As a young lieutenant (butterbar) I remember attending my first meeting at my new unit, and realizing I understand hardly any of it.
The military is full of jargon, acronyms in particular. I had finished the officer basic course with an understanding of most of the acronyms related to the Patriot missile system (AMG, ECS, etc)...and still wound up bewildered by much of what was discussed at this meeting.
So I jotted down every unfamiliar term in my standard/required notebook, and afterwards asked someone what each and every term meant. Eventually I got familiar enough with them that I, too, could participate in a meeting that would be incomprehensible to anyone unfamiliar with the lingo.
This is actually fairly standard, in my experience. New unit, new set of acronyms. It was almost worse when I deployed, because the terminology changed entirely in the few months between when I left Tikrit and returned to Baghdad. (EJK wasn't something I'd used a lot during my first tour.)
Some of this had to do with the rapidly changing environment, though I suspect some of it had to do with other factors. Soldiers often joke that someone re-named an existing concept just to get a bullet on their review...
In addition to the lingo, there was always some new sort of system to learn. BAT. Palantir. And in civilian life there was Red Prairie and SAP.
The result of all that is I've got great confidence in my ability to learn new things...and it's almost always the same.
First, it's almost all new. You have to jot down anything you don't understand, and ask questions, and ask questions, and ask questions. Eventually things start fitting together, and you start understanding more of whatever-it-is.
I brought all that up because, yet again, I'm learning something entirely new. I have three classes this summer - Computer Programming II (Java), Incident Response, and Malware.
The malware and incident response classes tie together really well. On the one hand, I'm sure the material would be easier if I'd already had the Intro to Operating Systems class (registered for fall)...on the other hand, I kind of like doing it this way. It means when I do get that class, I'll have a basis in security before I even start...and in some ways the material won't be quite as new, so that class will actually be easier.
But for now, I have found myself looking up details on various topics, just to make sure I understand the point. (Like Windows registries.)
I feel like I've learned a lot already. And I also feel like there's a LOT more to learn, still. I've also been doing some side reading. Part of the immersion process that will help speed things along to the point where I can mentally map out everything. Some of the material is good, though disjointed or old. (The Cuckoo's Egg was good for someone completely new to the field, but he's writing about something really really old and somewhat obsolete by now. Stealing the Network is a bit above my current skill level, though I read bits and pieces in the interest of building those mental connections. I feel somewhat similar about Practical Unix & Internet Security, which I originally worried was too old to be relevant but saw someone recommend it as still pretty useful info. I like it, I am learning quite a bit...and some of it is still definitely over my head. It'd probably help to learn more C or C++ programming)
It's interesting to see just how much hacking and computer crime has evolved. I think I still had that mental image of some geeky white (male) teenager trying to show how cool he is by hacking into systems. There may have been quite a bit of that in the past, and they probably still exist today - though not necessarily white, or teenaged, or male. Still, they'd be the mad scientists/wizards who are able to invent new techniques for getting into a system.
The real issue is that they've managed to industrialize the process. The mad scientists/wizards create toolkits that anybody can use, even if they hardly know how to program at all. People who didn't have to spend years picking up the necessary skills. Now anybody and their grandmother can exploit a vulnerability in order to conduct an attack.
No wonder cyber defenders are getting overwhelmed.
Anyways, in terms of the learning process I'm still very much at the beginning. I think a cyber security expert has to know the system just as well as (if not better than) the hackers. Which means assembly language, operating systems, network protocols, processors, macros, and more.
No comments:
Post a Comment