Troubleshooting 101

TL:DR – Our abilities to solve problems are what makes us good at technology jobs.  Apply basic common sense when dealing with situations and don’t be afraid to try things out.

So the handler went on extensively about how the help desk and site support people lack some of the basic skills to adequately do IT work.  Apparently they don’t know how to perform proper troubleshooting steps when dealing with technical situations.   This is troubling indeed, as part of what makes us good at our job is the ability to work through problems.  I would like to break this down to a non-IT related situation… Continue reading “Troubleshooting 101”

All jokes aside…

So the purpose of this blog is to express my handler’s thoughts and concerns that may reflect negatively on his current employer. Not that his employer follows his twitter or blogs regularly. Sure my handler (we will call him Bob) has the disclaimer up saying “views expressed… yada yada yada…” but that really doesn’t mean a whole lot to a big corp. So he created me.

Now this is not to say this will be an employer bashing blog or a method to complain about poor security practices, but Bob has learned over the years to not 100% trust his employers or coworkers. Bob works in an “at will” state so that means at any time he could be let go for practically no real reason at all. In a past job his employer felt his attitude was poor even though his clients were highly satisfied with his work and guidance. So after 5 years it was “bye bye!” Granted there were some events that gave them minimal grounds and reason to end things, but he still feels it was because he didn’t want to drink the Kool-Aid. Bob was also burned out and they failed to recognize the signs. 10 years or so later and nothing has changed there.

But I digress… or Bob does, he gets distracted easily. Bob feels he is still burned out and hasn’t figured out a way to fully recover. He has been in the same role for a while, albeit for different employers, but he is still an InfoSec generalist. Some have told him this is not a bad thing and one could say he can be called a Security Architect, rather than a generalist.  but at the end of the day, Bob has to be the technical lead for all things security. He has to deal with desktop support level issues because the desktop teams don’t know how to troubleshoot certain things. Or the helpdesk doesn’t know how to recognize a phishing email from a legitimate one. These are all things Bob did before he entered the InfoSec field and he expects that the helpdesk and desktop support staff should be able to handle it.

This is not Bob’s first big corporate position. Bob worked in the defense industry for a bit and he really enjoyed it. He would probably be there today if the commute was shorter. But then he wouldn’t have been able to exercise his security architecture muscles working for that startup. In hindsight, he would have been happier staying at that job a little longer. Bob was not made for startups.  There isn’t much difference in the last corporate job to this one.  The politics are the same, both have “CISOs” reporting to a CIO (that is a rant for another day).  But due to the nature of the defense industrial base (DIB), the security programs were much more mature.  Bob was able to spend more time performing incident response duties or review application architectures.  Troubleshooting desktop security applications was left to desktop and infrastructure support teams.  As we in the industry know, applications such as ant-virus, web filtering, and even VPN, are not managed by the security teams.  Not so much in the non-DIB space.  But again the job is close with a non-highway commute.  Bob keeps telling himself that but he knows it is not what he truly wants.

So what does Bob truly want?  He doesn’t know, I mean come on, he turns to his baboon friend for advice now…  Bob certainly doesn’t want to sit there and figure out why the CIO’s laptop has slow network connectivity or sit on numerous project calls with terrible project managers.  He tells me that I would make a better PM than the ones they use.  Yes a Baboon would do the job better than a human.  He said that, so it is true.    No Bob wants to figure out why a certain workstation is sending requests to suspicious IP addresses, or spend time deploying a proper SIEM solution (even if it is not one from the so called “Magic Quadrant”).   Or maybe evaluate if a SIEM is truly needed?  In the end Bob doesn’t really care one way or another since it is close by, stable, and doesn’t require a ton of off-hour work.  At least that is what he keeps telling himself.

Stability and boredom go hand in hand.  Bob is burned out and bored.  Finding motivation to move beyond is tough as there is no time provided at work to concentrate on the topics that most interest him.  So he has to fit that in at home at which point he chooses between playing or research.  Or having his baboon write a long winded blog posts about how his handler is not satisfied with his career.  So this will be posted, probably not read by but a few.  Call it therapeutic I guess.  Next post will be something with a little more substance I think.