Putting the Cart Before the (Trojan) Horse I

It’s entirely possible that I misunderstand or am missing the point completely…I’m talking about ‘threat hunting’ – Proactively searching your network for threats with the intention of sussing out all the bad.

My problem is not with threat hunting, but I think in most organizations at which I’ve worked in infosec, it would be premature to threat hunt, when we can’t even explain what our normal, day-to-day functioning looks like or ‘acts’ like.

Full disclosure: I am definitely a curmudgeon, so pointing out something like this should come as no surprise. I just think that a solid foundation – logging, access controls, privileged access management, regular audits on user permissions, and on and on – would be a far better use of our limited infosec practitioners’ time.

More to come.


New Word!

Teammate just came up with a new word: WORDAGE!

Like verbiage and wording had a kid. MINT.


New year, new partner; New year, new boss and team!

Last year, as a new SE, only selling for 9 of 12 months, I hit 80% of my quota. With the new partner (new to me, not new to sales or LR – he used to be an SE too!), I have a really positive outlook. Of course, I have already had a couple of anxious days, thinking ‘wtf, I am not cut out for this!’, but really, it gets in the blood quickly. I had some daunting and disheartening failures, but more recently, I’ve been landing new accounts and that feels really good.

Focusing on more training for myself is key now, and maintaining my responsiveness is nearly as important.

2018, we are in you.

Year of Less

Less messing around, that is!

My first year as a sales engineer is basically in the books – tomorrow is it – and I’ve really learned a lot about myself, the job, working as part of a team. It has been a great experience overall and I am still exceedingly glad that I was offered, and took, the opportunity.

Last year at this time, roughly,  I made a similar declaration to myself that this was it – no more mister-messing-around-guy! I was going to succeed and it was going to be laser-focus and iterative improvement. Meh. I mean, I did well for a new sales engineer, but there is a lot to learn, and the person in this role must be very flexible and able to roll with any situation seamlessly. That is not really me, but I am learning. As far as focus, there were times when I was so lost and frustrated that I was in a mental gridlock with myself. This is something I do!

When I don’t see a clear solution or path forward and there are more variables than I am comfortable with, I tend to gridlock and take no action. This is another area that I am slowly and surely tackling but it’s not easy, and therefore not comfortable. This one takes time. Sales seems to have so many more competing priorities than most other areas in which I’ve worked over my career.

Enough of that stuff, now on to the good and the plans!

  1. Read even more – I read a lot but I also laze out and watch stupid stuff on TV, although commercial TV has made it easy for me to quit with all their dumb advertisements all the time.
  2. Read more relevant material – I am focusing on information security, sure, but also on machine learning, AI, data management and Big Data, and on subjects like attention and focus.
  3. Plan. I have to get back to that one (ha!)
  4. Learn time management and prioritization techniques that work for me, my family and the job. I tend to procrastinate, and I tend to get in my own way. This item is going to take further study, but I think a couple of small things might have huge returns. For example, doing documentation and followup immediately after a call or meeting not only helps me remember and retain information, but it also means that the stuff is done and not sitting until the end of quarter or until it’s too late.
  5. Focus on my process and workflow and not on the tools that are out there. I tend to try new tools and end up not using them, or any for that matter. If email works for me to track right now, then it works until it doesn’t – revisit then!
  6. Feedback – as painful as this is, I am going to need to keep asking for it and internalizing it. Sales partner is moving on and she’s been the one giving me the best and most frequent feedback. Sometimes sucks to hear, but mostly it’s been hugely helpful.

Looking at this freehand post, because as you’ll recall,  I am not a planner, I see that focus and particularly focus on the most important things, is what I need to, well, focus on.

Imagine that!

Subjects (books) I am starting with:

Anything on Logging

Anything on SIEM

Anything on ML, AI or Big Data

Not a planner…

Recently, like a few days ago, I decided quite suddenly that I want to put together a five-year plan for my life and career. I have never, ever, been a planner. I don’t think that my PFC is very good at the executive functions that comprise planning. And it’s hard – difficult – to plan. It takes a lot of thought and preparation. All areas at which I am pretty mediocre.

But there I was, holding a little baby (my partner the Missus watches her at our home), and I was thinking about how much I love this baby. Mind you, she is not related but her mum and now dad are like niece and nephew to us. So anyway, thinking how much I love this baby and how I really want to be involved in her life, her whole life, going forward. And something fell into place in my mind. I need to plan to be here, barring unforeseen events or accidents obviously, for this kiddo and for my grand kids.

Clarity like this for me is uplifting. It’s unusual for me to experience that kind of clarity.

At a very high level, I desire and plan to stay in my field (infosec) and I want to earn a Master’s degree in same. I’ve bandied this about before, but I think I would like to teach someday, and would need a minimum MS to do so at the level I have in mind. So that was goal #1.

There were several others, goals that is, and they came in a jumble – but my health is a very big and critical area for improvement. My nephew and I were talking on Christmas day, and in short, his message was this: If you really wanted to, I mean really, you would. About getting in shape, about learning grappling (this was his example). Message received, Mr. K, thank you for being gentle about it. I have to get past my mental block about exercise. I am scared of it, of the discomfort, of being out of breath on hills…Yes. Deal with it, right?

In the past year, as I’ve learned LogRhythm and how to sell and what it means to be part of a sales team, I’ve enjoyed a certain aspect of the job a lot more than the rest of it. The part I love is becoming the trusted adviser to my clients, and not just about LR (although that is central) – I spent 20 years in the trenches, similar ones anyway, and I get what their challenges are. I must not lose that perspective, and since I am not in the trenches any longer, I have to find other ways to remain aware of what is going on. Still thinking on this one.

Lastly, I am not happy in California any more. Or at least not a good part of the time. Missus and I are thinking of moving to Oregon, but this is not in the short term. This one is one that we have to visit and revisit and think about. We are both native to San Diego, and maybe this is a grass is greener thing…

How do I plot a plan? That is what is next for me…

A Single Glass of Pain

On two separate occasions now, a coworker has said ‘…a single glass of pain…’ rather than ‘…a single pane of glass…’

I’m thinking it’s subconscious.

New Year, New Role – The First Month! Part .5

I have now been in IT for over 20 years – I started in 1996 as a cabling tech, working on phones and data cabling (including IBM mainframe COAX cable, that is some dirty work!)

For that entire span, I have worked mostly as a network engineer and as an infosec engineer. I have found that these two fields can be quite complementary and have had a pretty good run in both fields.

At the beginning of the year, 2017, I started in my new role with LogRhythm, as a Sales Engineer. I am so excited for this opportunity, and I can’t even begin to express how much fun it has been so far. I am just starting to get up to speed, and to be totally honest, we have an awesome SIEM offering. But I want to address the elephant standing on the gorilla in the room…People keep saying,’Oh, you went over to the Dark Side!’

If this is, in fact, the Dark Side, then yes, I have gone and with relish!

But really, all this stuff is so new to me, and this is the first time I have been on this side of the table.

The Sales Engineer is paired with sales execs, and in my case, I have been paired with two very fine human people. We’ll see how that works and translates in to quotas met and all. So far, they have shared with me their philosophies on selling, and we are all simpatico – We don’t do hard sells, we are not going to be cheesy or icky or the like, and we are going to be honest and ethical. Sound like the Dark Side? Nope.

All this drinking from the firehose has left me reeling…In the best possible way!