Posts

Alls well that ends well...

 After the shock of loosing my job in June, I was fortunate to discover I had a very supportive network of friends, former colleagues and people I met over the years who provided much needed moral support who helped me move on. Eventually to a rather unique and special job at sektorcert helping protect Danish critical infrastructure.  Thanks to all of you who reached out with offers, coffee meetings and advice while I was on garden leave. Your comments significantly helped during this challenging time. I feel truly fortunate and grateful to be working where I am now, with a most excellent group of  colleagues. The combination of our mission and the fact we are a non profit organization that directly supports our members is a welcome change from the usual commercial aspects of every other company I have worked for over the past 30 + years, with the exception of Unicef. So I wish the readers a very Merry Christmas and a reasonably decent 2024; which is optimistic as hell; but that is wha

Laid off and Looking for the next interesting job...

 After a short but interesting time at a consulting company, where I focused on IR and dabbled in OT IR, they ran into pipeline issues and I was sent home on "garden leave".  I will miss them, I had great colleagues who amazed and impressed me with their skills. I got to focus on IR and the implications for OT and enjoyed being able to concentrate; make internal presentations, external presentation as well. Then my body told me I was too old for IR and the middle of the night calls, so I asked if it was possible to be moved into detection, where I was supposed to help with that. Maybe see how we could log OT devices etc. This was approved and after a few weeks, I got the call. Something changed I guess.  The last time I was laid off was 1990, so last century. Damn. But math is king and as inexorable as gravity. Neither is personal, shift happens. I reminded the team about the Innuit cultures habit of leaving the old out on the iceflow for the bears ;) The first time it happen
Welcome to 2023 During 2022, I was fortunate enough to be able to take a lot of high quality training; some due to work; the rest was online remote training that anyone with a credit card could sign up for. As I like to (try and) keep up with (some) new topics and try to understand them, I signed up for a subscription to Packt Press.The Black Friday sale was irresistible and their library of books and videos is substantial. Another activity I like to do is solving technical challenges. I know there is lot of free events out there, but I am a fan of Blue Team Labs ( https://blueteamlabs.online/ ) as they offer a great set of "Active Investigations" that are DFIR related. Plus there was yet another irresistible offer on Black Friday that was a great price performance. And since we typically work in a Microsoft-concentric world, please do not forget all the resources there. I'm doing this one .. https://learn.microsoft.com/en-us/training/paths/beginner-python/  From  Kevin V
 Update for 2022 Merry Christmas and a Happy New Year to everyone. Special shout out to those safeguarding civilization in all the many forms this takes. Being on call is not for everyone, is it ?  My last update was a while back and I am clearly overdue for an update we go into 2023. So lets cover some of my observations and personal highlights of 2022: The continued success and growth of EnergiCERT ( https://energicert.dk/ ) is certainly strengthening and benefiting the cyber security of  Danish critical infrastructure. Wonderful team of people, well managed and motivated. Yeah, I am biased ;) Engarde Security continues to grow and be noticed; now has expanded and with an ics range ( https://www.engardesecurity.com/icsrange )  Highly skilled people and the ics range is very well done. Enjoyed an excellent ICS Security conference in Copenhagen in November:  (https://insightevents.dk/isc-cph/ ) But I still miss CS3 (https://cs3sthlm.se/ ) for many non technical reasons. New Job - afte
 In 2017 I worked at an electrical distribution company as a security guy and eventually got to focus on ICS again. During this time I was very fortunate to be working for the right people in the right company to take and get the SANS GISCP, GRID and GCIP courses and certifications. I was physically at the 2019 SANS ICS Summit in Florida to take the GCIP, where I got to meet more than a few ICS legends. Not just the ones teaching, but this applied to most of the students and alot of the Summit attendees I met. I love taking remote classes; but nothing beats a live class. Traveling  post plague has lost a lot of the interest for me and I just do not enjoy it any more. I just renewed these ICS certifications earlier this year; thanks to SANS for making an updated copy available for a modest renewal fee.  Now I just wish we could buy the new ICS kit offered at the live courses, apparently supply chain problems are making that impossible for SANS. Some courses have been cancelled, due to l
I am a big fan of continuing education and have been fortunate to have worked for companies that have provided me with the chance to attend relevant courses and achieve some certifications to supplement my job experience.  Over the last 30+ years, I have taken a decent amount on courses. Over the next few blog entries, I will share some of these experiences. Course material aside, what makes a course go from "good" to excellent is, of course,  the instructor. I have been fortunate to have learned from some of the very best over the years. I only wish I could have been a better pupil. My "career" in IT is all due to a former boss, Lloyd Wiebe, who changed the work schedule around so I could take a 1 year college entry level programming course back in the mid 1980's. After graduating from the course on a Friday, I started teaching it in another town the following Monday...no kidding. That is all it took back in the day. Thank you Lloyd for your kindness. During th
More online training and books...and a GREAT new job ! :) Hey ! The interval between the last entry is due to my starting a new job and all the extra activities that goes with such a change. Very nice to again be feeling like a valued team member. There is an update to the Tony Robinson’s most excellent book, “ Building Virtual Machine Labs: A Hands-on Guide (Second Edition) “ I really appreciate when the author takes the time to update sections of their work and allows you to download the refreshed copy. Leanpub rocks…. The next online training – a refresher on malware analysis from TCM-SEC Very much looking forward to what Matt ( @HuskyHacksMK ) has to say. Based on one of my current focus area, I and reading three books this month – all from No Starch Press: https://nostarch.com/black-hat-python2E https://nostarch.com/automatestuff2 https://nostarch.com/beyond-basic-stuff-python