Once again a big thanks to Don, but also like Don says, a thanks to all the people that make this community worth being a part of.

Long may it continue.

Dale

Abit knee jerk and idealistic really.

Its not really going to happen in the real world is it, also most people who suffer from fraud and phishing and other similar attacks are the less computer literate.

Expecting them to know how to create a live cd boot from it, assign IPs, connect to wireless printers etc etc would be a total nightmare.

Improve education and awareness, and cross your fingers I say.

It is good practice to regularly carry out a CSIRT drill.
I would suggest thinking about a real world scenario that could impact your organisation, and then go through the stages as you would in real life, but in a drill scenario.

So bringing the teams together, brain storming etc.
If your a global organisation follow the sun so each region has a part to play, and cease the drill when a full rotation has been completed.

Then review the process, improvements, etc.

Just a quick comment.
Remember even if your not doing a security role, security is still your responsibility within the organisation you work for.

Security wont work in a silo environment, however this is how many organisations function in reality.

Some organisations have graduate programs, so if you have completed a degree in computer / information security they may well consider you for a junior role in the InfoSec Team.

Myself, I started off on a help desk role whilst at college, then some database and inventory stuff, then network administration, then IT systems analyst, then a little mobile communications, then network architect, then network / security architect, then security and risk consultant, and currently Security Manager.

I worked whilst in education as much as I could, summer breaks and all sorts, part time etc etc. These gave me a few advantages, experiance, and also one by one working in different organisation in different roles to understand what was / wasnt right for me.

I think most people come from a networking background of some sort, but I think thats because there hasnt always been the more direct security routes that are starting to exist today.

Morning June,

I will try and help from a generic perspective as I am not in the US so cannot comment on the education establishments, and also job titles to some extent as they do seem to be alot more verified than Europe and Asia in my experience.

Even though computer security has been about for a long time, it is becoming alot more mainstream and as a result more college / university courses are popping up but many are in their infancy. I have been involved in some reviews of a couple of courses here in the UK, and sadly I do think they are a little lacking in various areas.
I would look for a course that covers networking, security and programming fundamentals to give you a good base and common understanding. I would then also like to see modules on risk assessment and risk management, computer laws and regulations, and perhaps some forensics in there to.

Business as you mention is also important, as its key for getting the message across, understanding what your business / customers needs and goals are.

I am probably an idealist, so this may not all exist, but I think it’s a good start and idea of where to focus. From here you can they later in your education look to where you want to focus, penetration testing, consultancy, forensics and more.

Hope this helps a little, and don’t forget doing your own research and education is important to, and you have made that first step by joining this community.

All the best.
Dale

Andrew nice review and thanks for taking the time.
I guess what I am wondering, and not sure if its clear from the review is the following: Alot of the content you mention is available on the interubes, opensource goodness. Granted the book pulls it together but it is worth it for the security professional? I am kinda thinking not?

I guess as you hint to, this book is for someone new coming to the field.

Good review, not sure if I will be buying (perhaps I can borrow your copy, lol)

I am home, what an excellent time.
I will be posting some videos on my blog later in the week hopefully of the Gates and Nickerson presentations.

What a great time was had by all, brilliant.

I really was an impressive con, even more so it was the first one, great success.

Just realised I dont think I met up with kungfusteve, sorry..

I was able to get a little looksee from someone who knows someone at Microsoft.

My understanding is that WOLF "Windows On Line Forensics" is the inhouse MS tool, and COFEE is what they have put together for law enforcement.

Obviously I have not seen both to make a comparison, so its all theory.

Mik,

where abouts are you based? Perhaps someone close by can help out?

The others are right, read books, setup a lab, check out this forum and others.

All the best.

Spikyles I also look forward to hearing how you get on with the new offering.

Just a quick update, I have had a little look at WOLF / COFEE and it does seem a good tool. I am not sure if its the same version that has been given to the police forces etc, but there did seem to be some issues around running it with the appropriate priv's, it also needed access to the logged in system and I am not to sure this was the original goal.

Obviously as this a Microsoft internal tool, support outside is limited.

LOL hadnt seen that one before Excellent.

This has been kicking about for a while now hasnt it, I guess its just in the media again because of the recent claims of super fast cracking.