Attracting and training veterans

It’s one of those mornings when I find a number of intriguing open-source stories that might be of interest to devotees. For instance, there’s an ongoing bug-bounty price war that’s come to the fore since last week’s Black Hat 2016 security training conference at the Mandalay Bay Convention Center in Las Vegas (I’m wondering how the house did with all those devious smart people in town). And in light of the evolution of the cyber battlespace, growing reports of cyber-skirmishes and cyber-line-probing, SANS’ effort to attract veterans and underwrite the training necessary to enter the cyber job market is more evidence of the expanding and, for the foreseeable future insatiable, defense and commercial craving for trained, experienced cybersecurity professionals. And interested veterans should note: they’re not just looking for veterans with tech experience: SANS is training anyone who qualifies, from cooks to mechanics to basic grunts.

In fact, I was looking into SANS’ programs when I came across something I had no idea existed, but, now that I know, I’m pretty glad it does: the Internet Storm Center. The Internet Storm Center (ISC) is essentially a collaborative, decentralized endeavor of some smart, smart people who are donating their own time and expertise to ride the internet range and look for bugs, viruses, and any other sort of trouble. As the ISC explains, “The ISC was created in 2001 following the successful detection, analysis, and widespread warning of the Li0n worm. Today, the ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers.”


The internet white hats are called Incident Handlers. They’re volunteers. It’s competitive. There are Apprentices, Handlers, Senior Handlers, and Retired Handlers. After a day virtual snooping, these folks post discoveries in their “diaries” (as the site points out, they’re called diaries, in part, because “at the time the Internet Storm Center was started, the term ‘blog’ didn’t exist . . . .” Yes, there once was a world without blogs. There was once even a world without CDs and iPods. It’s true.)

For example, ISC Handler Pasquale Stirparo wrote his daily diary: “Looking for the insider: Forensic Artifacts on iOS Messaging App.” Stirparo advises, “Most of the times we care about and focus on external threats, looking for actors that may attack us via phishing emails, vulnerable web services, misconfigured network devices, etc. . . . In fact, it is not so uncommon to have disloyal/disgruntled employees exfiltrating information from the company . . . . In such situations, a full forensics analysis of the employee’s devices (workstation, mobile, etc.) is required to understand what happened and get comprehensive timeline of the events.” Good advice.

It’s comforting to know that while there are all sorts of vicious hackers out there trying to wreak havoc on the world, there’s a few good handlers keeping careful watch.

Related News

Ed Ledford enjoys the most challenging, complex, and high stakes communications requirements. His portfolio includes everything from policy and strategy to poetry. A native of Asheville, N.C., and retired Army Aviator, Ed’s currently writing speeches in D.C. and working other writing projects from his office in Rockville, MD. He loves baseball and enjoys hiking, camping, and exploring anything. Follow Ed on Twitter @ECLedford.