Christmas Calendar, Day 8: How to Stay Up-to-Date on Security
Who are you and what do you do at F-Secure?
My name is Sean and I’m a member of a group known as “Security Research & Technologies” (which includes Labs) at F-Secure. I’m a “Security Advisor” which involves being a public spokesperson for F-Secure on cyber security related topics.
As such, I do a lot of reading and research on what’s happening in the world. From crime to espionage to emerging technologies — if there’s a security consideration, I want to informed on the topic.
In my role, I also spend a good deal of time asking questions of our analysts and developers on our own emerging techniques and technology so I’m able to communicate to both internal and external audiences. I frequently work with our communications team. I edit (and write) on the Labs’ blog, and I’m active on Twitter.
What was the most memorable cyber security event/incident in 2017, and what should companies learn from it?
Most memorable? Sad to say, there are too many to pick from… it’s all a blur. (Though I did lose a weekend to WannaCry, so maybe that one.) What should companies learn from the onslaught? Get ready.
What are the most important trends that you believe we will see impact cyber security in the next 3-5 years?
Five years is quite a long time in the context of cyber security – I recommend reading this interview with David Ignatius, author of ” The Quantum Spy”, for a peek at the potential impact of nation states pursuing “quantum computing”. Nation states seeking exploitable vulnerabilities have had a significant impact on network security in recent years. Nothing happens in isolation for very long. Supporting ecosystems develop and soon… markets pop-up that cater to non-governments. Quantum computing, when it emerges, will not remain contained. And even the pursuit of it will have consequences during the next few years.
What’s on your wish list to Santa Claus this year?
I’m going to buy myself a Nintendo Switch at some point in the near future. (Why wish?)
Are you planning to make any work-related New Year’s resolutions?
No. If you want to affect change, don’t wait for arbitrary dates. Just do it. But incrementally, day by day. Attempting some big change at the beginning of the year is just setting yourself up for failure in my opinion.
What’s your favorite information source on cyber security?
It might be easier to list what I don’t read or listen to…
Public transportation is very convenient in Helsinki (for me at least) and it’s a great time to listen to various podcasts. I typically listen at 2X playback speed so I get all my information in half the time! Podcasts such as Risky Business, SANS ISC’s Daily StormCast, and the Spoken Edition of WIRED Security are a good way to stay up on security headlines and analysis. But then it’s also useful to be informed about technology in general. For that, I recommend podcasts such as Download This Show (from Australia) and The Economist Radio’s Babbage, as well as many others.
Prefer to read? Keeping up with Krebs on Security is always useful. Anything by ProPublica on tech is generally worth reading and for a week-daily fix, I recommend Politico’s Morning Cybersecurity.
Categories