Jerry π¦ππ¦I get to speak to a masters in cyber security class at a major university on Monday. They are learning about interacting with senior leadership/BoD on topics of cyber risk. I have many stories to share with them, but curious if yβall have any ideas on what you thank that group should know
Alister Bulman@jerry I'd suggest two things: a) Ethics - should you do something, or should you say something when you discover a problem?
b) A couple of stories about why security researchers/sysadmins can be like magicians - because we will spend an inordinate amount of time on doing some tiny thing to absolute perfection in order to find out something that is bugging us:
1/ Clifford Stoll found an unauthorized user who had apparently used nine seconds/75cents of computer time and not paid for it. It was a KGB Hacker. Oh, and "The Cuckoos Egg" had a nice cookie recipe too.
2/ The XZ Backdoor was found by a user, testing SSH, who saw that logins were taking too long.....