Sunday, December 31, 2023

THE FIVE LAWS OF CYBERSECURITY

 he Mirai virus was a malicious piece of software that was first discovered in 2016. It was designed to target Internet of Things (IoT) devices, such as routers, smart cameras, and smart thermostats, and was able to compromise these devices by exploiting vulnerabilities in their software. Once it had infected a device, Mirai would use it to participate in distributed denial of service (DDoS) attacks.


The damage caused by Mirai was significant. For instance, Mirai’s first large-scale attack was in September 2016 against a French technology company, OVH. Mirai’s attack peaked at an unprecedented 1Tbps and is estimated to have used about 145,000 devices within the assault. (source: https://lnkd.in/gEu8sfzh.)

Mirai virus is an example of one of the cybersecurity laws-"With Innovation Comes Opportunity For Exploitation" that Nick Espionosa talks about in his TED talk-"The five laws of cybersecurity".

One thing that stood out to me in this TED Talk was the idea that there is a lack of a shared understanding of cybersecurity within internet culture. Nick argues that with over 3.6 billion people online and communicating with each other and institutions every day, there is a common language that we all share through networking protocols and social media platforms. However, the topic of cybersecurity is not as widely understood as it should be. In his TED Talk, Nick tries to bridge this gap by introducing his five laws. This talk highlights the importance of increasing awareness and education about cybersecurity in order to better protect ourselves and our communities online.

Do catch the summary of these laws in my sketchnote and watch the TED talk (~7 min)- https://lnkd.in/gi-s5srN hashtagcyberawareness hashtagcybersecurity


LinkedIn post: https://www.linkedin.com/feed/update/urn:li:activity:7017106573596512256/


WHAT ARE TACTICS, TECHNIQUES, AND PROCEDURES (TTPs) IN CYBER SECURITY?

 The recently concluded FIFA World Cup had almost everyone completely mesmerized. In the semi-finals, the eventual champions- Argentina beat Croatia 3-0. What was distinct about this match was that all three goals were scored via unique attacking mechanisms. The first one was via a penalty kick. The second one was via a high quality dribbling play all the way from midfield. The third one was an exceptional display of ball handling skills near the opponent's goal.


Like in soccer, in cybersecurity too, an attacker applies a range of approaches to outmaneuver the organization's defense, exploit vulnerabilities, evade detection, and access sensitive information.

If you have to stay ahead of the attackers, you need to build mechanisms to get insights into adversary attack behaviors and how specific attacks are orchestrated. This allows you to better respond to, and mitigate, current and future threats.

This is exactly how tactics, techniques, and procedures (TTPs) helps the cyber security teams.

Saturday, October 14, 2023

THE MENTAL GAME OF STARTING OVER

 I recently completed the Bengaluru Full marathon (42.195 km). It was an honor to run in all 10 editions of the prestigious run.

While finishing is an important aspect, the lure for running really goes much beyond that, something the legendary ultra-runner Dean Karnazes so succinctly put in one of his books.

Here it goes-

"Running always leaves you better than when you started. No matter how temporarily bruised your body is at the end of the run, it's the spirit that's uplifted. Running great distances is a release, it's an outlet to what's brewing inside the mind - good or bad. Simplicity of running is quite liberating. Things don't bring happiness, challenging experiences certainly do."


The route of the Bengaluru marathon included 2 loops - 21.1 km around the city. Having multiple loops during the course of a marathon is quite a normal thing as it makes organizing the running events efficient and manageable.


One thing that I realized while on the course of the run this time was a unique challenge the run with multiple loops presents to the runner. With all the hard running and enthusiasm, I managed to complete the first loop (21.1 km) only to find out that I was at the beginning of where it all started (the start point of the race). The very fact that instead of seeing a finish line, you get to a sort of start point during the run can really be disheartening and can potentially wear one down with a feeling that nothing much has been achieved despite all the slogging done for hours. This is for sure a false notion, which our bodies are mindful of but our minds often need the slightest of excuse to start getting distracted and dictate the terms based on the newer paradigms.

So how did I get through it? Here are a couple of strategies that helped me:

1. Stay-in-the-Present:

Re-tune your mind to stay in the present, and focus on the next step, and the next and so on till the run finishes. I learned this cue from Geet Sethi’s book “Success vs Joy” where he shares, "Concentration is simply the intellect supervising the mind to remain in the present."

2. Mental Contrasting:

This technique, which I learned from Barbara Oakley's Coursera course on learning, involves contrasting your current state with your desired outcome. But here's the twist: Don't just visualize the finish line. Also, remind yourself of the sweat and fatigue you're experiencing now. It helps to balance optimism with a dose of reality, making your goals feel more attainable and relatable.

In both marathons and life, it's the 'mental loops'—those repetitive thought patterns and emotional cycles that can either hinder us or propel us forward—that often pose the most significant challenges. Yet, it's precisely within these cycles of thought and feeling that we discover opportunities for growth and self-improvement.

How do you cope with having to start all over again in different areas of your life?