Tribe of Hackers
eBook - ePub

Tribe of Hackers

Cybersecurity Advice from the Best Hackers in the World

  1. English
  2. ePUB (mobile friendly)
  3. Available on iOS & Android
eBook - ePub

Tribe of Hackers

Cybersecurity Advice from the Best Hackers in the World

About this book

Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World (9781119643371) was previously published as Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World (9781793464187). While this version features a new cover design and introduction, the remaining content is the same as the prior release and should not be considered a new or updated product.

Looking for real-world advice from leading cybersecurity experts? You've found your tribe.

Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World is your guide to joining the ranks of hundreds of thousands of cybersecurity professionals around the world. Whether you're just joining the industry, climbing the corporate ladder, or considering consulting, Tribe of Hackers offers the practical know-how, industry perspectives, and technical insight you need to succeed in the rapidly growing information security market. This unique guide includes inspiring interviews from 70 security experts, including Lesley Carhart, Ming Chow, Bruce Potter, Robert M. Lee, and Jayson E. Street.

  • Get the scoop on the biggest cybersecurity myths and misconceptions about security
  • Learn what qualities and credentials you need to advance in the cybersecurity field
  • Uncover which life hacks are worth your while
  • Understand how social media and the Internet of Things has changed cybersecurity
  • Discover what it takes to make the move from the corporate world to your own cybersecurity venture
  • Find your favorite hackers online and continue the conversation

Tribe of Hackers is a must-have resource for security professionals who are looking to advance their careers, gain a fresh perspective, and get serious about cybersecurity with thought-provoking insights from the world's most noteworthy hackers and influential security specialists.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weā€™ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere ā€” even offline. Perfect for commutes or when youā€™re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Tribe of Hackers by Marcus J. Carey,Jennifer Jin in PDF and/or ePUB format, as well as other popular books in Computer Science & Cryptography. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Wiley
Year
2019
Print ISBN
9781119643371
eBook ISBN
9781119643388
Edition
1
Topic
Computer Science
Subtopic
Cryptography
Index
Computer Science

1
Marcus J. Carey

ā€œEven if an organization is compromised by a zero-day attack, the lateral movement, registry manipulation, network communications, and so on, will be apparent to a mature cybersecurity practitioner and program.ā€
Twitter: @marcusjcarey ā€¢ Website: https://www.linkedin.com/in/marcuscarey/
Marcus J. Carey is a cybersecurity community advocate and startup founder with more than 25 years of protecting government and commercial sensitive data. He started his cybersecurity career in U.S. Navy cryptology with further service in the National Security Agency (NSA).
If there is one myth that you could debunk in cybersecurity, what would it be?
The biggest myth that I hear is how attackers are always changing up their tactics. While it is true that new exploits come out over time, the initial exploit is just the tip of the iceberg when it comes to attacker movement on a system or network.
Even if an organization is compromised by a zero-day attack, the lateral movement, registry manipulation, network communications, and so on, will be apparent to a mature cybersecurity practitioner and program. So, their tactics donā€™t really change a lot.
What is one of the biggest bang-for-the-buck actions that an organization can take to improve its cybersecurity posture?
The easiest thing an organization can do to prevent massive compromise is to limit administrative accounts on systems. In the military, we obeyed the ā€œleast privilege principleā€ when it came to information access. Organizations should do the same when it comes to their own administrative access. If attackers are able to compromise a user with administrative credentials, itā€™s essentially game-over; they now have all the keys to the castle.
How is it that cybersecurity spending is increasing but breaches are still happening?
Unfortunately, I believe that we are spending too much money on cybersecurity products that bill themselves as silver bullets. Another thing is that there will always be breaches. Anything connected to a network can be compromised and the information pilfered. What really matters is can an organization detect and defend the attacks?
I recommend that organizations get the basics down really well before they blow money on a lot of products. Instead, organizations should hire and train people to defend their networks. In most cases, Iā€™ve found that there isnā€™t enough investment in the personnel responsible for securing networks.
Do you need a college degree or certification to be a cybersecurity professional?
Years ago, the answer would certainly have been ā€œYes, you need a college degree.ā€ When I was growing up, I was told that I needed to go to college. All of the ā€œsuccessful peopleā€ I knew had some form of higher education. Luckily, I went to the military and was able to eventually earn a masterā€™s in network security. I still believe I needed it back then and surely do not regret anything.
However, this is 2019, and I do not feel this way anymore. My son has been working as a software developer for a cybersecurity company since he was 16 years old. In technology, especially software development, you can prove your knowledge through blogging, podcasting, and working on open source projects. GitHub is the new rƩsumƩ for software developers.
I understand that college degrees or certifications are still valid because they show minimal mastery of a subject matter. But nowadays, there are so many more ways to show actual experience. So, in short, my answer to this question is yes, no, maybe, and it depends.
How did you get started in the cybersecurity field, and what advice would you give to a beginner pursuing a career in cybersecurity?
I remember being fascinated by computers ever since I saw the movie WarGames. I never had a computer growing up, but I did take a few classes on coding in middle school and high school. Since I couldnā€™t afford to go to college and really wanted to, I joined the U.S. Navy for the Montgomery G.I. Bill.
I scored pretty well on my ASVAB (military aptitude test). At the military processing center, I told them that I didnā€™t care what job I got as long as it had to do with computers. I was told I would be training at a school for cryptologic technical communications. It ended up being awesome. It allowed me to work for the Naval Security Group and the National Security Agency for the first eight years of my adulthood. I learned a lot about cryptography, telecommunications, system administration, basic programming, and internetworking.
The military isnā€™t for everyone, but it definitely helped me. I always tell anyone considering the military route to demand from their recruiter a career field and skills that are applicable to the civilian world.
What is your specialty in cybersecurity, and how can others gain expertise in your specialty?
Iā€™d say my specialty is understanding internetworking really well. I gained these skills while working in the Navy and at the NSA. A big part of gaining expertise in that subject was reading a lot of books and taking several Cisco Systems certifications. After getting the certifications, I was in a better position to practice related skills and gain even more experience.
My advice is to try as hard as you can to validate your knowledge so that others will give you a chance. This is extremely important. Every time I acquired a certification, I was given so many more opportunities. Eventually, I was the first military service member to become part of the NSAā€™s global network engineering team. That was a big deal, and I learned a lot from my time there.
What is your advice for career success when it comes to getting hired, climbing the corporate ladder, or starting a company in cybersecurity?
Iā€™ll take a swing at a couple of these. First, my advice for getting hired is to look at job postings and reverse engineer them. Create a rĆ©sumĆ© that mirrors what they are asking for if you already have the skills. If you donā€™t have the skills, I recommend using your free time to learn those missing skills by reading, using open source software, and consuming any free training you can find. Iā€™ve found that even if you donā€™t have the necessary degree, years of experience, or certifications, there is still hope. Donā€™t limit yourself and think that you arenā€™t good enough for a job based solely on those requirements. If you believe that you have the skills to do a job, you should always apply.
Starting a company in cybersecurity has been one of the most grueling processes I have ever been through. There are typically two types of companies: those that sell products and those that ...

Table of contents

  1. Cover
  2. Title Page
  3. Copyright
  4. Acknowledgments
  5. Introduction
  6. Chapter 1. Marcus J. Carey
  7. Chapter 2. Ian Anderson
  8. Chapter 3. Andrew Bagrin
  9. Chapter 4. Zate Berg
  10. Chapter 5. Cheryl Biswas
  11. Chapter 6. Keirsten Brager
  12. Chapter 7. Evan Booth
  13. Chapter 8. Kyle Bubp
  14. Chapter 9. Lesley Carhart
  15. Chapter 10. Lee Carsten
  16. Chapter 11. Whitney Champion
  17. Chapter 12. Ming Chow
  18. Chapter 13. Jim Christy
  19. Chapter 14. Ian Coldwater
  20. Chapter 15. Dan Cornell
  21. Chapter 16. Kim Crawley
  22. Chapter 17. Emily Crose
  23. Chapter 18. Daniel Crowley
  24. Chapter 19. Winnona DeSombre
  25. Chapter 20. Ryan Dewhurst
  26. Chapter 21. Deidre Diamond
  27. Chapter 22. Ben Donnelly
  28. Chapter 23. Kimber Dowsett
  29. Chapter 24. Ronald Eddings
  30. Chapter 25. Justin Elze
  31. Chapter 26. Robert Graham
  32. Chapter 27. Claudio Guarnieri
  33. Chapter 28. Ron Gula
  34. Chapter 29. Jennifer Havermann
  35. Chapter 30. Teuta Hyseni
  36. Chapter 31. Terence Jackson
  37. Chapter 32. Ken Johnson
  38. Chapter 33. David Kennedy
  39. Chapter 34. Michelle Klinger
  40. Chapter 35. Marina Krotofil
  41. Chapter 36. Sami Laiho
  42. Chapter 37. Robert M. Lee
  43. Chapter 38. Kelly Lum
  44. Chapter 39. Tracy Z. Maleeff
  45. Chapter 40. Andy Malone
  46. Chapter 41. Jeffrey Man
  47. Chapter 42. Jim Manico
  48. Chapter 43. Kylie Martonik
  49. Chapter 44. Christina Morillo
  50. Chapter 45. Kent Nabors
  51. Chapter 46. Wendy Nather
  52. Chapter 47. Charles Nwatu
  53. Chapter 48. Davi Ottenheimer
  54. Chapter 49. Brandon Perry
  55. Chapter 50. Bruce Potter
  56. Chapter 51. Edward Prevost
  57. Chapter 52. Steve Ragan
  58. Chapter 53. Stephen A. Ridley
  59. Chapter 54. Tony Robinson
  60. Chapter 55. David Rook
  61. Chapter 56. Guillaume Ross
  62. Chapter 57. Brad Schaufenbuel
  63. Chapter 58. Chinyere Schwartz
  64. Chapter 59. Khalil Sehnaoui
  65. Chapter 60. Astha Singhal
  66. Chapter 61. Dug Song
  67. Chapter 62. Jayson E. Street
  68. Chapter 63. Ben Ten
  69. Chapter 64. Dan Tentler
  70. Chapter 65. Ben Tomhave
  71. Chapter 66. Robert ā€œTProphetā€ Walker
  72. Chapter 67. Georgia Weidman
  73. Chapter 68. Jake Williams
  74. Chapter 69. Robert Willis
  75. Chapter 70. Robin Wood
  76. Epilogue
  77. Bibliography
  78. End User License Agreement