Dad~Sec.Ops

Applying the leverage

In Iraq, I witnessed first hand the consequences of not following honed TTP's, and complacency. To make those lessons count I apply it to cybersecurity by ensuring TTP's are tested and are evolving to meet changing threats. I prioritize detection engineering, built in security and threat hunting over passive monitoring. Because I know first hand that the threat actor chooses the time and method of attack, placing the defender at an immediate disadvantage. The best defense is an active defense. I believe that network visibility starts with deeply knowing your baselines. Detecting the slightest anomaly in a law enforcement investigation meant knowing what belonged and what didn't. In combat your baselines are your battlespaces, your threats blend in with normal everyday life to avoid detection. In that I learned that threat intelligence, and deployed assets provide invaluable visibility. While managing a transportation company in the wake of the COVID-19 pandemic, I learned the importance of system configuration, redundancy and resilient processes. Adapting to products not shipped and improper shipments held at customs meant I had to create time and space to respond to these incidents. It is here that I began to employ my own version of zero trust environments, before I knew what that was. I followed the tracking of shipments and established a notification system to be fully aware of logistical movements within my scope of responsibility, instead of assuming no news was good news. The concepts and application of security permeate throughout my past professions, and applying it effectively to secure data, systems and businesses is my passion.