Navigating the Gatekeepers of Cybersecurity

Shanief Webb is well-versed in the disciplines of computer science, cybersecurity, and digital forensics. He has over 8 years of diverse cybersecurity experience working for the FBI, Google, Cox Communications, IBM, Slack, Dropbox, and now Okta.

I had the pleasure of hosting Shanief on this week’s episode of Champions of Security. Here’s the full episode and the key takeaways from our conversation.

Key Takeaways

#1: Thoroughly Resolve Security Incidents During Post-Mortems

Shanief shared a story about malware that resurfaced after years to haunt a former employer. In this instance, an infected virtual machine had sat idle for years. The company had diagnosed the issue at one point and shut down the computer. But, nobody removed the malware. The unfinished action items caused another incident years down the line. Stories like these reinforce why remediating issues entirely during post-mortems is essential for a strong security posture.

#2: Detection-as-Code Reduces the Cost of False Positives

Visibility is expensive. Investigating false positive events, where there is no actual compromise, adds to the expense. The security industry constantly automates and improves its detection capabilities to combat false positives. Shanief provides an example of using automation to gauge the effectiveness of a phishing attempt. If a user is detected opening a phishing email, but no POST request is sent to the malicious server, then the user is probably not compromised. Chaining together security events can help teams reduce the number of false positives they investigate.

#3: Practitioners Can Help Others Overcome Security Gatekeepers

You’ve probably heard about the global cybersecurity talent shortage. It has become a catch-22 situation, where would-be practitioners cannot gain the necessary experience to land security jobs due to their lack of experience. Shanief suggests that current practitioners mentor others on overcoming the gatekeeping nature of cybersecurity roles. He also offers several hands-on methods for gaining knowledge while working towards a career in security.



Interested in talking security with me? Reach out to me on LinkedIn.

Did you find this blog helpful or interesting?

Click the social media button of your choice to share the blog with you friends and colleagues.

See a Live Demo of the Bionic Platform

CrowdStrike Bionic

Have you heard the news?

Bionic to be acquired by CrowdStrike to provide the industry’s most comprehensive cloud security platform. Together, we are creating the industry-defining cloud security platform, fully integrated from code to runtime.