Twitter | Search | |
Robert M. Lee
Founder & CEO | SANS & course author & Certified Instructor | nonres Fellow | writer | NSA & USAF Veteran
16,799
Tweets
502
Following
26,471
Followers
Tweets
Robert M. Lee 14h
Again well done and I think you’re approaching it very well. Also you showed up to as you said, to learn. Props. You and Ben did great and with different opinions that’s how we’ll make the field better.
Reply Retweet Like
Robert M. Lee retweeted
Rob Joyce 19h
Best new effort you haven’t heard about: Free, open source, peer reviewed cybersecurity education curriculums. Please use and contribute. CLARK: Cybersecurity Labs and Resources Knowledge Base” effort to make the community better.
Reply Retweet Like
Robert M. Lee 16h
Replying to @DMetcalf2002
Don’t worry I’ll eventually get you there lol
Reply Retweet Like
Robert M. Lee 20h
Congrats you diva you :)
Reply Retweet Like
Robert M. Lee 20h
Replying to @alphastanley
I feel like I’m likely telling you all the things you know but feel free to hit me up if you’d like and we can chat - ultimately though you can’t go wrong with training and enabling the people.
Reply Retweet Like
Robert M. Lee 20h
Replying to @alphastanley
Answering questions like: how does this make my people more effective and efficient. Death by feature highlights is annoying so cut to use-cases that a reasonable person could accomplish.
Reply Retweet Like
Robert M. Lee 20h
Replying to @alphastanley
You know these things though. But also test out basic claims to weed out the noise folks, like buying BreakingPoint to test out throughput. Having folks use their own tech to do the things they claim you should be able to do (like an assessment instead of a POC).
Reply Retweet Like
Robert M. Lee 20h
Replying to @alphastanley
Hard challenge. And asking vendors sucks cause we’re all biased by what we love and believe in. But polling them all is a decent view of the art of the possible and then defining 3-5 year strategy. Lots get stuck on first couple requirements not thinking of next.
Reply Retweet Like
Robert M. Lee retweeted
Dragos, Inc. 20h
If you're at this week, be sure to stop by cabana B this afternoon at the Surfcomber Hotel to learn more about Dragos and see a demo of our asset ID, threat detection, and response platform!
Reply Retweet Like
Robert M. Lee 20h
Replying to @SustainableIQ
Yes AND thinking things originate in IT more often is fair but not necessarily your IT. Vendors, cloud connections, OEMs, etc.’s IT networks count too
Reply Retweet Like
Robert M. Lee 20h
Replying to @alphastanley
Or said simply: no one sane wants to build a tech company. You do it because it’s required. People, process, and tech - take the knowledge of unicorns and translate it to be approachable to the horses. Horns not required
Reply Retweet Like
Robert M. Lee 20h
Replying to @alphastanley
It’s a fair point and my own journey represents my struggle with that. Did the mission but lacked people, so went to teach at SANS but people don’t scale fast enough, so then I created a company on tech to scale knowledge. And the reality is it takes all.
Reply Retweet Like
Robert M. Lee 21h
Too much fun y’all - we all need to grab beers sometime
Reply Retweet Like
Robert M. Lee 21h
Thanks - added (Also Dan left before I hired him lol no poaching allowed).
Reply Retweet Like
Robert M. Lee 22h
Ben is also a kinder debater than I am. I would have had quips like “technically an any any rule on Snort can detect most attacks too, doesn’t make it an effective strategy.” Steve seems like the guy that comes prepared for my shenanigans though. Thx Dale for this
Reply Retweet Like
Robert M. Lee retweeted
Daniel Riedel 22h
health & safety-IT can cause unpredictable outcomes in OT. If you do not have the OT knowledge of consequences then a IT scan could causes a more catastrophic outcome. It’s not that you can or can’t detect, it’s the effect on the environment you need to have respect for.
Reply Retweet Like
Robert M. Lee 22h
Replying to @ItsReallyNick
I felt bad even tweeting that. But then I remembered has ICS skills too. Maybe having ICS sec skills made him a better IT Sec professional? ;)
Reply Retweet Like
Robert M. Lee 22h
Hey and are y’all looking for new jobs since ICS skills apparently aren’t needed? (Just trolling, love y’all, good debate).
Reply Retweet Like
Robert M. Lee 22h
There’s another reality to this debate on IT sec vs OT sec requirements and that’s resources. Many IT teams get told to pick up ICS which contains arguably more risk than enterprise but with little to no new resources. Inability to specialize and focus causes massive risk.
Reply Retweet Like
Robert M. Lee 22h
Replying to @bengoerz @BEERISAC
The right answer, IMO, is you need both. It’s not a compromise - it’s using the best you have to go against the worst in the world
Reply Retweet Like