scope document. One of the tools had come up with some pretty critical security flaws. It turned out I had actually scanned something I shouldn’t have. I had to make the decision whether I should just hope no one notices or whether to let them know that there are some pretty serious problems here? I mulled it over for a while but then the situation was forced very quickly when it transpired my scan had actually caused this particular system to completely crash and restart. No one knew how to turn it back on, it was a very old system in which there was a good reason as to why it wasn’t in the scope document. There was a lot of upset naturally but I owned up pretty quickly. I did this, so we could start working on what had caused it and how to fix the issue.”
James’ mistake is a lesson learned to double and triple check the scope of your tools and if it goes wrong, put your hands up quickly. Everyone prefers for you to admit to your mistakes and not sit hoping it won’t get noticed.
“Before the industry had clear guidelines about how you share information and tell organisations about flaws, I had found an ISP. I had talked to a couple of friends and colleagues about this particular flaw. It ended up being reported more openly than I would have liked and one of the people I spoke to published details about the issue. Luckily the company could fix the issue very quickly but it could have ended up with cyber criminals getting their hands on the information and using it for harm. You need to be really careful about who you share your information with.”
It is extremely important to be cautious with the information you disclose. Sometimes, you may find a flaw that could exploit a problem and if you share that information too liberally, a lot of damage can be done.
“Imagine you do a piece of forensic work, or a security assessment, you complete this complex task and you are now doing the write up for it. In the early days of my career, I committed many a cardinal sin, in the form of executive summary’s and failing to consider my target audience. I would assume the person reading my report knew exactly what I was talking about and exactly how to fix it. Instead of simply telling them that there was a huge catastrophic flaw that could allow an attacker to steal large volumes of data and do masses of reputation damage, I would spend hours writing up the technical detail. Although this is important to show the value of your work, it is a great skill to learn how to make your work accessible and documented clearly so your audience can grasp exactly what the problem could be.
If you are thinking about pursuing a career in this industry, it is worth taking some time to learn how to contextualise the work you have done. It is part of our duty, as cyber security professionals, to help our client understand why this stuff matters.
As well as learning the core skills taught in the Cyber Discovery programme, it is worth considering some of the points above to help make you an effective and versatile cyber security professional. Basic processes, checking the scope of a task and contextualise your findings are crucial skills to learn if you are looking to seek a career in cyber security.
