Hello fellow cyber security hero!
In recent months, after talking to so many teams and individuals alike, it became clear that there’s lots of confusion regarding how to become great at Digital Forensics and Incident Response (DFIR). It’s hard to develop those skills and confusing to find the best place in your career.
Many professionals also stated that they are hitting a ceiling within their current job. Major incidents don’t occur, which is good for the company, but not great for developing skills and experience. Additionally, there’s the risk of alert fatigue that, with a mix of lack of skills, in several occasions which I’ve seen, has led to devastating ransomware incidents.
Effective cyber security (and DFIR) is always a matter of the three areas:
People <-> Process <-> Technologies
Everything starts with people, as they are the most important asset and we rely on their skills (and talent, motivation, passion for what they do, etc). So let us break down what people can do to stay sharp and improve their skills: