I first met Nicole Hoffman, who’s a Security Investigator for Cisco Talos and a part of our Strategic Analysis, Threat Intelligence and Interdiction workforce, throughout the recording of the Talos IR On Air Q1 2023 episode. This was a dwell broadcast by which we mentioned the developments noticed by the Talos IR workforce up to now quarter. Nicole’s workforce, amongst many different issues, put collectively these quarterly threats overview. During the On Air recording, I observed that Nicole had nice digicam presence and was capable of articulate, what most individuals would take into account, advanced subjects in a language that basically anybody would perceive. A techie with the reward of gab! I used to be instantly curious about Nicole’s path into cybersecurity and usually, as an expert.
Questions
What impressed you to pursue a profession in cybersecurity?
I graduated highschool and initially began a profession within the medical discipline. I went to high school to be a medical assistant, after which I began nursing college. I labored for a short while as a phlebotomist, which is a medical skilled who’s educated to carry out blood attracts on kids and adults, however it was actually arduous for me to discover a job, as a result of my husband was within the army. This meant that we moved usually, and this was not anticipated to alter any time quickly. At some level I made a decision to make a profession change in order that I might have a number of expertise that might enable me to seek out work no matter the place we moved to. My husband, who was a community engineer within the army, already had numerous Cisco books on CCNA and CCNP preparation. I began learning remotely, making use of all these textbooks and aiming for a profession as a cybersecurity engineer. While learning for my CCNA, nonetheless, I discovered it fairly boring. It wasn’t till I attended my first cybersecurity convention nearly that I bought excited in regards to the subject. The convention was referred to as ATT&CKcon, and the discuss that I watched confirmed how the MITRE ATT&CK framework helped a risk intelligence workforce observe focused intrusions. To be trustworthy, I didn’t perceive all of it, however I discovered it completely fascinating. I’ve by no means appeared again.
How did your family and friends react whenever you first began your profession change?
Originally, they assumed it might be one thing that wouldn’t stick. I don’t suppose they assumed I’d get as obsessed with it as I’m now. But my husband was very supportive, perhaps partly as a result of he knew he would lower your expenses as we already had numerous textbooks on the subject. Besides, he had a level within the discipline and has been within the trade for 20 years now. We proceed to help one another. He is such an excellent particular person to have round not solely as a mentor, but additionally if I’ve a query whereas investigating one thing or in an space which is outdoors my technical information. Also, it’s good to have the ability to simply chat about cyber stuff at residence. So sure, I feel initially everybody thought it might simply be a part, and I’d most likely return into drugs and proceed nursing college as soon as my husband bought out of the army, however that hasn’t been the case.
What have been the issues that you’d say has fashioned your profession as a risk intelligence skilled?
I’d say that after that first convention, I actually loved not solely attending conferences in particular person, but additionally nearly. I discover the analysis fascinating. Numerous the primary jobs I had in cybersecurity have been at startups with little or no sources and devoted cybersecurity employees. This meant that I hardly ever had a gaggle of different risk intelligence professionals within the firm that might educate me the best way issues are performed. Numerous instances it was a gaggle of interns who have been all equally misplaced looking for their manner via an issue. This is why I got here to worth individuals who share their analysis, do open-source tasks, or current their information at conferences. This was an opportunity for me to study. I relied on open-source tooling for the larger a part of my work, and it wasn’t till I gave my first convention discuss that I noticed I may very well be a kind of individuals who offers again to the group. It was a really heartfelt realization.
The first convention that I spoke at was GRIMMcon in 2020, which is considered one of my favourite conferences. I later talked on the SANS Threat looking & Incident Response Summit, and the SANS CTI Summit in 2021 and 2023. I nonetheless discover it very emotional every time I current. It is one thing that I look ahead to, as a method to pay again and join with the folks that I look as much as in our discipline. But essentially the most thrilling factor is that this 12 months, I truly bought to talk at ATT&CKcon in October 2023, which is the rationale why I’m in risk intelligence. Together with a Talos colleague, we introduced a speak about the advantages of making your personal information base utilizing ATT&CK as a taxonomy particularly for monitoring adversaries over time. It could be very particular for me and my household to carry this presentation, closing the circle.
What’s your single most vital piece of recommendation to individuals contemplating a profession in cybersecurity?
Don’t spend your time, cash, and energy getting a bunch of certificates earlier than what you actually need to do. I see lots of people are available in and so they instantly begin getting targeted on certificates. Some of these certifications value hundreds of {dollars} and are an enormous funding of your money and time. I did one of many entry-level extra inexpensive certifications, Sec+, and it has been very helpful for getting a foot within the door, however I’d say, don’t spend a bunch of money and time and energy, particularly for those who’re going to high school already. There’s solely a lot you possibly can soak up, and your mind might be already fried. Before you join something, first do your analysis, take a look at the kind of belongings you could be doing within the job, and solely seek for certificates that might doubtlessly profit that particular position.
Maybe you possibly can discuss a bit about social presence and model since you’re one of many professionals that has a transparent model.
I’d say there are two elements to it. First, for those who take pleasure in having your personal analysis or having your personal weblog. or something that you just need to share with the group (with out having to essentially ask permission or have somebody edit it and alter your imaginative and prescient), then having your personal weblog is tremendous helpful. Even if it has nothing to do with cyber, you can nonetheless share it with individuals and you can nonetheless construct up a social presence.
Having this social presence, particularly within the distant workforce, is a manner so that you can not solely promote your self, but additionally community with different professionals. I’ve met so many individuals simply by writing a weblog, after which somebody says, ‘oh my gosh, I love this blog. It really resonated with me.’ One of my greatest buddies within the discipline, John Doyle, wrote a weblog about burnout, which actually linked with me. When I learn it, I used to be deep within the pit of burnout, however I used to be in denial. After studying that weblog, I reached out to John to thank him.
The different a part of conserving an lively social presence has to do with expertise marketability. It’s vital to advertise your self, promote your personal model, particularly when issues don’t go as deliberate and perhaps you get laid off or the corporate hits arduous waters. You can then all the time attain out to a number of the individuals that you just’ve met via networking and see if there’s something that they’ll do to doubtlessly get you a brand new job.
What is the one factor you want you had identified at first of your cybersecurity profession?
The significance of soppy expertise and simply speaking to individuals. When you’re first beginning out in a profession discipline, it may be very intimidating. Luckily, I had a mentor early on who would inform me ’If you actually need to study in regards to the discipline, you need to study in regards to the various kinds of jobs on the market or if you wish to go work someplace, discuss to the folks that work there. Say hey, can we go get a espresso? Can I simply ask you just a few questions?’
This was truly how I bought my first job in cyber. I requested the CEO of a small native firm if he needed to have espresso, and he ended up hiring me whereas we have been on the cafe. It’s actually vital to not neglect that persons are simply individuals, even when they’re able of energy and smooth expertise are actually vital.
We’d love to listen to what you suppose. Ask a Question, Comment Below, and Stay Connected with Cisco Security on social!
Cisco Security Social Channels
Instagram
Facebook
Twitter
LinkedIn
Share: